Static Resources
Static Resources
The asset library lives per tenant at <TenantFolder>/StaticResources/.
Folder types
- StaticResources/ — the root. Read-only via API. Admin places branded assets here directly on the filesystem (logos, etc.). Auto-created on first call.
- StaticResources/<name>/ — managed sub-folders (icons/, backgrounds/, equipment/, etc.). Read-only via API; admin places assets here on the filesystem. Convention only — any name and any depth work.
- StaticResources/UserData/ — the only writable subtree. Tenant users can upload, list, fetch, and delete here. Auto-created on first call.
- StaticResources/UserData/<anything>/ — user-created sub-folders. Auto-created on upload at any depth.
Permissions summary
|
Folder |
Read (API) |
Write (API) |
|
StaticResources/ and any sub-folder (except UserData) |
Yes |
No (admin only, via filesystem) |
|
StaticResources/UserData/ (and its sub-folders) |
Yes |
Yes |
Upload limits (UserData only)
- Max file size: 10 MB
- Allowed extensions: image, font, pdf, audio, video, csv, txt, json, xml, zip
- Rejected: .exe, .apk, .bat, etc.
- Path traversal (..) is blocked
Example URLs
Fetch any asset:
GET /dashboard/StaticResources/logo.png
GET /dashboard/StaticResources/icons/blue/check.svg
GET /dashboard/StaticResources/UserData/photos/site-a/img.png
List:
GET /dashboard/StaticResourcesList (root)
GET /dashboard/StaticResourcesList/UserData (one level)
GET /dashboard/StaticResourcesList/UserData?recursive=1 (whole sub-tree)
GET /dashboard/StaticResourcesList?ext=.png,.svg (filter by extension)
Upload (multipart, file in any field):
POST /dashboard/StaticResources/UserData/notes.txt
POST /dashboard/StaticResources/UserData/photos/2026/img.png (sub-folders auto-created)
POST /dashboard/StaticResources/UserData/notes.txt?overwrite=false (refuse if exists → 409)
Delete (path in JSON body):
POST /dashboard/StaticResources/UserData/Delete
{ "path": "photos/2026/img.png" }
Rule of thumb
StaticResources/ is read-everywhere. UserData/ is the only place the API writes. Everything else is admin-managed.