Secure URLs is a security feature that protects files uploaded by your users through tokenized URLs. This guide explains how secure URLs work and how to manage this feature in your Aikeedo admin panel.
All files uploaded by your users are protected through tokenized URLs
The app automatically generates secure URLs whenever files need to be accessed
Files can only be accessed through valid tokenized URLs
Direct file URLs without tokens will not work
Secure URLs are completely transparent to your users - they won’t notice any difference in how they access files. The app automatically handles all security aspects behind the scenes.
Under the Configuration section, ensure your cloud storage adapter is selected
Toggle the “Secure URLs” switch to enable the feature
After enabling, all new files uploaded by your users will automatically be protected. Files uploaded before enabling this feature will remain accessible through their original URLs.
The app automatically generates new secure URLs whenever files are accessed
Each secure URL contains a token that expires after 1 hour
Users won’t notice the URL expiration - new secure URLs are generated automatically when needed
Users cannot bypass the security by sharing direct file URLs
Your users will have continuous access to their files. The 1-hour expiration only applies to individual secure URLs, not to the files themselves. New secure URLs are automatically generated when needed.
If you’ve enabled CDN in your cloud storage settings (like Digital Ocean Spaces CDN), ensure its edge caching time is set to 1 hour or less. Otherwise, the CDN might continue serving expired secure URLs to your users.
Some cloud storage providers may not support this feature
Old URLs will stop working if you disable secure URLs after enabling them
Once enabled, switching to a different cloud storage provider is not recommended as previously uploaded files will become inaccessible
If you’re using Cloudflare R2, secure URLs will only work with the default S3 API endpoint (<accountid>.r2.cloudflarestorage.com) and cannot be used with custom domains.
After enabling secure URLs, stick with your chosen cloud storage provider. Switching providers will break access to files uploaded with secure URLs enabled.
Verify secure URL support with your chosen cloud storage provider before enabling the feature.