Skip to main content

Documentation Index

Fetch the complete documentation index at: https://fileguard.dev/docs/llms.txt

Use this file to discover all available pages before exploring further.

FileGuard is designed with security-first principles for storing sensitive documents.

Multi-Tenant Isolation

Data Isolation

Each tenant’s files are completely isolated. API keys from one tenant cannot access another tenant’s files.

Separate Storage

Files are stored in tenant-specific S3 paths, preventing cross-tenant access.

API Key Security

Key Hashing

API keys are hashed with SHA-256 before storage. The original key value is never stored. 
Stored: SHA-256 hash
Returned: Only first 6 characters (prefix) for identification

Scope-Based Access Control

ScopePermissions
uploadUpload files only
downloadGet download URLs only
metadataRead file/context info only
deleteDelete files only
adminFull access
Follow least privilege: only grant scopes your application needs.

Key Status Management

ActionUse Case
DisableTemporarily suspend (can re-enable)
RevokePermanently invalidate
ExpireAutomatic expiration after set days

Pre-Signed URLs

Files are downloaded via pre-signed S3 URLs:
1

Request

Client calls FileGuard API with API key
2

Authorization

FileGuard validates API key and permissions
3

URL Generation

FileGuard generates time-limited pre-signed URL
4

Download

Client downloads directly from S3 (no credentials exposed)
Benefits:
  • API keys never sent to S3
  • URLs expire automatically (default: 5 minutes)
  • Bandwidth offloaded to S3

File Validation

Multiple layers of validation before storage:
  1. Extension whitelist - Only allowed file types
  2. Size limits - Prevent oversized uploads
  3. Blank detection - Reject empty/meaningless files
  4. Corrupt detection - Reject malformed files
  5. Virus scanning - ClamAV malware detection

Audit Logging

All sensitive operations are logged:
Logged DataPurpose
Who (performer ID, name, email)Accountability
What (entity, action)Tracking
When (timestamp)Timeline
Where (IP address, user agent)Forensics
Details (before/after values)Change tracking
Performer details are snapshotted at action time for compliance - they won’t change even if the user’s info is updated later.

Rate Limiting

Protect against abuse with configurable rate limits:
  • Tenant-level: Global limit for all uploads
  • Context-level: Per-context limits
When exceeded:
  • HTTP 429 response
  • Retry-After header
  • Rate limit headers

Storage Quotas

Control storage usage:
  • Tenant quota: Total storage across all contexts
  • Context quota: Per-context storage limits
Prevents runaway storage costs and ensures fair usage.

Best Practices

Never hardcode API keys in source code:
API_KEY = os.environ.get("FILEGUARD_API_KEY")
Create new keys and revoke old ones periodically. Use last_used_at to identify unused keys.
Different keys for development, staging, and production.
Keep reject_blank_files, reject_corrupt_files, and scan_for_viruses enabled unless you have a specific reason.
Use the minimum expires_in time needed for your use case.
Regularly review audit logs for suspicious activity.

Compliance

FileGuard’s features support various compliance requirements:
RequirementFeature
Data integritySHA-256 checksums for all files
Access controlScoped API keys, tenant isolation
Audit trailComprehensive audit logging
Data retentionSoft delete, configurable retention
Malware protectionClamAV virus scanning