One Declarative Pipeline. Every File Operation.
Describe upload, scan, transform, store, and serve as steps in a single pipeline. One run does it all, with observable status, signed webhooks, scoped API keys, and roles built in.
{ "steps": [ { "id": "verify", "use": "file/verify", "input": ":original" }, { "id": "scan", "use": "file/virusscan", "input": ":verify" }, { "id": "thumb", "use": "image/resize", "input": ":scan", "params": { "width": 512 } }, { "id": "serve", "use": "file/serve", "input": ":thumb" } ]}Pipelines As JSON.
Save a pipeline through the API, or send an ad-hoc definition inline with a run. A pipeline is a steps array, each step naming a processor and its input.
Steps route by reference.
Each step's input references a previous step's output by id (:stepId) or the original upload (:original). That wiring is the routing: outputs flow into the next step's input. Forward references and cycles are rejected before a run starts.
- Reference :original or any prior :stepId
- Set params, inputs, and compute at the step or pipeline level
- Validated as a DAG; forward refs and cycles are rejected
Real processors.
Drop any of these in as a use step.
- image/resizeResize images
- image/convertConvert formats
- image/compressCompress images
- document/convertConvert documents
- document/thumbsDocument thumbnails
- file/hashContent hash
- file/verifyVerify by magic bytes
- file/virusscanVirus scan
- file/serveSigned delivery URL
- s3/storeStore to S3
- cloudflare/storeStore to R2
- speech/transcribeTranscribe audio
- image/ocrExtract text
- image/describeDescribe images
See Exactly What Each Run Did.
A run exposes its status and every step's status, outputs, errors, and timing. When something fails, you get a machine-readable reason, not a guess.
- Run status: queued, running, succeeded, failed, cancelled
- Per-step status, outputs, and errors
- Timing: startedAt, finishedAt, durationMs
- Per-step usage and billing events
Signed Webhooks On Every Run.
Subscribe to pipeline.run.succeeded and pipeline.run.failed. Every delivery is signed so you can verify it came from Filebot.
HMAC-SHA256 signatures
Each delivery carries an X-Filebot-Signature v1= header with a timestamp, verified against a replay window.
Automatic retries
Failed deliveries retry with exponential backoff, up to 6 attempts from one minute to one day, then dead-letter.
Delivery attempts
List every delivery attempt for a webhook so you can see exactly what was sent and when.
Built To Keep Trying.
Transient failures should not lose work. Webhook deliveries and queued jobs both retry on their own, so a momentary hiccup does not become a dropped event.
Webhook delivery retries
Exponential backoff up to 6 attempts, then a dead-letter so nothing is silently lost.
Queue-level job retries
Queued processing jobs are retried, so a single transient error does not fail the run.
Scoped API Keys.
Every API key carries resource and action scopes, so a key only does what you grant it. Secrets are revealed once at creation and stored hashed.
- Resources: runs, pipelines, webhooks, credentials
- Actions: read, write, or * for full access
- Secrets are reveal-once and stored hashed
- SSRF guards on imports and webhook targets
{
"runs": ["read", "write"],
"webhooks": ["read"]
}Users, Roles, And Permissions.
Organizations group your team. Members hold a role, you invite by email, and changes are recorded in an audit log.
Owner, admin, member
Three roles scope what each member can do.
Email invitations
Invite teammates into your organization by email.
Audit log
Member and API-key changes are recorded.