Developer Guide
API documentation for Client Gallery, Drive, and Messaging
gellhub Developer Console
Register integration apps, rotate secrets, and view connect analytics — similar to Stripe Dashboard or Meta Developer tools. Sign in with a gellhub account used by your engineering team (not your end customers).
Plans & pricing API
Fetch published packages and prices without authentication. Use these endpoints to show gellhub plans on your own site or to obtain planId for POST /api/register or POST /api/billing/checkout-session. When you pass your integration client_id, results are limited to the product line you chose for that app in the Developer Console (Client Gallery or Drive).
/api/public/plans?type=clientGalleryReturns a JSON array of Client Gallery plans: id, planType, name, description, features, storageLimitBytes, price, billingPeriod (monthly | annual), clientGalleryEnabled.
/api/public/plans?type=driveSame shape as above for Drive plans (planType is drive).
/api/public/plans?client_id=YOUR_CLIENT_IDReturns { allowedProductTypes, plans } — plans are only for the single product line (Client Gallery or Drive) bound to that app. Optional &type=clientGallery|drive must match the app (403 otherwise).
/api/public/plans/by-id?id=PLAN_CUID&client_id=YOUR_CLIENT_IDReturns one plan by id. With client_id, returns 403 if the plan’s product line is not allowed for that app (omit client_id for a generic public lookup).
Base URL examples: https://gellhub.com/api/public/plans?type=drive · https://gellhub.com/api/public/plans?client_id=YOUR_CLIENT_ID
Embedded connect (external sites & add-ons)
Use this when your product sends users to gellhub to sign up or subscribe; after checkout they return to your registered redirect URL with a one-time code. Only your backend can exchange the code, using your client id and client secret (OAuth-style confidential client). Never log the code or secret in the browser.
1. Partner app credentials
Your engineering team signs in to the gellhub Developer Console and creates one app per product environment. Each app is tied to one product line: Client Gallery or Drive (more lines may appear later). Register each exact callback URL you will use as return_url, then copy the client_id and one-time client_secret to your backend immediately: the secret is shown only once in the Console (yellow box) after create or after "Rotate secret" — gellhub stores only a hash, so the list view shows client_id only. End users of your product do not use the Console. Platform staff can moderate apps from admin Partner apps.
2. Security model
return_url must match a registered URI for that client_id. The exchange endpoint requires code + client_id + client_secret; codes are bound to the app that started the flow.
/api/integrations/connect/start?client_id=YOUR_CLIENT_ID&return_url=https://yourapp.com/oauth/gellhub/callback&state=RANDOM&plan=PLAN_ID&product=drive|clientGallery|messaging&next=register|loginStarts the flow: looks up your app, requires return_url to exactly match a registered redirect URI, sets httpOnly cookies, redirects to /register or /login. The product line must be allowed for this client_id: pass product=drive, product=clientGallery, or product=messaging, or pass plan= only (product is inferred from the plan and must still be allowed for the app).
/api/integrations/connect/contextReturns { active: true } when connect cookies are present (so your in-app UI can adjust copy). No secrets.
/api/integrations/connect/finalizeBrowser session only. After signup/login (and when no Stripe redirect is pending), returns { redirectUrl } to your return_url with ?code=…&state=…. Clears connect cookies.
{}/api/integrations/connect/exchangePartner backend only: redeem the code once with your app credentials. Returns profile id, email, studioId, driveId, apiKey, driveApiKey, messagingApiKey (auto-issued when messaging subscription exists), hasMessagingSubscription, accountKind, plan snapshot, and state. Wrong client or secret → 401; reused or expired code → 400. See also Partner verification below for ongoing checks.
{
"code": "from_return_url_query",
"client_id": "same as start",
"client_secret": "from server env only"
}After sign-in or registration, gellhub returns the user to your return_url with a one-time code — not to the gellhub dashboard — when embedded connect cookies are active. Email login returns connectRedirect from POST /api/login; Google sign-in and Stripe success use server redirects to the same partner URL. Paid gallery/drive plans may open Stripe first; success lands on GET /integrations/connect/stripe-return then your callback.
Paid plans: with connect cookies active, Stripe Checkout success is routed to GET /integrations/connect/stripe-return?session_id=… which verifies the Checkout Session and then redirects to your return_url with the same code pattern. You can still pass successUrl on POST /api/register if you build the URL yourself (must include {CHECKOUT_SESSION_ID}).
// 1) Redirect user to gellhub (client_id from Developer Console → Applications; return_url must match registered URIs)
window.location.href =
'https://gellhub.com/api/integrations/connect/start?' +
'client_id=' + encodeURIComponent('YOUR_CLIENT_ID') +
'&return_url=' + encodeURIComponent('https://yourapp.com/api/gellhub/callback') +
'&state=' + encodeURIComponent(csrfState) +
'&plan=' + planId; // product inferred from plan; must match app’s allowed services in Console
// 2) User finishes on gellhub → browser lands on your return_url?code=...&state=...
// 3) Your server only: exchange (never from the browser)
const r = await fetch('https://gellhub.com/api/integrations/connect/exchange', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
code,
client_id: process.env.GELLHUB_CLIENT_ID, // server env
client_secret: process.env.GELLHUB_CLIENT_SECRET,
}),
});
const account = await r.json();
// store account.profileId + keys for this merchant in your databasePartner verification
After Embedded connect, your SaaS stores a mapping between your tenant id (store, studio, merchant) and the gellhub profileId returned from POST /api/integrations/connect/exchange. Use the endpoints below to confirm the merchant is still registered, still linked to your app, and still subscribed to the product line you sell.
What gellhub does not provide
- No lookup by email — the merchant must complete connect first.
- No knowledge of your internal store ids — you map
yourStoreId ↔ profileId. - Do not call verify or exchange from the browser — server + client_secret only.
/api/integrations/connect/verifyCheck that a merchant profile is still registered on gellhub and linked to your client_id. Returns registered, linked, email, displayName, accountKind, hasMessagingSubscription, and plan snapshot (scope: gallery | drive | messaging). 404 when profile_id was never linked to your app.
{
"profile_id": "from exchange",
"client_id": "same as connect/start",
"client_secret": "from server env only"
}/api/billing/statusAuthoritative subscription check for a connected merchant. Call from your backend with the merchant's stored API key in x-api-key (sk_… gallery, drive key, or msg_… messaging). Returns scope, plan id/name/price, stripeStatus, currentPeriodEnd. Treat price=0 as eligible; for paid plans require stripeStatus active, trialing, or past_due.
Typical SaaS flow: on connect callback → exchange → save profileId + product key → enable the add-on. On a schedule or before sensitive actions → billing/status with the stored key; optionally connect/verify to confirm the link is still valid without exposing keys.
// After connect: store profileId + messagingApiKey (or apiKey / driveApiKey) per merchant
// Later — is this merchant still linked to our app?
const link = await fetch('https://gellhub.com/api/integrations/connect/verify', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
profile_id: merchant.gellhubProfileId,
client_id: process.env.GELLHUB_CLIENT_ID,
client_secret: process.env.GELLHUB_CLIENT_SECRET,
}),
});
if (link.status === 404) { /* never connected or unlinked */ }
// Later — is their Messaging subscription still active?
const bill = await fetch('https://gellhub.com/api/billing/status', {
headers: { 'x-api-key': merchant.messagingApiKey },
});
const j = await bill.json();
const eligible =
j.plan &&
(j.plan.price <= 0 ||
['active', 'trialing', 'past_due'].includes(String(j.stripeStatus || '').toLowerCase()));Authentication
Use only the API key. The platform derives your account from the key — no need to pass studioId or driveId in requests. Use apiKey (Client Gallery) or driveApiKey (Drive). Your Studio ID and Drive ID are shown in the dashboard for reference.
Required header (key only)
Send your API key in the x-api-key header. No account ID in the request.
x-api-key: sk_your_api_key_here
POST /api/register
{
"email": "studio@example.com",
"password": "your-password",
"displayName": "My Studio",
"accountType": "studio",
"planId": "optional_plan_id_from_GET_/api/public/plans",
"successUrl": "https://yourapp.com/billing/done?sid={CHECKOUT_SESSION_ID}",
"cancelUrl": "https://yourapp.com/billing/cancel"
}
// successUrl / cancelUrl: optional absolute URLs for Stripe return (omit to use platform dashboard defaults).
// planId must match accountType (clientGallery plan + studio, or drive plan + drive).
// Response includes keys + billing:
// - apiKey / driveApiKey: use in x-api-key for API calls
// - requiresPayment: true if plan has price > 0
// - checkoutUrl: open in browser to pay (same Stripe Checkout as the website)
// - checkoutError: if payment required but session failed — retry POST /api/billing/checkout-session with x-api-keyClient Gallery API
Manage collections, upload files, and share client galleries. Send apiKey in the x-api-key header — no Studio ID in the request.
/api/collectionsList all collections
/api/collectionsCreate a collection
{
"name": "Wedding 2024",
"clientName": "John Doe",
"date": "2024-06-15",
"categoryId": "cat_xxx"
}/api/categoriesList categories
/api/categoriesCreate a category
{
"name": "General"
}/api/uploadUpload file to a collection (server proxies to storage)
FormData: collectionId, clientName, file
/api/upload/presignGet presigned PUT URL (browser uploads directly to Wasabi; then call /api/upload/complete)
{
"collectionId": "",
"clientName": "",
"fileName": "",
"contentType": "",
"sizeBytes": 0
}/api/upload/completeRegister file after successful PUT to presigned URL
{
"collectionId": "",
"clientName": "",
"storageKey": "",
"fileName": "",
"contentType": "",
"sizeBytes": 0
}/api/collections/[id]/filesGet collection files (with signed URLs)
/api/media?t=TOKENStream file (use token from files response)
/api/studio/storageGet storage usage (usedBytes, limitBytes)
Drive API
File storage with folders. Send driveApiKey in the x-api-key header — no Drive ID in the request. External apps and large or batched uploads should use /api/drive/upload/presign then PUT to Wasabi, then /api/drive/upload/complete (same header on all three steps). Direct /api/drive/upload streams the whole file through this server and often times out on big files; your bucket CORS must allow PUT from the browser or server origin that performs the upload.
Partner apps (Developer Console): after the user completes POST /api/integrations/connect/exchange, uploads may include header x-gellhub-integration-client-id: YOUR_CLIENT_ID (or JSON field integrationClientId on presign/complete). gellhub creates a top-level Drive folder named like your app and stores files there; the Drive web UI treats that tree as read-only while your backend keeps full API access when the same header is sent. Omit the header for normal user uploads to My Drive root or a folder they own.
/api/drive?parentId= (optional) &includeIntegrationAppFolders=1 (optional; API keys always see app root folders at root)List folders and files. Browser dashboard hides partner app root folders unless includeIntegrationAppFolders=1.
/api/driveCreate folder
{
"name": "My Folder",
"parentId": null
}/api/drive/uploadUpload file (to root or folder; server proxies to storage)
FormData: folderId (optional), file
/api/drive/upload/presignPresigned PUT with x-api-key. With integration client id (header or body), files go under that app’s folder after connect exchange linked the account.
{
"fileName": "",
"contentType": "",
"sizeBytes": 0,
"folderId": null,
"integrationClientId": "optional; or header x-gellhub-integration-client-id"
}/api/drive/upload/completeRegister Drive file after successful PUT; send the same integration header/body as presign when used.
{
"storageKey": "",
"fileName": "",
"contentType": "",
"sizeBytes": 0,
"folderId": null,
"integrationClientId": "optional; match presign"
}/api/drive/items/[id]?type=file|folderJSON metadata; for files includes url and mediaToken for /api/drive/media (used by partner backends to resolve playback URL)
/api/drive/items/[id]?type=file|folderRename or move file/folder
{
"name": "New name",
"targetFolderId": "folder_id"
}/api/drive/items/[id]?type=file|folderMove to Recycle Bin (soft delete)
/api/drive/trashList items in Recycle Bin
/api/drive/trashRestore items from Recycle Bin
{
"fileIds": [],
"folderIds": []
}/api/drive/trashPermanently delete from Recycle Bin
{
"fileIds": [],
"folderIds": []
}/api/drive/storageGet used bytes and limit (subscription plan)
/api/drive/media?t=TOKENStream Drive file (use token from files response)
Messaging API
For registered GellHub accounts with an active Messaging plan. Sign in, open Dashboard → Messaging, generate a msg_… key, and send it as x-api-key on the endpoints below. Use this to connect WhatsApp bridges, mobile apps, or your own backend while keeping bot training in the dashboard.
GellHub AI engine. Replies run on the platform. You never choose inference models or third-party AI providers — only credits, agents, and conversations on your account.
SaaS partners can onboard Messaging via Embedded connect with product=messaging and a plan id from the public plans API.
Dashboard-only (cookie session)
End users manage keys in the dashboard. Integrators use the msg_… key on all /api/messaging/v1/* routes below.
/api/messaging/accountCredits balance, inbound/outbound counts, masked API key flag.
/api/messaging/api-keyCreate or rotate the Messaging API key (returns full msg_… once).
Bot & chat (x-api-key)
/api/messaging/v1/botRead-only snapshot: account credits, all agents, default agent (persona + handoff), embed settings, embedShareLink, HTML install snippets.
/api/messaging/v1/chatRun one AI turn. Response includes assistant content and creditsCharged. Do not send model or provider fields — GellHub picks the engine.
{
"channel": "api",
"agentId": "optional-agent-cuid",
"conversationRef": "whatsapp:+15551234567:thread-1",
"messages": [
{
"role": "user",
"content": "Hello"
}
]
}Agents API (x-api-key)
Create and manage bots for a connected account. Max 25 agents per profile. At least one agent must remain. Fields: name, botDisplayName, botRoleSummary, systemInstructions, handoff URLs, isDefault.
/api/messaging/v1/agentsList agents (id, name, botDisplayName, isDefault, sourcesCount, updatedAt).
/api/messaging/v1/agentsCreate an agent. First agent becomes default automatically.
{
"name": "Sales bot",
"botDisplayName": "Store assistant",
"botRoleSummary": "Help with products and prices",
"systemInstructions": "Be friendly and concise.",
"humanHandoffEnabled": false,
"isDefault": true
}/api/messaging/v1/agents/{id}Full agent record including systemInstructions and handoff settings.
/api/messaging/v1/agents/{id}Partial update. Set isDefault:true to make this the default agent for chat and widget.
{
"botDisplayName": "Updated name",
"systemInstructions": "New instructions…",
"isDefault": true
}/api/messaging/v1/agents/{id}Delete an agent. Fails if it is the only agent on the account.
Website widget API (x-api-key)
Enable the floating chat widget, set allowed domains, accent color, greeting, and launcher icon (emoji or HTTPS image). Response includes embedPublicId (emb_…), embedShareLink, and ready-to-paste embedCodeFloating / embedCodeButton.
embedLauncherIcon— emoji (e.g. 💬) or publichttps://…image URL for the floating buttonembedAllowedOrigins— hostnames only (e.g.shop.example.com)rotateEmbedId— optional on PUT; invalidates old emb_… id
/api/messaging/v1/embedRead current widget settings and install snippets.
/api/messaging/v1/embedSave widget settings. Requires at least one allowed domain when embedEnabled is true.
{
"embedEnabled": true,
"embedAllowedOrigins": [
"tenant-store.com",
"www.tenant-store.com"
],
"embedAccentColor": "#0d9488",
"embedLauncherIcon": "💬",
"embedShowLauncher": true,
"embedGreeting": "Hi! How can we help?",
"rotateEmbedId": false
}SaaS onboarding flow
- Register a Developer app with
allowedProductTypes: ["messaging"]in the Console. - Connect each merchant via Embedded connect (
product=messaging). - Merchant generates
msg_…in Dashboard → Messaging → API key (or your UI calls dashboard session endpoints). - Your backend calls
POST /api/messaging/v1/agentsthenPUT /api/messaging/v1/embedwith the merchant's key. - Paste
embedCodeFloatingon the tenant site or shareembedShareLinkin ads. - Route customer messages through
POST /api/messaging/v1/chat(WhatsApp bridge, app, etc.). - Enable Dynamic skills so booking/product questions call your webhook (0 AI credits).
Dynamic skills webhook
For live data (booking slots, product catalog, forms). GellHub detects keywords, POSTs to your HTTPS endpoint, validates the JSON response, and renders UI in the chat widget — without asking the LLM to build the interface. Skill turns cost 0 credits.
/api/messaging/skills-configDashboard session: read skillsEnabled, webhook URL, keyword triggers.
/api/messaging/skills-configDashboard session: save webhook + skill keyword triggers.
{
"skillsEnabled": true,
"skillsWebhookUrl": "https://yourstore.com/api/gellhub/skills",
"skillsWebhookSecret": "your-hmac-secret",
"skills": [
{
"key": "booking",
"label": "Booking",
"keywords": [
"book",
"appointment",
"schedule"
]
},
{
"key": "catalog",
"label": "Products",
"keywords": [
"product",
"price",
"catalog"
]
}
]
}/api/messaging/v1/skillsx-api-key (msg_…): read skills config for SaaS onboarding.
/api/messaging/v1/skillsx-api-key (msg_…): configure skills for a merchant programmatically.
{
"skillsEnabled": true,
"skillsWebhookUrl": "https://yourstore.com/api/gellhub/skills",
"skills": [
{
"key": "booking",
"label": "Booking",
"keywords": [
"book",
"appointment"
]
}
]
}Your webhook receives (POST):
{
"version": 1,
"skill": "booking",
"profileId": "…",
"conversationRef": "web:emb_…:visitor-id",
"visitorId": "visitor-id",
"channel": "web",
"message": "What times are available tomorrow?",
"messages": [{ "role": "user", "content": "…" }]
}Headers: X-GellHub-Timestamp, X-GellHub-Skill, optional X-GellHub-Signature (HMAC-SHA256 of timestamp + "." + body).
Respond with JSON (version 1):
{
"version": 1,
"message": "Available times tomorrow:",
"ui": {
"type": "slot_list",
"items": [
{ "id": "10:00", "title": "10:00", "subtitle": "30 min" },
{ "id": "11:30", "title": "11:30", "subtitle": "Available" }
]
}
}Allowed ui.type values (rendered by GellHub, not the LLM):
slot_list— booking/time buttonsproduct_cards— title, price, imageUrl, actionUrlbuttons— actionmessageorurliframe—url(HTTPS), optionalheightfor complex booking forms
Chat responses from POST /api/messaging/embed/v1/chat and POST /api/messaging/v1/chat may include an extra field ui alongside content.
Human handoff webhook (SaaS inbox)
When a visitor asks for a real person, GellHub POSTs to your platform — not GellHub notifications. Merchants embedded in your app never open GellHub; your store dashboard shows the alert and inbox.
/api/messaging/v1/handoffPer merchant (msg_…): set the same SaaS endpoint for all stores; route by profileId in the JSON body.
{
"handoffWebhookUrl": "https://your-saas.com/api/gellhub/handoff",
"handoffWebhookSecret": "your-hmac-secret"
}/api/messaging/v1/handoffRead handoff webhook URL for this merchant.
GellHub POSTs to your URL:
{
"version": 1,
"event": "handoff.requested",
"profileId": "clx…",
"conversationRef": "web:emb_…:visitor-uuid",
"conversationId": "…",
"visitorId": "visitor-uuid",
"agentId": "…",
"channel": "web",
"message": "I need to speak with someone on your team",
"requestedAt": "2026-05-25T12:00:00.000Z"
}Headers: X-GellHub-Timestamp, X-GellHub-Event = handoff.requested, optional X-GellHub-Signature (HMAC-SHA256 of timestamp + "." + body).
Routing many stores: keep a table your_store_id ↔ profileId when the merchant completes Embedded connect. On webhook, lookup store and push to that tenant's team only.
Iframe embed: the widget also sends postMessage with type: "gellhub:handoff" to window.parent for instant UI badges (webhook remains the source of truth).
Respond with HTTP 200 and optional JSON { "ok": true }. Your app handles staff replies in your own inbox API.
Website chat widget (per profile)
Each subscriber profile on GellHub can enable a hosted chat widget scoped to that account only. The browser never sees the secret msg_… key — only a public emb_… embed id plus an Origin allowlist configured in Messaging → Website widget.
SaaS apps with a msg_… key can use PUT /api/messaging/v1/embed to set accent color and floating button icon, and POST /api/messaging/v1/agents to create bots per tenant.
Direct chat link (ads)
https://gellhub.com/chat/emb_…
Install on merchant site
Floating bubble
<script src="https://gellhub.com/embed/gellhub-chat.js" data-embed-id="emb_…" data-chat-title="Store or bot name" data-launcher-icon="💬" data-launcher="true" async ></script>
Custom button
<script src="https://gellhub.com/embed/gellhub-chat.js" data-embed-id="emb_…" data-chat-title="Store or bot name" data-launcher="false" async ></script> <button type="button" onclick="window.GellHubChat && GellHubChat.open()">Chat</button>
/api/messaging/embed/v1/config?embedId=emb_…Public CORS: widget bootstrap (chatTitle, accentColor, launcherIcon, greeting, maxUserMessageChars). Origin must match allowlist or GellHub /chat/ host.
/api/messaging/embed/v1/chatPublic CORS: run one bot turn for the embed profile. Header x-gellhub-embed-id optional if embedId is in body. Response: { role, content, handoff? } — no API key or credit balance exposed.
{
"embedId": "emb_…",
"visitorId": "visitor-stable-id",
"messages": [
{
"role": "user",
"content": "What are your prices?"
}
]
}/api/messaging/embed-configDashboard session: read widget settings, embedShareLink, chatTitle, allowed domains, install snippets (cookie auth).
/api/messaging/embed-configDashboard session: save widget settings (same fields as PUT /api/messaging/v1/embed). Set rotateEmbedId:true to invalidate an old embed id.
{
"embedEnabled": true,
"embedAllowedOrigins": [
"yourstore.com"
],
"embedShowLauncher": true,
"embedAccentColor": "#0d9488",
"embedLauncherIcon": "💬",
"embedGreeting": "Hi! How can we help?",
"rotateEmbedId": false
}Billing & Stripe
Subscribe and pay with the same x-api-key you use for API calls (Client Gallery key or Drive key). The platform maps the key to your account and starts a Stripe Checkout session. You can also use a browser session after signing in at the dashboard.
See Plans & pricing API for GET /api/public/plans and GET /api/public/plans/by-id. Use planId on POST /api/register or POST /api/billing/checkout-session with x-api-key.
/api/billing/statusCurrent plan and Stripe subscription snapshot (gallery, drive, or messaging depending on the x-api-key)
/api/billing/checkout-sessionReturns { url } — open in a browser to complete payment. Optional successUrl/cancelUrl for server-to-browser flows.
{
"planId": "plan_xxx",
"successUrl": "https://yourapp.com/done?session_id={CHECKOUT_SESSION_ID}",
"cancelUrl": "https://yourapp.com/cancel"
}/api/billing/portalStripe Customer Portal (payment methods, cancel plan, invoices). Requires an existing Stripe customer (after first checkout).
{
"returnUrl": "https://yourapp.com/account"
}/api/billing/invoicesLists invoices and card charges for the customer behind this API key
Configure STRIPE_SECRET_KEY and webhook endpoint POST /api/webhooks/stripe with STRIPE_WEBHOOK_SECRET so subscriptions sync to your plan limits after payment.
Examples
cURL - List Drive files
curl -H "x-api-key: YOUR_DRIVE_API_KEY" \ "https://gellhub.com/api/drive"
cURL - Upload to Drive (small files only)
curl -X POST "https://gellhub.com/api/drive/upload" \ -H "x-api-key: YOUR_DRIVE_API_KEY" \ -F "folderId=FOLDER_ID" \ -F "file=@/path/to/image.jpg"
For external integrations, large files, or batch uploads, use presigned uploads below instead of proxy upload.
JavaScript - Drive presigned upload (recommended)
const apiKey = 'YOUR_DRIVE_API_KEY';
const file = fileInput.files[0];
const folderId = 'optional_folder_id_or_null';
// 1) Ask gellhub for presigned PUT URL
const presignRes = await fetch('https://gellhub.com/api/drive/upload/presign', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'x-api-key': apiKey,
},
body: JSON.stringify({
fileName: file.name,
contentType: file.type || 'application/octet-stream',
sizeBytes: file.size,
folderId: folderId || null,
}),
});
if (!presignRes.ok) throw new Error(await presignRes.text());
const { uploadUrl, storageKey, headers } = await presignRes.json();
// 2) Upload directly to object storage (Wasabi)
const putRes = await fetch(uploadUrl, {
method: 'PUT',
headers: { 'Content-Type': headers?.['Content-Type'] || file.type || 'application/octet-stream' },
body: file,
});
if (!putRes.ok) throw new Error('PUT failed: ' + putRes.status);
// 3) Finalize on gellhub
// If storage is not immediately visible, retry /complete a few times.
for (let attempt = 1; attempt <= 5; attempt++) {
const completeRes = await fetch('https://gellhub.com/api/drive/upload/complete', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'x-api-key': apiKey,
},
body: JSON.stringify({
storageKey,
fileName: file.name,
contentType: file.type || 'application/octet-stream',
sizeBytes: file.size,
folderId: folderId || null,
}),
});
if (completeRes.ok) {
const fileRecord = await completeRes.json();
console.log('Uploaded:', fileRecord);
break;
}
const err = await completeRes.json().catch(() => ({}));
const retryable = err?.error === 'upload_incomplete_or_mismatch' &&
err?.detail === 'object_not_visible_yet_retry_complete';
if (!retryable || attempt === 5) throw new Error(JSON.stringify(err));
await new Promise((r) => setTimeout(r, attempt * 1000));
}JavaScript - Create collection (Client Gallery)
const res = await fetch('https://gellhub.com/api/collections', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'x-api-key': 'YOUR_CLIENT_GALLERY_API_KEY'
},
body: JSON.stringify({
name: 'Wedding Album',
clientName: 'Jane Smith',
date: '2024-06-15',
categoryId: 'cat_xxx'
})
});
const collection = await res.json();JavaScript - Upload to collection
const formData = new FormData();
formData.append('collectionId', collection.id);
formData.append('clientName', 'Jane Smith');
formData.append('file', fileInput.files[0]);
await fetch('https://gellhub.com/api/upload', {
method: 'POST',
headers: { 'x-api-key': 'YOUR_CLIENT_GALLERY_API_KEY' },
body: formData
});Ready to build?
Create an account and get your API credentials