How to Order
Attachments

Order Submission With Attachments

There are two methods available for submitting attachments with orders:

  1. Inline Method: Submitting attachments directly in the order creation request
  2. Pre-signed URL Method: Getting pre-signed URLs and uploading attachments separately

Each method has its own advantages:

MethodAdvantagesBest For
InlineSimple one-step processSmall files, few attachments
Pre-signed URLSupports larger file uploadsLarge files (>10MB), multiple attachments

Method 1: Base64 Encoded Attachment Submission

With the base64 method, you encode attachments as base64 strings and include them directly in your order payload.

curl -X POST 'https://example.com/graphql' \
  --header 'Authorization: Bearer <your-JWT-token>' \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "query": "mutation createOrder($order: OrderInput!) { createOrder(order: $order) { id } }",
    "variables": {
      "order": {
        // your order details here
        "attachments": ["JVBERi0xLjMKJcTl8uXrp...", "JVBERi0xLjQKJcfs..."],
      }
    }
  }'

How Base64 Encoded Attachment Upload Works

  1. File Encoding: Each file is read and encoded as a base64 string.
  2. Attachment Structure: Each attachment is represented as a string with the base64-encoded file content.
  3. Direct Inclusion: Attachments are included directly in the JSON payload rather than as separate form parts.

Limitations

  • Maximum file size: 10MB per attachment
  • Performance decreases with larger files

Method 2: Pre-signed URL Attachment Submission

For larger files or when you need to upload multiple attachments, we recommend using the pre-signed URL method. This is a two-step process:

  1. Request an order creation with pre-signed URLs
  2. Upload files directly to S3 using the provided URLs

Step 1: Request Pre-signed URLs

curl --X POST --location '<https://example.com/graphql>' \
  --header 'Authorization: Bearer <your-JWT-token>' \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "query": "mutation createOrder($order: OrderInput!) { createOrder(order: $order) { id presignedAttachmentUrls } }",
    "variables": {
      "order": {
        // Your order details here
        "numberOfAttachmentsToBeUploaded": 3
      }
    }
  }'

Step 2: Upload Files Using Pre-signed URLs

After receiving the pre-signed URLs, you can upload your files directly to S3:

# Upload first file
curl -X PUT -H "Content-Type: application/octet-stream" \
  --data-binary @<path-to-the-file-0> \
  "<pre-signed-url-0>"
 
# Upload second file
curl -X PUT -H "Content-Type: application/octet-stream" \
  --data-binary @<path-to-the-file-1> \
  "<pre-signed-url-1>"
 
# Upload third file
curl -X PUT -H "Content-Type: application/octet-stream" \
  --data-binary @<path-to-the-file-2> \
  "<pre-signed-url-2>"

Notes and Recommendations

File Size Limits:

  • For inline uploads: Maximum 10MB per file

Security Considerations:

  • Pre-signed URLs are valid for 1 hour after generation
  • Each URL can only be used once
  • Files are automatically scanned for viruses after upload

Best Practices:

  • Use pre-signed URLs for files larger than 10MB
  • For orders with multiple attachments, prefer the pre-signed URL method
  • Always check response status codes when uploading files via pre-signed URLs
ProlarisMyriad's Ordering REST API