Skip to main content
The HTTP API is the recommended way to upload content to Bunny Storage. It provides the best performance, stability, and security through a simple RESTful protocol.
For complete API documentation, see the Edge Storage API Reference.

Authentication

All requests require authentication using the AccessKey header with your storage zone password. 
AccessKey: your-storage-zone-password
Find your storage zone password in the FTP & API Access tab of your storage zone.
Use your storage zone password (AccessKey), not your global bunny.net API key or Stream API key.

Storage endpoints

The API endpoint depends on your storage zone’s primary region:
RegionEndpoint
Frankfurt, DEstorage.bunnycdn.com
London, UKuk.storage.bunnycdn.com
New York, USny.storage.bunnycdn.com
Los Angeles, USla.storage.bunnycdn.com
Singapore, SGsg.storage.bunnycdn.com
Stockholm, SEse.storage.bunnycdn.com
São Paulo, BRbr.storage.bunnycdn.com
Johannesburg, SAjh.storage.bunnycdn.com
Sydney, SYDsyd.storage.bunnycdn.com
Find your endpoint in the FTP & API Access page of your storage zone.

Upload a file

Upload files using a PUT request with the file content in the request body.

Request format

Method: PUT URL format: https://{region}.bunnycdn.com/{storageZoneName}/{path}/{fileName} Path parameters:
  • storageZoneName (required) - Your storage zone name
  • path (optional) - Directory path where the file will be stored (omit for root)
  • fileName (required) - Name for the uploaded file
Headers:
  • AccessKey (required) - Your storage zone password
  • Content-Type (optional) - MIME type of the file (e.g., image/jpeg, application/pdf)
  • Checksum (optional) - SHA256 checksum in HEX format (uppercase)
Request body: Raw binary file content (no encoding)

Example

curl -X PUT \
  https://storage.bunnycdn.com/your-zone-name/path/to/file.jpg \
  -H "AccessKey: your-storage-password" \
  -H "Content-Type: image/jpeg" \
  --data-binary "@/path/to/local/file.jpg"

With checksum

curl -X PUT \
  https://storage.bunnycdn.com/your-zone-name/path/to/file.jpg \
  -H "AccessKey: your-storage-password" \
  -H "Content-Type: image/jpeg" \
  -H "Checksum: SHA256_HASH_IN_UPPERCASE" \
  --data-binary "@/path/to/local/file.jpg"

Response codes

Status CodeDescription
201File uploaded successfully
400Upload unsuccessful (bad request)
401Invalid AccessKey, region hostname, or non-binary file format

Important considerations

File content must be raw binary: Send the file as raw binary in the request body without any encoding. Other formats will result in a 401 error.
  • Use the correct regional endpoint for your storage zone’s primary region
  • Checksum hashes must be SHA256 in HEX format and UPPERCASE
  • Always use --data-binary with curl to preserve binary data
  • The Content-Type header helps with proper file serving but is optional

Download a file

Download files using a GET request: 
curl -X GET \
  https://storage.bunnycdn.com/your-zone-name/path/to/file.jpg \
  -H "AccessKey: your-storage-password" \
  -o downloaded-file.jpg

List files

List files in a directory using a GET request to the directory path: 
curl -X GET \
  https://storage.bunnycdn.com/your-zone-name/path/to/directory/ \
  -H "AccessKey: your-storage-password"
Returns a JSON array of files and directories.

Delete a file

Delete files using a DELETE request: 
curl -X DELETE \
  https://storage.bunnycdn.com/your-zone-name/path/to/file.jpg \
  -H "AccessKey: your-storage-password"