File Storage & Signed URLs

Where files live, and how workers & browsers move bytes straight to S3 — without proxying through the app

1 · Signed-URL flow — the app never proxies file bytes

Worker

Writes run logs & step files

Browser

Views logs & downloads files

App

Mints signed URLs, returns a 307 redirect

Amazon S3

private bucket

ask → 307 + signed URL

upload bytes → presigned PUT

download bytes → presigned GET

2 · What's stored where

Execution data · expires, auto-cleaned

run logs · log slices · step files · trigger & webhook payloads · flow bundle

Permanent · kept until deleted

platform assets · profile pictures · sample data · package archives · project releases · flow-version backups · knowledge base

Amazon S3

PostgreSQL

bytea

AP_FILE_STORAGE_LOCATION=S3

or DB (default)

always Postgres

Opt-in: set AP_FILE_STORAGE_LOCATION=S3 + AP_S3_USE_SIGNED_URLS=true. Self-host defaults to Postgres. Presigned URLs expire in 7 days (configurable).

The app issues a JWT read-link /v1/files/:id?token that 307-redirects to the S3 presigned URL. Worker-writable: run logs, log slices, step files. Without signed URLs the app proxies bytes (Worker → App → S3).