Cloudinary Blog

Blog posts of 'Authentication' tag
Authentication via cookies for session-based access control

Controlling who can access your images and videos, and when, can be an important concern for your business and security workflow. You may have resources that you only want some of your users or employees to access, or you may need to make sure that your original resources are secure, and only transformed (edited) versions of your resources are delivered, e.g., with a watermark or logo displayed.

Cloudinary prides itself on the wide range of manipulations available via dynamic URLs, and there are huge benefits to using on-the-fly dynamic manipulations to deliver your public resources. But this flexibility for delivering resources may be too permissive in certain situations because simply changing or removing a dynamic Cloudinary URL parameter can deliver a new image on-the-fly. This can result in users tweaking a URL in order to access the original version of images, for example to view an image without the added watermark, minus the cropping parameters that have isolated a specific face in the image, or without the pixelate_faces effect hiding people's identity, etc.

Read more