Service overview

Last updated: Nov-14-2022

Before you dive into the details of Cloudinary's many asset management features and begin adding Cloudinary Programmable Media capabilities to your application, we recommend that you review this page to gain a high-level understanding about the service architecture, asset storage, security, and other details about how the Cloudinary service works.

See also
Developer get started guide. This guide walks you through the steps involved, and the questions you may need to consider at each step, in order to successfully integrate Cloudinary into your application code, from initial account creation and setup and through to delivering transformed and optimized media in production.

On this page:

Service architecture

Cloudinary's media asset management service includes:

  • High performance servers behind Elastic Load Balancers that support fast upload and download rates.
  • Highly available storage that promises that your assets are always available and safe.
  • High performance media processing servers for generating your requested images and videos.

By default, assets are stored in Amazon S3 buckets that are privately accessed for writing. These can be shared buckets, dedicated buckets or private buckets.

Note
Google Cloud Storage is also available for primary and/or backup storage. This is a premium feature that requires a special setup. For more information, contact customer support.

service architecture

Delivery lifecycle

The asset delivery lifecycle consists of 5 stages: Upload, Storage, Administration, Transformation, and Delivery.

Once the original file has been uploaded to Cloudinary, you can manage the asset via secured APIs or the Cloudinary Console, and embed dynamic asset URLs in your web page to deliver various versions of the original asset. The dynamic URLs include instructions on how to transform the asset before delivery.

The first time a transformed asset is requested via a dynamic delivery URL:

  1. The asset is requested by the user's browser.
  2. The asset request reaches the closest CDN edge server.
  3. The CDN edge servers checks if the asset is cached - it is not.
  4. The CDN edge server requests the asset from Cloudinary.
  5. Cloudinary generates the transformed asset as per the dynamic URL instructions.
  6. Cloudinary returns the asset to the CDN edge server.
  7. The CDN edge server caches the image and then returns the image to the user's browser.

Subsequent requests for the transformed asset via the same dynamic delivery URL:

  1. The asset is requested by the user's browser.
  2. The asset request reaches the closest CDN edge server.
  3. The CDN edge servers checks if the asset is cached - it is.
  4. The CDN edge server returns the image to the user's browser.

cloud architecture

For a complete reference of possible transformations see the Transformation URL API Reference.

Scaling

Cloudinary's architecture was built from the ground up to support high load and handle a practically unlimited amount of assets and usage. Cloudinary's service includes a multitude of powerful cloud-based upload and transformation servers, with each server optimized to handle a very high rate of uploads, downloads, and complex image transformations. Cloudinary's servers also automatically scale to easily manage large traffic peaks with advanced load balancers that are used to distribute the load between all our servers. Finally, an enterprise-grade content delivery network delivers assets quickly and efficiently through thousands of global delivery servers.

Security

Cloudinary's secure and safe cloud-based solution is accessible via secure and authenticated HTTPS APIs, with flexible access key provisioning. Cloudinary's security features include:

  • Automatic backup of assets to a secondary protected location.
  • Complete asset access control.
  • Restricted access to assets based on specific transformations, file types and referral sites via the Security page of the Console Settings.
  • Authenticated image access with signed URLs.
  • Access control with multiple user roles and permissions, leveraging two-factor authentication (2FA), 3rd-party service provider logins (such as Google or Github), or SSO. You can set these preferences via the Users page of the Cloudinary Console Settings.

Storage

Assets uploaded to Cloudinary and all generated assets are safely stored and managed by Cloudinary on high-performance servers that support fast upload and download rates.

By default, Amazon's Simple Storage Service (S3) is leveraged for asset management and assets are stored in S3 buckets that are privately accessed for writing. These can be shared buckets, dedicated buckets or private buckets.

Google Cloud Storage is also available for primary and/or backup storage. This is a premium feature that requires a special setup. For more information, contact customer support.

APIs

Cloudinary offers several Programmable Media APIs:

  • Upload API - methods for uploading assets, creating new assets such as text images, ZIP files and sprites, and transforming existing assets.
  • Admin API - A secure API with methods for browsing, deleting, and restoring existing assets, and for managing upload presets, upload mappings, and transformations. This API also includes the Search API and Metadata API.
  • Provisioning API - A secure API that enables account administrators to create and manage their account, product environments, users and user groups programmatically.
  • URL API - a URL-based API for delivering assets. Includes dynamic asset transformations, fetching remote images, and optimizing delivery of the assets. Asset URLs are dynamically mapped to CDN distributions that forward the requests to Cloudinary servers which generate the transformed asset on-demand and deliver them optimized to users.

URLs and endpoints

The URLs for accessing Cloudinary are based on your cloud name, and you can access your public web assets using dynamic URLs. The full URLs of the images or videos you deliver include various parts including the name of the asset, its version and transformation settings. However, all your delivery URLs use the same base URLs. You can view your base URLs and some sample URLs in the Product Environment Credentials section in the Cloudinary Console.

The base URL will also include your cloud name. For example, if your cloud name is 'demo', the base URLs will be:

  • 'api.cloudinary.com/v1_1/demo/' - the base URL for accessing Cloudinary's secure API.
  • 'https://res.cloudinary.com/demo/' - the base URL for Cloudinary's shared CDN Distribution (all Plans).
  • 'https://demo-res.cloudinary.com/' - the base URL for a private CDN Distribution (Advanced plans and higher only).

Building full URLs for accessing your assets is done automatically if you are using our SDKs. However, you can also build these URLs manually. For example, if your cloud name is 'demo' and you want to deliver the uploaded 'sample.jpg' file, simply point to:

Copy to clipboard
https://res.cloudinary.com/demo/image/upload/sample.jpg
example dynamic URL

This means that in your HTML code you can simply add the following tag:

Copy to clipboard
<img src="https://res.cloudinary.com/demo/image/upload/sample.jpg" />

For more information and details on constructing dynamic URLs see Delivering images using dynamic URLs.

Cloudinary Console

You can use the the web-based Cloudinary Console to administer your Cloudinary account and product environments.

Important
Your Cloudinary Console interface and available navigation options may look different than what's shown here. This new navigation experience will be rolled out to all customers by the end of December 2022.

Try it now: If your Console is still using the previous interface and you want to try out the new navigation experience now, you can activate it from the Account page in your Console Settings.

What's a product environment?

A product environment (previously known as a sub-account) is an entity within your account that includes an asset repository, some product environment-specific settings, and other elements that are stored in your product environment and help you manage it, such as upload presets, named transformations, and more.

A product environment can represent a production or staging environment, different organizations, products, or geographic sites that you want to manage separately within a single Cloudinary account.

You can manage the elements related to a product environment via the Cloudinary Console or programmatically using the Admin API.

Note
You can switch between the Programmable Media and Digital Asset Management products using the Product Selector located at the top left of your Console Console product selector.

This section describes the options available for the Programmable Media product. For details on working with Digital Asset Management, see the Digital Asset Management Overview.

Programmable Media Console

Console Options

The following options are available from the Console Options sidebar, located at the far left of the Console:

Option Description
Add-ons Manage your add-ons and upgrade add-on plans. Cloudinary add-ons provide additional functionality such as auto-tagging, automated asset moderation, anti-malware protection, AI, deep-learning and other analysis algorithms, face detection or recognition, and a variety of special transformation capabilities.

Nearly all add-ons offer a free tier that you can try regardless of your plan. For details on all available add-ons, see Cloudinary Add-ons.
Add new user Add new users to your account.
Help Access a variety of resources to learn more about working with Cloudinary including documentation, support request form, training courses and more.
Settings Manage your personal profile, account-level settings, and product environment-level settings. These settings allow you to control and tweak almost every aspect of your asset pipeline behavior.
Profile Update your personal information and preferences.

Programmable Media navigation options

When the Programmable Media product is selected, the following options are available from the Product Navigation menu:

Option Description
Getting Started Provides developer onboarding content including quick code snippets to help you configure SDKs, upload assets, deliver transformations, as well as introductory information about other Cloudinary features and resources.
Dashboard View details about your account, product environment, and plan as well as usage status of assets, transformations, storage, bandwidth and add-ons.
Media Library A UI for easily browsing and searching through your existing assets, drag & drop upload, and much more. For details, see the DAM user guide.
Transformations Provides various options to learn about, generate and manage transformations, including transformation cookbook recipes, named transformation management, and the transformation builder. For details, see Named transformations
Reports Get insight on your assets with usage reports, in-depth analytics and advice.
Product environment switcher Enables you to switch between product environments or create a new one.

Note: Free accounts support only one product environment.

Transformation counts

Your account's monthly pricing plan is in part dependent on the total number of transformations performed during a 30-day cycle. Transformation counts are impacted by each processing of an asset. For details, see How are transformations counted?.

Additional resources

✔️ Feedback sent!

Rate this page: