Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@strapi/provider-upload-cloudinary

Package Overview
Dependencies
Maintainers
8
Versions
1977
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@strapi/provider-upload-cloudinary

Cloudinary provider for strapi upload

Source
npmnpm
Version
0.0.0-next.d23f1485e5669cca1cee1bf5f8168b6b8109b78f
Version published
Weekly downloads
9.7K
6.44%
Maintainers
8
Weekly downloads
 
Created
Source

@strapi/provider-upload-cloudinary

Resources

  • LICENSE

Links

Installation

# using yarn
yarn add @strapi/provider-upload-cloudinary

# using npm
npm install @strapi/provider-upload-cloudinary --save

Configuration

  • provider defines the name of the provider
  • providerOptions is passed down during the construction of the provider. (ex: cloudinary.config). Complete list of options
  • actionOptions is passed directly to each method respectively allowing for custom options. You can find the complete list of upload/ uploadStream options and delete options

See the documentation about using a provider for information on installing and using a provider. To understand how environment variables are used in Strapi, please refer to the documentation about environment variables.

Provider Configuration

./config/plugins.js

module.exports = ({ env }) => ({
  // ...
  upload: {
    config: {
      provider: 'cloudinary',
      providerOptions: {
        cloud_name: env('CLOUDINARY_NAME'),
        api_key: env('CLOUDINARY_KEY'),
        api_secret: env('CLOUDINARY_SECRET'),
      },
      actionOptions: {
        upload: {},
        uploadStream: {},
        delete: {},
      },
    },
  },
  // ...
});

Security Middleware Configuration

Due to the default settings in the Strapi Security Middleware you will need to modify the contentSecurityPolicy settings to properly see thumbnail previews in the Media Library. You should replace strapi::security string with the object bellow instead as explained in the middleware configuration documentation.

./config/middlewares.js

module.exports = [
  // ...
  {
    name: 'strapi::security',
    config: {
      contentSecurityPolicy: {
        useDefaults: true,
        directives: {
          'connect-src': ["'self'", 'https:'],
          'img-src': ["'self'", 'data:', 'blob:', 'market-assets.strapi.io', 'res.cloudinary.com'],
          'media-src': [
            "'self'",
            'data:',
            'blob:',
            'market-assets.strapi.io',
            'res.cloudinary.com',
          ],
          upgradeInsecureRequests: null,
        },
      },
    },
  },
  // ...
];

Keywords

upload
cloudinary
strapi

FAQs

Package last updated on 24 Sep 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

PodRocket Podcast: Inside the Recent npm Supply Chain Attacks

Security News

PodRocket Podcast: Inside the Recent npm Supply Chain Attacks

Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.

By Sarah Gooding  -  Oct 02, 2025