Your storage

File attachments your customers control. Not us.

DropOnAir never holds file bytes. We mint short-lived presigned URLs, your client uploads or downloads directly to your S3 / GCS / Azure bucket. Data residency stays where you put it.

S3 · GCS · Azure Blob·Bring your own bucket·Presigned URLs only

0 bytesfile content we ever store
3 providersS3 · GCS · Azure
Presigned URLsshort-lived, scope-limited
Per-app configeach app, its own bucket

Use cases

Where "your storage" stops being optional.

Healthcare / regulated data

HIPAA bind data to your AWS / Azure account, your audit logs, your retention. We never touch the bytes.

Healthcare · Compliance

Legal & data residency

EU-only bucket, US-only bucket — your choice, your region. We don't replicate, we don't cache, we don't see the file.

Legal · Residency

Enterprise IT & private cloud

Your Azure private endpoint, your VPC-hosted S3-compatible store — anywhere the SDK can fetch a presigned URL.

Enterprise · IT

Why DropOnAir for attachments

Storage you already manage stays the storage you manage.

Zero file bytes on our infra

We presign, your client uploads, your bucket receives. We literally cannot leak something we never had.

Short-lived presigned URLs

URLs expire in minutes, scoped to a single object, single operation (upload or download). Lost links become dead links fast.

Three providers, one API

Switch from S3 to GCS to Azure Blob by reconfiguring the destination in the panel. SDK code doesn't change.

Revoke & rotate

Attachment references can be revoked from the panel or via API. We refuse to mint new URLs for revoked objects.

Upload + send

Two SDK calls. The platform never sees the file.

Attachments in the SDK →

// 1) Ask for a presigned upload URL
const upload = await client.createUploadSession({
  filename: 'brief.pdf', contentType: 'application/pdf',
});

// 2) Client uploads bytes DIRECTLY to your bucket
await fetch(upload.url, { method: 'PUT', body: blob });

// 3) Reference the attachment in a message
await client.sendMessage(toUserId, text, { attachments: [upload.ref] });

What you ship in a week

A complete file-attachment story.

  • S3 · GCS · Azure Blob configurable per app
  • Presigned upload & download URLs
  • Attachment references inside messages
  • Thumbnail attachments linked to originals
  • Per-plan max attachment size + monthly cap
  • Revoke & rotate from the panel
  • Zero file bytes ever on DropOnAir infra

Technical reference

Build it with the SDK docs.

Attachments overviewPresigned URLs, upload sessions, refs.Sending messagesAttach an upload ref to a message.WebhooksReact to attachment upload events.

Ready to attach

Files where you already keep your data.

Your bucket, your audit trail, your retention. We carry the link, not the file.

Read the quick-startAttachments in the SDK