github.com/git-lfs/git-lfs@v2.5.2+incompatible/docs/api/batch.md (about) 1 # Git LFS Batch API 2 3 Added: v0.6 4 5 The Batch API is used to request the ability to transfer LFS objects with the 6 LFS server. The Batch URL is built by adding `/objects/batch` to the LFS server 7 URL. 8 9 Git remote: https://git-server.com/foo/bar</br> 10 LFS server: https://git-server.com/foo/bar.git/info/lfs<br> 11 Batch API: https://git-server.com/foo/bar.git/info/lfs/objects/batch 12 13 See the [Server Discovery doc](./server-discovery.md) for more info on how LFS 14 builds the LFS server URL. 15 16 All Batch API requests use the POST verb, and require the following HTTP 17 headers. The request and response bodies are JSON. 18 19 Accept: application/vnd.git-lfs+json 20 Content-Type: application/vnd.git-lfs+json 21 22 See the [Authentication doc](./authentication.md) for more info on how LFS 23 gets authorizes Batch API requests. 24 25 ## Requests 26 27 The client sends the following information to the Batch endpoint to transfer 28 some objects: 29 30 * `operation` - Should be `download` or `upload`. 31 * `transfers` - An optional Array of String identifiers for transfer adapters 32 that the client has configured. If omitted, the `basic` transfer adapter MUST 33 be assumed by the server. 34 * `ref` - Optional object describing the server ref that the objects belong to. Note: Added in v2.4. 35 * `name` - Fully-qualified server refspec. 36 * `objects` - An Array of objects to download. 37 * `oid` - String OID of the LFS object. 38 * `size` - Integer byte size of the LFS object. Must be at least zero. 39 40 Note: Git LFS currently only supports the `basic` transfer adapter. This 41 property was added for future compatibility with some experimental transfer 42 adapters. See the [API README](./README.md) for a list of the documented 43 transfer adapters. 44 45 ```js 46 // POST https://lfs-server.com/objects/batch 47 // Accept: application/vnd.git-lfs+json 48 // Content-Type: application/vnd.git-lfs+json 49 // Authorization: Basic ... (if needed) 50 { 51 "operation": "download", 52 "transfers": [ "basic" ], 53 "ref": { "name": "refs/heads/master" }, 54 "objects": [ 55 { 56 "oid": "12345678", 57 "size": 123, 58 } 59 ] 60 } 61 ``` 62 63 #### Ref Property 64 65 The Batch API added the `ref` property in LFS v2.4 to support Git server authentication schemes that take the refspec into account. Since this is 66 a new addition to the API, servers should be able to operate with a missing or null `ref` property. 67 68 Some examples will illustrate how the `ref` property can be used. 69 70 * User `owner` has full access to the repository. 71 * User `contrib` has readonly access to the repository, and write access to `refs/heads/contrib`. 72 73 ```js 74 { 75 "operation": "download", 76 "transfers": [ "basic" ], 77 "objects": [ 78 { 79 "oid": "12345678", 80 "size": 123, 81 } 82 ] 83 } 84 ``` 85 86 With this payload, both `owner` and `contrib` can download the requested object, since they both have read access. 87 88 ```js 89 { 90 "operation": "upload", 91 "transfers": [ "basic" ], 92 "objects": [ 93 { 94 "oid": "12345678", 95 "size": 123, 96 } 97 ] 98 } 99 ``` 100 101 With this payload, only `owner` can upload the requested object. 102 103 ```js 104 { 105 "operation": "upload", 106 "transfers": [ "basic" ], 107 "ref": { "name": "refs/heads/contrib" }, 108 "objects": [ 109 { 110 "oid": "12345678", 111 "size": 123, 112 } 113 ] 114 } 115 ``` 116 117 Both `owner` and `contrib` can upload the request object. 118 119 ### Successful Responses 120 121 The Batch API should always return with a 200 status, unless there are some 122 issues with the request (bad authorization, bad json, etc). See below for examples of response errors. Check out the documented transfer adapters in the 123 [API README](./README.md) to see how Git LFS handles successful Batch responses. 124 125 Successful responses include the following properties: 126 127 * `transfer` - String identifier of the transfer adapter that the server 128 prefers. This MUST be one of the given `transfer` identifiers from the request. 129 Servers can assume the `basic` transfer adapter if none were given. The Git LFS 130 client will use the `basic` transfer adapter if the `transfer` property is 131 omitted. 132 * `objects` - An Array of objects to download. 133 * `oid` - String OID of the LFS object. 134 * `size` - Integer byte size of the LFS object. Must be at least zero. 135 * `authenticated` - Optional boolean specifying whether the request for this 136 specific object is authenticated. If omitted or false, Git LFS will attempt 137 to [find credentials for this URL](./authentication.md). 138 * `actions` - Object containing the next actions for this object. Applicable 139 actions depend on which `operation` is specified in the request. How these 140 properties are interpreted depends on which transfer adapter the client will 141 be using. 142 * `href` - String URL to download the object. 143 * `header` - Optional hash of String HTTP header key/value pairs to apply 144 to the request. 145 * `expires_in` - Whole number of seconds after local client time when 146 transfer will expire. Preferred over `expires_at` if both are provided. 147 Maximum of 2147483647, minimum of -2147483647. 148 * `expires_at` - String ISO 8601 formatted timestamp for when the given 149 action expires (usually due to a temporary token). 150 151 Download operations MUST specify a `download` action, or an object error if the 152 object cannot be downloaded for some reason. See "Response Errors" below. 153 154 Upload operations can specify an `upload` and a `verify` action. The `upload` 155 action describes how to upload the object. If the object has a `verify` action, 156 the LFS client will hit this URL after a successful upload. Servers can use this 157 for extra verification, if needed. If a client requests to upload an object that 158 the server already has, the server should omit the `actions` property 159 completely. The client will then assume the server already has it. 160 161 ```js 162 // HTTP/1.1 200 Ok 163 // Content-Type: application/vnd.git-lfs+json 164 { 165 "transfer": "basic", 166 "objects": [ 167 { 168 "oid": "1111111", 169 "size": 123, 170 "authenticated": true, 171 "actions": { 172 "download": { 173 "href": "https://some-download.com", 174 "header": { 175 "Key": "value" 176 }, 177 "expires_at": "2016-11-10T15:29:07Z", 178 } 179 } 180 } 181 ] 182 } 183 ``` 184 185 If there are problems accessing individual objects, servers should continue to 186 return a 200 status code, and provide per-object errors. Here is an example: 187 188 ```js 189 // HTTP/1.1 200 Ok 190 // Content-Type: application/vnd.git-lfs+json 191 { 192 "transfer": "basic", 193 "objects": [ 194 { 195 "oid": "1111111", 196 "size": 123, 197 "error": { 198 "code": 404, 199 "message": "Object does not exist" 200 } 201 } 202 ] 203 } 204 ``` 205 206 LFS object error codes should match HTTP status codes where possible: 207 208 * 404 - The object does not exist on the server. 209 * 410 - The object was removed by the owner. 210 * 422 - Validation error. 211 212 ### Response Errors 213 214 LFS servers can respond with these other HTTP status codes: 215 216 * 401 - The authentication credentials are needed, but were not sent. Git LFS 217 will attempt to [get the authentication](./authentication.md) for the request 218 and retry immediately. 219 * 403 - The user has **read**, but not **write** access. Only applicable when 220 the `operation` in the request is "upload." 221 * 404 - The Repository does not exist for the user. 222 * 422 - Validation error with one or more of the objects in the request. This 223 means that _none_ of the requested objects to upload are valid. 224 225 Error responses will not have an `objects` property. They will only have: 226 227 * `message` - String error message. 228 * `request_id` - Optional String unique identifier for the request. Useful for 229 debugging. 230 * `documentation_url` - Optional String to give the user a place to report 231 errors. 232 233 ```js 234 // HTTP/1.1 404 Not Found 235 // Content-Type: application/vnd.git-lfs+json 236 237 { 238 "message": "Not found", 239 "documentation_url": "https://lfs-server.com/docs/errors", 240 "request_id": "123" 241 } 242 ``` 243 244 HTTP 401 responses should include an `LFS-Authenticate` header to tell the 245 client what form of authentication it requires. If omitted, Git LFS will assume 246 Basic Authentication. This mirrors the standard `WWW-Authenticate` header with 247 a custom header key so it does not trigger password prompts in browsers. 248 249 ```js 250 // HTTP/1.1 401 Unauthorized 251 // Content-Type: application/vnd.git-lfs+json 252 // LFS-Authenticate: Basic realm="Git LFS" 253 254 { 255 "message": "Credentials needed", 256 "documentation_url": "https://lfs-server.com/docs/errors", 257 "request_id": "123" 258 } 259 ``` 260 261 The following status codes can optionally be returned from the API, depending on 262 the server implementation. 263 264 * 406 - The Accept header needs to be `application/vnd.git-lfs+json`. 265 * 429 - The user has hit a rate limit with the server. Though the API does not 266 specify any rate limits, implementors are encouraged to set some for 267 availability reasons. 268 * 501 - The server has not implemented the current method. Reserved for future 269 use. 270 * 507 - The server has insufficient storage capacity to complete the request. 271 * 509 - The bandwidth limit for the user or repository has been exceeded. The 272 API does not specify any bandwidth limit, but implementors may track usage. 273 274 Some server errors may trigger the client to retry requests, such as 500, 502, 275 503, and 504.