contract_view (view) and a bearer token.
Presign
POST /files/presign requests a signed upload URL and an upload token.Minimum 0.
Must be one of the tenant’s allowed file kinds (contract originals, invoices, receipts,
acceptance reports, and other evidence types).
Upload
PUT the file bytes directly to the signed URL returned by the presign step. Alforse’s API
is not in this request path — this goes straight to object storage.Confirm
POST /files/confirm tells the API the upload finished, so it can verify the object,
trigger scanning, and record file metadata.The token returned by the presign step.
Download a file
GET /files/:id/download · requires contract_view (view)
FILE_SCAN_MODE and
FILE_DOWNLOAD_REQUIRES_CLEAN_SCAN — see Configuration.
A file that hasn’t cleared scanning yet may not be downloadable depending on that policy.
See Contract Intake for how this flow fits into creating a contract
from a scanned PDF, and Evidence Trail for how uploaded files surface
later.