Upload a New File to the Specified Folder disk.folder.uploadfile
Scope:
diskWho can execute the method: a user with "Add" access permission for the required folder
The method disk.folder.uploadfile uploads a new file to the specified folder.
Method Parameters
Required parameters are marked with *
|
Name |
Description |
|
id* |
Identifier of the folder where the file needs to be uploaded. The identifier can be obtained using the method disk.storage.getchildren if the folder is in the root of the storage, and using the method disk.folder.getchildren if the folder is in another folder |
|
data* |
An array with the field Optional if the file is uploaded not directly, but via URL. An example of uploading a file via URL is provided below |
|
fileContent |
An array containing the file name and a string with Base64. If the parameter is not provided, the method does not upload the file but returns the URL for uploading |
|
rights |
An array of access permissions for the uploaded file in the format
User categories:
The list of available |
|
generateUniqueName |
Generate a unique file name if a file with that name already exists. For example, file (1).docx. Possible values:
Default is |
Code Examples
How to Use Examples in Documentation
Direct File Upload
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"id":8930,"data":{"NAME":"test.png"},"fileContent":["test.png","iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII="],"generateUniqueName":true,"rights":[{"TASK_ID":75,"ACCESS_CODE":"U1271"}]}' \
https://**put_your_bitrix24_address**/rest/**put_your_user_id_here**/**put_your_webhook_here**/disk.folder.uploadfile
curl -X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{"id":8930,"data":{"NAME":"test.png"},"fileContent":["test.png","iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII="],"generateUniqueName":true,"rights":[{"TASK_ID":75,"ACCESS_CODE":"U1271"}],"auth":"**put_access_token_here**"}' \
https://**put_your_bitrix24_address**/rest/disk.folder.uploadfile
try {
const response = await $b24.callMethod(
'disk.folder.uploadfile',
{
id: 8930,
data: {
NAME: 'test.png',
},
fileContent: [
'test.png',
'iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII=',
],
generateUniqueName: true,
rights: [
{
TASK_ID: 75,
ACCESS_CODE: 'U1271'
}
]
}
);
const result = response.getData().result;
console.log(result);
processResult(result);
} catch (error) {
console.error('Error:', error);
}
try {
$response = $b24Service
->core
->call(
'disk.folder.uploadfile',
[
'id' => 8930,
'data' => [
'NAME' => 'test.png'
],
'fileContent' => [
'test.png',
'iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII='
],
'generateUniqueName' => true,
'rights' => [
[
'TASK_ID' => 75,
'ACCESS_CODE' => 'U1271'
]
]
]
);
$result = $response
->getResponseData()
->getResult();
echo 'Success: ' . print_r($result, true);
processData($result);
} catch (Throwable $e) {
error_log($e->getMessage());
echo 'Error uploading file: ' . $e->getMessage();
}
BX24.callMethod(
"disk.folder.uploadfile",
{
id: 8930,
data: {
NAME: "test.png"
},
fileContent: [
'test.png',
'iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII=',
],
generateUniqueName: true,
rights: [
{
TASK_ID: 75,
ACCESS_CODE: 'U1271'
}
]
},
function (result)
{
if (result.error())
console.error(result.error());
else
console.dir(result.data());
}
);
require_once('crest.php');
$result = CRest::call(
'disk.folder.uploadfile',
[
'id' => 8930,
'data' => [
'NAME' => 'test.png'
],
'fileContent' => [
'test.png',
'iVBORw0KGgoAAAANSUhEUgAAAD4AAABDCAYAAADEfbZbAAAACXBIWXMAABJ0AAASdAHeZh94...rk5CYII='
],
'generateUniqueName' => true,
'rights' => [
[
'TASK_ID' => 75,
'ACCESS_CODE' => 'U1271'
]
]
]
);
echo '<PRE>';
print_r($result);
echo '</PRE>';
Uploading a File via URL
-
Call the method and pass only the
IDof the folder.cURL (Webhook)cURL (OAuth)JSPHPBX24.jsPHP CRestcurl -X POST \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d '{"id":8930}' \ https://**put_your_bitrix24_address**/rest/**put_your_user_id_here**/**put_your_webhook_here**/disk.folder.uploadfilecurl -X POST \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d '{"id":8930,"auth":"**put_access_token_here**"}' \ https://**put_your_bitrix24_address**/rest/disk.folder.uploadfiletry { const response = await $b24.callMethod( 'disk.folder.uploadfile', { id: 8930, } ); const result = response.getData().result; console.log(result); processResult(result); } catch( error ) { console.error('Error:', error); }try { $response = $b24Service ->core ->call( 'disk.folder.uploadfile', [ 'id' => 8930 ] ); $result = $response ->getResponseData() ->getResult(); echo 'Success: ' . print_r($result, true); processData($result); } catch (Throwable $e) { error_log($e->getMessage()); echo 'Error uploading file: ' . $e->getMessage(); }BX24.callMethod( "disk.folder.uploadfile", { id: 8930 }, function (result) { if (result.error()) console.error(result.error()); else console.dir(result.data()); } );require_once('crest.php'); $result = CRest::call( 'disk.folder.uploadfile', [ 'id' => 8930 ] ); echo '<PRE>'; print_r($result); echo '</PRE>'; -
In response, you will receive a URL for uploading
UploadUrland the form field namefield."result": { "field": "file", "uploadUrl": "https://test.bitrix24.com/rest/upload.json?auth=929b78690000071b006e2cf2000004f5000007dde54ef79d3b6e5c447d8f8a714563bd&token=disk%7CaWQ9ODkzMCZnZW5lcmF0ZVVuaXF1ZU5hbWU9MCZfPU4zS0pqUFJiVDFSengzUmpUaTVPcGM4R1VQTlFkTWU0%7CInVwbG9hZHxkaXNrfGFXUTlPRGt6TUNablpXNWxjbUYwWlZWdWFYRjFaVTVoYldVOU1DWmZQVTR6UzBwcVVGSmlWREZTZW5nelVtcFVhVFZQY0dNNFIxVlFUbEZrVFdVMHw5MjliNzg2OTAwMDAwNzFiMDA2ZTJjZjIwMDAwMDRmNTAwMDAwN2RkZTU0ZWY3OWQzYjZlNWM0NDdkOGY4YTcxNDU2M2JkIg%3D%3D.OHwSxVni%2FKX9Pw%2FyMzpfR974ImX5bC0sigTqA0UTCp8%3D" }, "time": { "start": 1769511710, "finish": 1769511710.411701, "duration": 0.411700963973999, "processing": 0, "date_start": "2026-01-27T14:01:50+02:00", "date_finish": "2026-01-27T14:01:50+02:00", "operating_reset_at": 1769512310, "operating": 0 } -
Send the file to the received address
UploadUrlusing a POST request with the typemultipart/form-data. The field name for the file inside this request must match the value of thefieldparameter from the response.http --form POST "https://test.bitrix24.com/rest/upload.json?auth=929b78690000071b006e2cf2000004f5000007dde54ef79d3b6e5c447d8f8a714563bd&token=disk%7CaWQ9ODkzMCZnZW5lcmF0ZVVuaXF1ZU5hbWU9MCZfPU4zS0pqUFJiVDFSengzUmpUaTVPcGM4R1VQTlFkTWU0%7CInVwbG9hZHxkaXNrfGFXUTlPRGt6TUNablpXNWxjbUYwWlZWdWFYRjFaVTVoYldVOU1DWmZQVTR6UzBwcVVGSmlWREZTZW5nelVtcFVhVFZQY0dNNFIxVlFUbEZrVFdVMHw5MjliNzg2OTAwMDAwNzFiMDA2ZTJjZjIwMDAwMDRmNTAwMDAwN2RkZTU0ZWY3OWQzYjZlNWM0NDdkOGY4YTcxNDU2M2JkIg%3D%3D.OHwSxVni%2FKX9Pw%2FyMzpfR974ImX5bC0sigTqA0UTCp8%3D" file@/path/to/file.png -
In case of success, the server will return an array with data about the uploaded file.
Uploading a File via URL in PHP
<?php
require_once (__DIR__.'/crest.php');
$path = __DIR__ . '/pic.jpg';
$folderId = 1;
$result = [];
if (file_exists($path))
{
$file = CRest::call(
'disk.folder.uploadfile',
[
'id' => $folderId,
]
);
if (!empty($file['result']['uploadUrl']))
{
$info = pathinfo($path);
if ($info['basename'])
{
$delimiter = '-------------' . uniqid('', true);
$name = $info['basename'];
$mime = mime_content_type($path);
$content = file_get_contents($path);
$body = '--' . $delimiter. "\r\n";
$body .= 'Content-Disposition: form-data; name="file"';
$body .= '; filename="' . $name . '"' . "\r\n";
$body .= 'Content-Type: ' . $mime . "\r\n\r\n";
$body .= $content . "\r\n";
$body .= "--" . $delimiter . "--\r\n";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $file['result']['uploadUrl']);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
curl_setopt(
$ch,
CURLOPT_HTTPHEADER,
[
'Content-Type: multipart/form-data; boundary=' . $delimiter,
'Content-Length: ' . strlen($body),
]
);
$out = curl_exec($ch);
try
{
$result = json_decode($out, true, 512, JSON_THROW_ON_ERROR);
}
catch (JsonException $e)
{
$result = [
'error' => $e->getMessage(),
];
}
}
}
}
echo '<pre>';
print_r($result);
echo '</pre>';
?>
Response Handling
HTTP Status: 200
{
"result": {
"ID": 9011,
"NAME": "test.png",
"CODE": null,
"STORAGE_ID": "1357",
"TYPE": "file",
"PARENT_ID": "8930",
"DELETED_TYPE": 0,
"GLOBAL_CONTENT_VERSION": 1,
"FILE_ID": 32877,
"SIZE": "1679",
"CREATE_TIME": "2026-01-27T13:06:55+02:00",
"UPDATE_TIME": "2026-01-27T13:06:55+02:00",
"DELETE_TIME": null,
"CREATED_BY": "1269",
"UPDATED_BY": "1269",
"DELETED_BY": null,
"DOWNLOAD_URL": "https://test.bitrix24.com/rest/download.json?auth=929b78690000071b006e2cf2000004f5000007dde54ef79d3b6e5c447d8f8a714563bd&token=disk%7CaWQ9OTAxMSZfPUFKQTNyWWVLZkxVdEw0VDRjY1QyOGpyN1NqYXZneFRI%7CImRvd25sb2FkfGRpc2t8YVdROU9UQXhNU1pmUFVGS1FUTnlXV1ZMWmt4VmRFdzBWRFJqWTFReU9HcHlOMU5xWVhabmVGUkl8OTI5Yjc4NjkwMDAwMDcxYjAwNmUyY2YyMDAwMDA0ZjUwMDAwMDdkZGU1NGVmNzlkM2I2ZTVjNDQ3ZDhmOGE3MTQ1NjNiZCI%3D.XX%2BUFpxsl2eoLuCwolEaMKsrAJ5IIpIPmzg1j6QOuE0%3D",
"DETAIL_URL": "https://test.bitrix24.com/company/personal/user/1269/disk/file/Folder/Folder in folder/test.png"
},
"time": {
"start": 1769508415,
"finish": 1769508416.040339,
"duration": 1.0403389930725098,
"processing": 1,
"date_start": "2026-01-27T13:06:55+02:00",
"date_finish": "2026-01-27T13:06:56+02:00",
"operating_reset_at": 1769509015,
"operating": 0.7169051170349121
}
}
Returned Data
|
Name |
Description |
|
result |
An array with file fields |
|
ID |
Identifier of the file |
|
NAME |
Name of the file |
|
CODE |
Symbolic code of the file |
|
STORAGE_ID |
Identifier of the storage where the file is located |
|
TYPE |
Type of the object |
|
PARENT_ID |
Identifier of the parent folder |
|
DELETED_TYPE |
Deletion status of the object. Possible values:
|
|
GLOBAL_CONTENT_VERSION |
Incremental version counter of the file |
|
FILE_ID |
Internal value of the file identifier |
|
SIZE |
Size of the file in bytes |
|
CREATE_TIME |
Date and time of file creation |
|
UPDATE_TIME |
Date and time of the last file update |
|
DELETE_TIME |
Date and time of moving the file to the trash |
|
CREATED_BY |
Identifier of the user who created the file |
|
UPDATED_BY |
Identifier of the user who made the last change |
|
DELETED_BY |
Identifier of the user who deleted the file |
|
DOWNLOAD_URL |
Link to download the file |
|
DETAIL_URL |
Link to open the file in the interface |
|
time |
Information about the execution time of the request |
Error Handling
HTTP Status: 400
{
"error":"ERROR_NOT_FOUND",
"error_description":"Could not find entity with id `X`"
}
|
Name |
Description |
|
error |
String error code. It may consist of digits, Latin letters, and underscores |
|
error_description |
Textual description of the error. The description is not intended to be shown to the end user in its raw form |
Possible Error Codes
|
Code |
Description |
Value |
|
|
Invalid value of parameter |
The required parameter |
|
|
Could not find entity with id |
The folder with the specified |
|
|
Error: required parameter NAME (DISK_BASE_SERVICE_22001) |
The required parameter |
|
|
Could not save file |
Failed to save the file. Check free space on the Disk and the correctness of data encoding |
|
|
Access denied |
Insufficient rights to add the file |
Statuses and System Error Codes
HTTP Status: 20x, 40x, 50x
The errors described below may occur when calling any method.
|
Status |
Code |
Description |
|
|
|
An internal server error has occurred, please contact the server administrator or Bitrix24 technical support |
|
|
|
An internal server error has occurred, please contact the server administrator or Bitrix24 technical support |
|
|
|
The request intensity limit has been exceeded |
|
|
|
The current method is not allowed to be called using batch |
|
|
|
The maximum length of parameters passed to the batch method has been exceeded |
|
|
|
Invalid access token or webhook code |
|
|
|
The methods must be called using the HTTPS protocol |
|
|
|
The REST API is blocked due to overload. This is a manual individual block, to remove it you need to contact Bitrix24 technical support |
|
|
|
The REST API is available only on commercial plans |
|
|
|
The user whose access token or webhook was used to call the method lacks permissions |
|
|
|
The manifest is not available |
|
|
|
The request requires higher privileges than those provided by the webhook token |
|
|
|
The provided access token has expired |
|
|
|
The user does not have access to the application. This means that the application is installed, but the account administrator has allowed access to this application only for specific users |
|
|
|
The public part of the site is closed. To open the public part of the site on an on-premise installation, disable the option "Temporary closure of the public part of the site". Path to the setting: Desktop > Settings > Product Settings > Module Settings > Main Module > Temporary closure of the public part of the site |
Continue Learning
- Create a Subfolder disk.folder.addsubfolder
- Copy a folder and all its contents to the specified folder disk.folder.copyto
- Permanently Delete a Folder and All Its Contents disk.folder.deletetree
- Get a list of files and folders in the folder disk.folder.getchildren
- Get Public Link for Folder disk.folder.getexternallink
- Get Folder Field Descriptions disk.folder.getfields
- Get Folder Parameters disk.folder.get
- Move a folder and all its contents to the specified folder disk.folder.moveto
- Rename Folder disk.folder.rename
- Restore Folder from Trash disk.folder.restore
- Assign Access Permissions to Folder disk.folder.sharetouser
- How to Upload a File to a Task
- How to Create a Task with an Attached File
- How to Create a Comment in a Task and Attach a File