Skip to main content

Cloudinary integration

Upload, transform, and manage image and video assets and react to upload notifications on behalf of your clients.

What it does

The Cloudinary integration lets your agency drive a client's media pipeline from inside a workflow. Connect a client's Cloudinary product environment once and your workflows can upload images by remote URL or data URI, fetch and list asset metadata with cursor pagination, delete assets and invalidate the CDN, create folders to keep client libraries organized, and react in real time when Cloudinary posts an upload, eager-transformation, or moderation notification to the configured webhook URL.

Connect a Cloudinary account

  1. Open your workspace in TaskJuice and navigate to Connections.
  2. Choose Cloudinary and click Connect.
  3. In a new tab, open the Cloudinary console dashboard signed in as the client (or as your agency, if the client has delegated environment access to you).
  4. Copy the Cloud name, API key, and API secret from the Product Environment Credentials panel.
  5. Paste the cloud name into TaskJuice. It scopes every API call and is templated into the base URL https://api.cloudinary.com/v1_1/{cloud_name}.
  6. Paste the API key and API secret. Cloudinary sends them as HTTP Basic credentials (key as username, secret as password) on every request.

To rotate or revoke credentials, return to the Cloudinary console, regenerate the API secret on the Product Environment Credentials panel, and update the TaskJuice connection.

Triggers

  • cloudinary/upload-notification fires when Cloudinary posts a notification for an upload, eager transformation, moderation result, or delete event. One POST carries one event, and the workflow receives the full notification payload (including notification_type, public_id, secure_url, dimensions, and any context metadata) as a single activation.

The trigger publishes an inbound URL. Paste it into Cloudinary under Settings, Upload, Notification URL (or set it per upload preset), and set the X-TaskJuice-Inbound-Secret header on the notification URL to a shared secret you also paste into the TaskJuice trigger. TaskJuice verifies that header on every inbound POST before activating the workflow.

Actions

  • cloudinary/upload-image uploads an image asset to Cloudinary by remote URL or base64-encoded data, with optional public id, folder, tags, context metadata, and overwrite flag.
  • cloudinary/get-resource fetches metadata for a single Cloudinary asset by resource type, delivery type, and public id, optionally including tags, context, and color summary.
  • cloudinary/list-resources pages through Cloudinary assets by resource type and delivery type, optionally filtered by public-id prefix, using cursor-based pagination on next_cursor.
  • cloudinary/delete-resource deletes a single Cloudinary asset by resource type, delivery type, and public id, with optional CDN-cache invalidation.
  • cloudinary/create-folder creates a Cloudinary folder at the supplied path via the Admin API.

Known limitations

  • The integration uses Cloudinary's v1_1 Admin and Upload APIs with the connected key. Per-account rate limits, plan-based transformation quotas, and feature entitlements are governed by the client's Cloudinary plan, not by TaskJuice. When Cloudinary returns a 420 or 429, the action surfaces as a retryable rate-limit error.
  • Inbound notification verification uses a shared secret on a custom header set on the Cloudinary notification URL. Cloudinary's first-party signature, which is SHA-1 over body + timestamp + api_secret placed in the X-Cld-Signature header, is not used by the declarative inbound verifier (it expects HMAC schemes); treat the inbound URL plus the shared header as the secret and rotate it alongside the API secret.
  • The connected cloud name is fixed on the connection itself. To work across two Cloudinary product environments, create a second connection scoped to that cloud name.
  • The Delete Resource action accepts one public id per call via the public_ids[] query parameter. Batch delete by tag or prefix is not exposed by this action; iterate via List Resources and loop the delete.
  • The Upload Image action uses the unsigned-style Upload API call shape (HTTP Basic auth in place of an explicit signature parameter). Cloudinary requires that the upload preset, public id, and folder match the constraints configured on the product environment.
Was this helpful?
Close integrationCohere integration
Cloudinary integration | TaskJuice Docs