# Uploads & Files

Let your app's users upload and manage files — images, documents, anything. Foundation stores them
securely, ties each to the user who uploaded it, and respects your access rules.

## Configure

Turn on file uploads and set the rules:

| Setting | What it controls |
|---|---|
| **Allowed types** | Which file types can be uploaded (images, documents, …) |
| **Size limits** | Maximum file size |
| **Access control** | Who can upload, who can view — via [roles & scopes](/platform/roles) |

Files are stored securely and served through your app's API. Each file belongs to the user who
uploaded it.

## Use in your app

Upload straight from the browser with the SDK — Foundation handles the secure, signed upload.

**Tell your agent:** "Let users upload an avatar image and show it on their profile."

```ts
// compute a sha256 of the file, then upload
const result = await foundation.files.upload({
  name: file.name,
  contentType: file.type,
  file,
  sha256,
})

// fetch / list / delete
const meta = await foundation.files.get(result.id)
const { items } = await foundation.files.list({ limit: 50 })
await foundation.files.delete(result.id)
```

For manual control of the signed upload, use `foundation.files.initiate(...)`.

## Reference

- SDK file methods: `foundation.files.upload / initiate / get / list / delete` — see the
  [SDK reference](/api/sdk)
- [Entities](/platform/entities) · [Storage](/platform/storage)
