--- llm-context: api-documentation purpose: Assist LLMs and developers with integrating the DoorFlow API API service: doorflow version: 3.0 endpoint: PUT /api/3/card_templates/{id}/files/{file_uuid} summary: Upload or replace linked file auth: oauth2 format: markdown updated: 2026-06-14 --- # PUT /api/3/card_templates/{id}/files/{file_uuid} Upload or replace linked file Uploads or replaces a linked file for a card template. The file_role query parameter is required. ## Authentication This endpoint requires authentication using one of the following methods: ### OAuth 2.0 (Recommended) Use an OAuth 2.0 access token in the Authorization header. This is the recommended authentication method for all integrations. OAuth provides automatic token expiration, granular permission scopes, detailed usage tracking, and per-integration revocation. **Required Scopes:** private.account.card_template **Example:** ``` Authorization: Bearer YOUR_ACCESS_TOKEN ``` ## Parameters ### Path Parameters **`id`** (Required) - **Type:** integer - **Description:** Card template ID **`file_uuid`** (Required) - **Type:** string - **Description:** UUID of the linked file ### Query Parameters **`file_role`** (Required) - **Type:** string - **Description:** Role of the file (e.g. background_front, background_back, logo) ## Responses ### 200 - File uploaded successfully #### Response Fields **`uuid`** *string* Unique identifier for this linked file **`entity_type`** *string* Type of the parent entity **`entity_uuid`** *string* UUID of the parent entity **`file_role`** *string* Role of this file (e.g. background_front, background_back, logo) **`url`** *string | null* URL to download the file, or null if not yet uploaded **`content_type`** *string* MIME type of the file **`created_at`** *string* **`updated_at`** *string* #### Example Response ```json { "uuid": "string", "entity_type": "string", "entity_uuid": "string", "file_role": "string", "url": "string", "content_type": "string", "created_at": "string", "updated_at": "string" } ``` ### 401 - Unauthorized - Invalid or missing authentication #### Response Fields **`error`** *string* *Example:* `unauthorized` **`error_description`** *string* *Example:* `The access token is invalid` #### Example Response ```json { "error": "unauthorized", "error_description": "The access token is invalid" } ``` ### 403 - Forbidden - User does not have permission #### Response Fields **`error`** *string* *Example:* `forbidden` **`error_description`** *string* *Example:* `You are not authorized to access this resource` #### Example Response ```json { "error": "forbidden", "error_description": "You are not authorized to access this resource" } ``` ### 404 - Not Found - Resource does not exist or is not an admission request event #### Response Fields **`error`** *string* *Example:* `not_found` **`error_description`** *string* *Example:* `The requested resource was not found` #### Example Response ```json { "error": "not_found", "error_description": "The requested resource was not found" } ``` ### 422 - Unprocessable Entity - Validation failed #### Response Fields **`error`** *string* Error message **`errors`** *object* Field-specific validation errors #### Example Response ```json { "error": "string", "errors": { "value": [ "string" ], "credential_type_id": [ "string" ], "limit_reached": "You have reached your HID Mobile licence limit. Please contact DoorFlow Support." } } ``` ### 500 - Internal Server Error #### Response Fields **`error`** *string* *Example:* `internal_server_error` **`error_description`** *string* *Example:* `An unexpected error occurred` #### Example Response ```json { "error": "internal_server_error", "error_description": "An unexpected error occurred" } ```