Misar Docs
MisarMailMisar.BlogMisarReachMisarPostMisar.DevMisar PlatformMisar IdentityMisar Posts API
Profile

Upload Avatar

Upload a profile picture — the single source of truth read by every Misar product.

POST/io/profile/avatar

Uploads the acting user's avatar and returns its public URL. The image is the single source of truth — MisarMail, MisarReach, and every other product read avatar_url live from the profile rather than from local auth metadata.

First-party only. This endpoint rejects the service key with 403; uploads are user-initiated actions authenticated by a session cookie or SSO bearer token. Products read the avatar; they never write it.

Request

multipart/form-data with a single file field.

filefilerequired

The image. JPEG, PNG, WebP, or GIF. Maximum 5 MB.

The image is stored at avatars/<userId>/avatar.<ext> (public bucket, overwritten on re-upload), profiles.avatar_url is updated with a cache-busted URL, and the value is mirrored into auth.user_metadata.avatar_url for back-compat.

POST https://www.misar.io/io/profile/avatar
Cookie: sb-<project>-auth-token=…
Content-Type: multipart/form-data; boundary=…

--…
Content-Disposition: form-data; name="file"; filename="me.png"
Content-Type: image/png

<binary>
--…--

{
  "avatar_url": "https://supabase-mail.misar.io/storage/v1/object/public/avatars/9f1c.../avatar.png?v=1718409600000"
}
{ "error": "Avatar upload must be first-party" }
{ "error": "Unsupported image type (use JPEG, PNG, WebP, or GIF)" }

Update Profile

Previous Page

Get balance

Next Page