Console Settings for DAM

Last updated: Dec-16-2024

You can configure settings that influence your account as a whole, as well as how your media is uploaded, stored, and delivered within the currently selected product environment. Some Settings affect both DAM users and developers, so you should coordinate with your developers where relevant.

Note
Only Console Setting options relevant to DAM users are detailed on this page. Other options should be set in coordination with the developers on your team.

Overview

Click the Settings icon in the Console Options sidebar to view your Console Settings.

Account settings

The default Console Settings provide a good starting place for your Digital Asset Management activities. However, each organization should review all the available options on all the Settings pages and determine the settings that best answer your organization's needs.

The following sections highlight a few of the common settings that you may want to consider when setting up your account and product environment.

Note
The options in the Users Settings page are described at length under User and group management.

Account settings

Account settings include updating your personal account details, upgrading your plan, adding/editing the product environments in your account, defining/editing users in the account and setting up your account security.

Two-factor authentication and SSO

In the Account Security page of the Console Settings, check or modify two-factor authentication (2FA) and SAML/SSO login settings for your account.

Two-factor authentication (2FA) is recommended for any Production environment, or per your organization's security policy. You can upgrade to two-factor authentication on any account, including free accounts and those registered via GitHub, Google, or email.

Important
If you signed up through a third-party login (e.g., Google, GitHub, or Heroku), changing your email associated with the third-party service without first setting up direct access to your Cloudinary account may prevent you from logging in. To avoid this, establish direct access to Cloudinary via the My Profile page of the Console Settings before changing your third-party email.

SSO is available for enterprise accounts and is recommended if you have more than 100 users or per your organization's security policy.

Product environment management

A product environment encompasses a distinct asset repository with specific settings and attributes. To learn more about product environments, see What's a product environment?.

To manage your product environments, navigate to the Product Environment page of the Console Settings. Here, you can browse through all your product environments, search for specific ones, enable or disable them and modify attributes such as cloud name (the unique identifier), display name (shown in the Product Selector instead of the cloud name, if defined) and description. You can check if your product environments are using dynamic folder mode, and you can add new product environments, within the limit of your plan.

Product environment settings

When creating a new product environment, you can configure its cloud name, display name, and description. By default, all new product environments are set to use the dynamic folders mode, which allows for flexibility in organizing files. However, if necessary, you can select fixed folder mode. Once your product environment is created, you can't change folder modes. Additionally, you can choose an existing product environment to serve as the Base product environment.

Base product environment

The Base Product Environment option simplifies creating new product environments by inheriting key configurations from an existing environment. When this option is used, the following settings are automatically copied:

  • Usage limits
  • Folder mode (removing the option to select a folder mode independently)
  • Customized options applied by Cloudinary support
  • Custom CDN attributes, depending on your setup
  • Asset record location (EU, US, or AP)

It's important to note that some elements, such as folders and assets, are not transferred to the new environment.

This feature is designed to help maintain consistency in core configurations while streamlining the setup of new environments. Before selecting a base environment, carefully review its settings to ensure they align with your requirements.

If you need help, contact support or your Customer Success Manager.

Additional product environment subscriptions

You can find the maximum number of product environments that you're eligible for at the top of the Product Environment page of the Console Settings. If you're on a paid plan and have reached your base plan limit, the Change Limit button will appear, allowing you to increase this limit. Click Change Limit and select the appropriate add-on for the desired number of additional product environments. Subsequently, you can adjust the number of additional product environment subscriptions on your account at any time.

If you're already subscribed to an Add product environments add-on, you can change the number of product environments beyond your base plan limit. However, please note that selecting a different Add product environments add-on will replace your previous selection, rather than adding to it. The number of product environments you add will always be applied to the base plan limit, which is the initial cap before any Add product environments plans are included. You can view your base plan limit in the side panel of the Accounts page within the Console Settings.

Note
The option to separately purchase additional product environments from the Console is available only to customers that subscribed to Cloudinary directly (not via another provider like Heroku or AWS), are on a paid plan, and are not on an Enterprise or custom plan.

For additional help, or to add more than 5 additional product environments, contact support.

Product environment settings

Product environment settings include dynamic and fixed folder modes, upload settings, product environment security settings, and managing API keys.

Dynamic and fixed folder modes

You can use either dynamic or fixed folder mode in your product environment. These modes determine how assets are named, and whether changing the asset name and folder location in the Media Library impacts delivery URLs, which could break links to assets in production.

Consider these options, especially if your assets are delivered on a website or app:

  • Dynamic folder mode: Enables Cloudinary users to move assets between asset folders, and rename and move those folders without affecting the asset's public ID identifier and delivery URL path.

    Assets have a user-friendly display name as an additional identifier. Both display names and asset folder names can be freely modified without affecting the public ID and delivery URL.
  • Fixed folders mode: The folder and asset name shown in the Media Library together are a direct reflection of the asset's public ID full path, and thus control the delivery URL path and file name. In fixed folder mode, moving the asset to a different folder or editing the asset 'name' also modifies the asset's URL, and if not done carefully, risks breaking production content. Folder renaming isn't supported in this mode.

Important

Starting June 4th, 2024, all new Cloudinary accounts are created using dynamic folder mode.

This page describes the behavior for dynamic folder mode. Any differences in behavior for fixed folder mode will be highlighted with a note directing you to the Folder modes page for further details.

You can find out if dynamic folders is enabled for your product environment by navigating to the Product Environments settings page. From the (3-dots) option menu next to the relevant product environment select Edit. Your product environment is using dynamic folder mode if the Dynamic folder mode toggle button is on. If it's off, you're using fixed folder mode.

Dynamic folders indication

Notes
  • Historically, Cloudinary accounts used fixed folder mode. If you're currently using the legacy fixed folder mode and would like to enable dynamic folders for your product environment, contact support.
  • For more information on the ways that dynamic and fixed folder modes differ in your product environment's Console, see the Folder modes page in the Assets admin guide.
  • For more information about how their differences are reflected in the API, see Folder modes in the Programmable Media guide.

Upload settings

The Upload page includes options that impact the default behavior applied to media when you upload assets to your product environment. Those you may want to pay special attention to include:

  • Automatic backup: Determines whether every uploaded file is securely backed up, including support for multiple revisions. When enabled, the backups increase your account's storage usage (unless you set a private S3 or Google Cloud bucket for your backups).

  • Media Library upload presets: Upload Presets are a predefined set of upload preferences. To control the way all assets are uploaded via the Media Library, you can assign specific signed upload presets to act as the defaults for image, video, and raw uploads within the Media Library. For more information, see Managing upload presets in the DAM.

Note
There are additional options for controlling how assets are uploaded in the Upload page of the Media Library Preferences.

Security settings

The Security page includes options that restrict how assets are shared, accessed and delivered. The settings impact only the selected product environment.

Since the options in the Security page affect the API and asset delivery, coordinate with one of your developers to configure these settings.

The following configurations also impact how assets are handled in DAM:

PDF and ZIP file sharing and delivery

However, the Allow delivery of PDF and ZIP files setting, in addition to determining whether PDF and ZIP files can be programmatically delivered, also affects asset and collection sharing in the Media Library. This setting must be turned on in order to publish collections and to publish single assets that are PDF and ZIP files (including .zip, .rar, .tgz, .gz, .bz2, .bzip, .7z, and .pdf).

Data privacy

Cloudinary takes the responsibility of protecting your data seriously, and complies with widely accepted security standards and regulations, enterprise class security features, our privacy policies, and our commitment to transparency. See our Trust page for more information.

When necessary, a Cloudinary employee with specific authorization may need to enter a product environment for the purposes of providing technical support. Cloudinary customers on a Programmable Media Enterprise plan can request an additional layer of privacy that’s enabled per product environment. This additional layer of privacy hides all data in the enabled product environments from all Cloudinary employees, even those with the permission levels necessary to provide that kind of support.

When the additional layer of privacy is enabled, Cloudinary employees can't:

  • Access the product environment's full API secret, which prevents accessing data programmatically.
  • Access delivery URLs via the Media Library.
  • View asset thumbnails or previews in any page of the Media Library.
  • Perform an asset search of any kind.
  • Use the Bulk Delete option in the Security page of the Console Settings.
  • See actual public IDs and folder and collection names.

At some point, you may need Cloudinary to access your actual data while providing technical support. In that case, Admins and Master admins can allow temporary access to the product environment. From the Security page of the Console Settings, check Allow temporary access and set the time limit for access.

Admins and Master admins can change access settings at any time, including canceling access and changing its time limit.

All administrators will receive an email notifying them of any change in access status, including when access has been allowed, canceled, time limit changed and expired.

Note
If you're on a Programmable Media Enterprise plan, you can contact our Enterprise support and sales team or your CSM to enable this feature.

API keys

The API Keys page of the Console Settings lets you handle API key and secret pairs for your product environment. Here, you can create new API keys and secrets, activate or disable them, copy API keys and secrets, or delete them.

If you've dedicated an API key for signing webhook notifications, it can't be deactivated or removed. If you need to deactivate or remove this key, you must first replace it with another API key to serve as the dedicated key for webhook notifications. You can do this by navigating to the Webhook Notifications page of the Console Settings. For more information, see Webhook notifications.

Note
If you're on a Programmable Media Enterprise plan, you can manage API keys programmatically via the access_keys endpoint of the Provisioning API.

✔️ Feedback sent!

Rate this page: