> ## Documentation Index
> Fetch the complete documentation index at: https://docs.aiinsurance.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Upload File

> Uploads a file to the company file system. The request body must be
`multipart/form-data`.

Optionally place the file inside a folder by providing `folderId`. Omit
it to upload to the root level (no folder).

**Required permission:** `company.file:create`




## OpenAPI

````yaml /openapi/generated-external-api.yaml post /api/v1/external/companies/{companyId}/files
openapi: 3.0.3
info:
  title: AI Insurance External API
  description: External API for AI Insurance platform
  version: 1.0.0
  contact:
    email: support@aiinsurance.io
servers:
  - url: https://app.aiinsurance.io
    description: Production
security:
  - ApiKeyAuth: []
paths:
  /api/v1/external/companies/{companyId}/files:
    post:
      tags:
        - Company Files
      summary: Upload File
      description: |
        Uploads a file to the company file system. The request body must be
        `multipart/form-data`.

        Optionally place the file inside a folder by providing `folderId`. Omit
        it to upload to the root level (no folder).

        **Required permission:** `company.file:create`
      operationId: uploadCompanyFile
      parameters:
        - $ref: '#/components/parameters/companyId'
      requestBody:
        required: true
        content:
          multipart/form-data:
            schema:
              type: object
              required:
                - file
                - fileName
                - mimeType
              properties:
                file:
                  type: string
                  format: binary
                  description: The file content to upload
                fileName:
                  type: string
                  description: File name (must be non-empty)
                mimeType:
                  type: string
                  description: MIME type of the file (e.g. `application/pdf`)
                category:
                  type: string
                  description: Optional category label
                folderId:
                  type: string
                  format: uuid
                  description: Folder ID to place the file in (omit for root-level)
      responses:
        '201':
          description: File uploaded successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CompanyFile'
              examples:
                success:
                  summary: File uploaded
                  value:
                    id: 550e8400-e29b-41d4-a716-446655440020
                    name: claim-report.pdf
                    mimeType: application/pdf
                    category: claims
                    entityId: null
                    entityName: null
                    uploadedAt: '2026-01-20T09:15:00.000Z'
                    userDate: null
        '400':
          description: Bad Request — Validation error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                missingFile:
                  summary: No file provided
                  value:
                    error:
                      code: VALIDATION_ERROR
                      message: 'fileName: Must be a non-empty string'
                invalidMultipart:
                  summary: Malformed multipart body
                  value:
                    error:
                      code: INVALID_MULTIPART
                      message: Failed to parse multipart payload
                folderNotFound:
                  summary: Target folder does not exist
                  value:
                    error:
                      code: folder-not-found
                      message: Folder not found
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  parameters:
    companyId:
      name: companyId
      in: path
      required: true
      schema:
        type: string
        format: uuid
      description: Company identifier
  schemas:
    CompanyFile:
      type: object
      description: A file stored in the company file system
      properties:
        id:
          type: string
          format: uuid
          description: File identifier
        name:
          type: string
          description: File name
        mimeType:
          type: string
          nullable: true
          description: MIME type of the file
        category:
          type: string
          nullable: true
          description: Optional category label
        entityId:
          type: string
          nullable: true
          description: Related entity ID (if attached to an entity)
        entityName:
          type: string
          nullable: true
          description: Related entity name (if attached to an entity)
        uploadedAt:
          type: string
          format: date-time
          nullable: true
          description: When the file was uploaded (ISO 8601)
        userDate:
          type: string
          format: date-time
          nullable: true
          description: User-specified date for the file (ISO 8601)
    ErrorResponse:
      type: object
      description: Standard error response for all external API endpoints
      required:
        - error
      properties:
        error:
          type: object
          required:
            - code
            - message
          properties:
            code:
              type: string
              description: Machine-readable error code
              example: VALIDATION_ERROR
            message:
              type: string
              description: Human-readable error message
              example: 'submissionId: Required field is missing'
            details:
              type: array
              description: Additional details for validation errors (field-level errors)
              items:
                type: object
                properties:
                  field:
                    type: string
                    description: The field that caused the error
                    example: submissionId
                  message:
                    type: string
                    description: Description of the field error
                    example: Required field is missing
  responses:
    Unauthorized:
      description: Unauthorized - Invalid or missing API key
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missingApiKey:
              summary: Missing API key
              value:
                error:
                  code: UNAUTHORIZED
                  message: Authorization header is required
            bearerTokenNotAllowed:
              summary: Bearer token used instead of API key
              value:
                error:
                  code: UNAUTHORIZED
                  message: External API endpoints require API key authentication
    Forbidden:
      description: Forbidden - Insufficient permissions
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            insufficientPermissions:
              summary: Insufficient permissions
              value:
                error:
                  code: FORBIDDEN
                  message: Insufficient permissions to perform this action
    InternalServerError:
      description: Internal Server Error - Unexpected error occurred
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            internalError:
              summary: Unexpected server error
              value:
                error:
                  code: INTERNAL_ERROR
                  message: An unexpected error occurred. Please try again later.
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: Authorization
      description: >-
        API key authentication. Include your API key in the Authorization
        header.

````