C

Cloudinary

API keyStorage & AssetsOrg connection

Org-level connection

Cloudinary is connected once at the org level by an admin. The credential is shared across all groups that have been granted access — individual team members don't need to connect their own accounts.

Getting your API key

In your Cloudinary Console, open Settings → API Keys (or the Dashboard product environment card)

Copy your Cloud name into the Cloud Name field above

Copy your API Key and paste it as the API key below

Copy your API Secret and paste it into the API Secret field above (used to sign uploads — never sent as a header)

Ready to connect?

Sign in to On Belay and open the Integrations page to add Cloudinary.

Sign in →

Permissions (scopes)

These are the data scopes On Belay can be granted for Cloudinary. Your org admin controls which scopes are enabled per group.

ScopeDescriptionAccess
assets:readRead assetsRead only
assets:writeUpload / transform assetsRead / Write
assets:deleteDelete assetsRead / Write

Troubleshooting

"Invalid API key" or "Unauthorized" error
Double-check that you copied the full key without any leading/trailing spaces. Some platforms show a truncated preview — make sure to copy the full token. If the key was generated with restricted scopes, verify it includes the permissions listed above.
Connected but Claude can't access data
Check that your group has been granted access to this integration in On Belay → Groups → [your group] → Integrations. Also verify the specific scopes your group is permitted to use match what your query requires.
The key expires or stops working
Some API keys have expiration policies. Generate a new key in Cloudinary and update it in On Belay → Integrations → Cloudinary → Update key. Consider creating a dedicated service account or machine user for On Belay so the key isn't tied to a personal account.

Still stuck? We're happy to help.

Contact support →