Files not getting associated with users if uploaded from an external app onto the Bubble platform

Hi everyone,
I am building an app on Unity Game Engine platform where I intend to do the following things:
(1) Let a user create an account on a website that I have build on platform, from the Unity app,
(2) Let a user to login into their account on the website from the Unity app,
(3) Upload files into a user’s respective account on the website from the Unity app
(4) Download files into the Unity app from the website, both when “logged in” as well as when “not logged in”.
I was able to achieve the first, second and the fourth goal, but having problem with upload of files. When a user who’s already logged into the website from the Unity app, tries to upload files, the files do get uploaded onto the website but the files didn’t get associated with the user i.e., the “created by” field of the files once uploaded, holds the following value “non_authenticated_user_mpxtest_live” where “mpxtest” is the appname.
I am attaching screenshots of the api calls for quick reference.

Login POST Request

POST Request for uploading of files

Note: Used a base64 file encoder to encode a small image file to base64 string which I then attach to the body of the POST Request

GET Request for getting the files

It will very helpful if someone could give some insight into this problem.


If you need the created by field to be populated by a user you should run the workflow with a token for this specific user (the token being returned by a login / signup workflow).

@emmanuel I tried what you suggested me to do while trying to upload a file on to Bubble from an external app. In doing so, i.e., using the “token” instead of “user_id”(both of which returned by the Login/Signup API workflow) for the “attach_to” field of the JSON object used for “Uploading of files” POST Request

(1) Login POST Request

(2) “Uploading of file” POST Request

(3) “Getting of files” GET Request

(4) Browser response

It would be very helpful if someone could help me regarding this as I got stuck really bad and couldn’t make any progress.



attach_to is used for privacy stuff. Here you want to control the Created By field, these are totally different concepts. Don’t use the attach_to field and just send the token. The things will then be marked as created by the current user (whose token is being used).

@emmanuel I get it solved. I just had to include a key-value pair in the header of my uploading POST request as “Authorization”:“Bearer API_TOKEN” where API_TOKEN is the token returned by the Login/Signup Api workflow (once a user signs up or logs in). I kept “attach_to” field of the JSON in the body of the POST request filled with the user_id.

1 Like