Skip to content

File uploads

File uploads are a Pro feature. Add <input type="file"> fields to a form that posts as multipart/form-data; FormWire stores each file and puts its URL in the submission.

Set enctype="multipart/form-data" on the form — a plain urlencoded post can’t carry files:

<form action="https://api.formwire.io/submit" method="POST"
enctype="multipart/form-data">
<input type="hidden" name="access_key" value="YOUR-ACCESS-KEY">
<input type="email" name="email" required>
<input type="file" name="attachment">
<button type="submit">Send</button>
</form>
LimitValue
Per file5 MB
Total request body12 MB
Allowed typesJPEG, PNG, GIF, WebP, PDF, TXT, CSV, ZIP, DOC/DOCX, XLS/XLSX

A file that’s over the size limit, of a disallowed type, or whose bytes don’t match its declared type is not uploaded — that field is stored as a short placeholder (e.g. (file too large: report.pdf)) so the rest of the submission still goes through. Stored files are always served as forced downloads, never inline, so an upload can’t be rendered as active content.

Give several inputs the same name, or use multiple, and the values are grouped into an array:

<input type="file" name="attachments" multiple>

The stored value for attachments becomes an array of URLs.

Once stored, a file field’s value is its public URL (a CDN link). That URL then shows up everywhere the field does:

  • in the notification email as a download link — files are linked, not attached;
  • in the webhook payload’s data;
  • in the read API response.

Uploads run only for non-spam submissions, so a bot that trips the honeypot never consumes your storage.