• 1 min read Vercel Blob now supports private storage for sensitive files like contracts, invoices, and internal reports. • Private storage requires authentication for all operations, preventing exposure via public URLs. • Public storage allows public reads for media assets, while private storage requires authentication. • Create a private store via the Storage dashboard or with the CLI: CLI command vercel blob create-store [name] –access private When created inside a linked Vercel project, the CLI prompts you to connect the store, automatically adding the BLOB_READ_WRITE_TOKEN environment variable. • The SDK uses this variable to authenticate operations in your deployments. • SDK installation pnpm add @vercel/blob@2.3 To upload, use put or upload with the access: ‘private’ option.

Article Summaries:

  • Vercel has launched a public‑beta feature that adds private storage to its Blob service, enabling secure handling of sensitive files such as contracts, invoices, and internal reports. Unlike public Blob storage, which allows unauthenticated reads, private stores require authentication for all operations, preventing accidental exposure via URLs. Developers can create a private store through the Vercel dashboard or the CLI with vercel blob create-store [name] --access private. The SDK (e.g., @vercel/blob@2.3) uses the BLOB_READ_WRITE_TOKEN environment variable for authenticated uploads (put) and downloads (get). The feature is available on all plans under standard Blob pricing.

Sources: