API Reference

Introduction

Serve TikTok images through your own cached CDN endpoint.

|View as Markdown|

The TikTok CDN Server mirrors TikTok images (avatars, stream covers, gift icons, and any other asset hosted on the TikTok CDN) onto Euler Stream's edge network. TikTok image URLs are signed and expire after a short window; once an asset passes through the CDN Server it is stored permanently and stays available at a stable URL forever.

Your endpoint

Every account gets a default subdomain:

https://<cdnId>.assets.cdn.eulerstream.com

The cdnId is a short identifier unique to your account. You can find yours, and enable the CDN in the first place, on the Image CDN dashboard. Paid plans can additionally serve from their own domain with a custom hostname.

How serving works

The CDN resolves every request in three steps: edge cache, then permanent storage, then (only for signed requests) a live fetch from TikTok.

  1. First request: use the full original URL. Take the TikTok URL exactly as you received it from the API, prepend your CDN endpoint, and keep the TikTok hostname as the first path segment along with all of the original query parameters (the signature set). This is called a signed request, and it is the only request shape that can fetch and store a brand new asset.
  2. The asset is stored permanently. The stored key excludes the TikTok hostname, so the same asset retrieved through different TikTok shards dedupes to a single object.
  3. Every later request can use the short form. Drop the TikTok hostname and the query parameters entirely; the host-less path serves from cache or storage. You can even drop the ~tplv variant suffix, in which case the CDN serves the largest stored variant of that asset.

Requesting an asset that has never been stored, without the full signed URL, returns a 404. There is no way to fetch new content with a shortened URL: the CDN cannot reconstruct TikTok's signature parameters.

What you can configure

All configuration lives in the Image CDN dashboard:

  • Public access. When on, anyone can view content served from your CDN. When off, only requests authenticated with one of your API keys can read from it.
  • Public uploads. When on, any valid API key can store new assets to your CDN via signed requests. When off, only your own keys (or the account owner) can. Reads of already-stored content are never subject to this check.
  • CORS origins. Up to 5 origins (scheme + host only, e.g. https://example.com, glob patterns supported) that browsers may embed your CDN images from. Requests without a matching Origin or Referer from browser user agents are rejected with a 403.
  • Custom hostname. Paid plans can serve from their own domain. See Custom Hostnames.

Authentication

Pass your API key either as an apiKey query parameter or an X-Api-Key header. The apiKey parameter is consumed at the edge and is never forwarded to TikTok, cached, or counted as part of the signature parameters.

If your CDN has public access enabled, plain reads need no key at all. Storing new assets always requires upload permission (your own key, or any key when public uploads is on).

Rate limits

Limits depend on your plan and are enforced per minute in two independent buckets:

PlanPer accountPer IP
Community (Basic Image CDN)50 requests / min20 requests / min
Paid (Full Image CDN)1,000 requests / min250 requests / min

Exceeding either bucket returns a 429. Current limits for your account are shown on the Image CDN dashboard.