# File Type Detection API > Detect the true type of a file from its content — its magic bytes / binary signature — not from its name. Send a file by URL or base64 and get back the real extension and MIME type, recognising 100+ binary formats: images (PNG, JPEG, GIF, WebP, AVIF, HEIC), audio and video (MP3, MP4, WAV, FLAC, MKV), archives (ZIP, GZIP, 7z, RAR, TAR), documents (PDF, DOCX, XLSX), fonts and more. Optionally pass a filename to flag a spoofed extension (e.g. a PNG renamed to .txt). Text formats like TXT, CSV, JSON and SVG have no signature and return detected=false. Detection is local — no key, no third-party service. Live, nothing stored. 2 endpoints. Built for secure upload validation, anti-spoofing checks, content pipelines and forensics. Distinct from an extension-to-MIME lookup. ## Authentication All requests require your oanor API key in the `x-oanor-key` header. Get one at https://www.oanor.com/developer/keys. ```bash curl -H "x-oanor-key: oanor_live_…" "https://api.oanor.com/filetype-api/..." ``` ## Pricing - **Free** (Free) — 1,320 calls/Mo, 2 req/s - **Starter** ($5/Mo) — 19,000 calls/Mo, 8 req/s - **Pro** ($25/Mo) — 164,000 calls/Mo, 20 req/s - **Mega** ($61/Mo) — 840,000 calls/Mo, 50 req/s ## Endpoints ### Detect #### `GET /v1/detect` — Detect file type from content **Parameters:** - `file` (query, required, string) — Base64 file content (or use url) Example: `iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYPhfDwAChwGA60e6kgAAAABJRU5ErkJggg==` - `url` (query, optional, string) — File URL to fetch instead of base64 - `filename` (query, optional, string) — Claimed filename to check for a spoofed extension **Example:** ```bash curl -H "x-oanor-key: $KEY" \ "https://api.oanor.com/filetype-api/v1/detect?file=iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYPhfDwAChwGA60e6kgAAAABJRU5ErkJggg%3D%3D" ``` **Response:** ```json { "data": { "ext": "png", "mime": "image/png", "detected": true, "size_bytes": 70 }, "meta": { "timestamp": "2026-06-02T16:51:55.594Z", "request_id": "493a33aa-063d-4cc6-afc6-75f66de2e84c" }, "status": "ok", "message": "Detect file type from content", "success": true } ``` ### Meta #### `GET /v1/meta` — Spec **Example:** ```bash curl -H "x-oanor-key: $KEY" \ "https://api.oanor.com/filetype-api/v1/meta" ``` **Response:** ```json { "data": { "auth": "none upstream; this gateway requires x-api-key", "name": "File Type Detection API", "note": "Detect the true file type from its content (magic bytes), not its name. Pass ?url= a file URL or ?file= base64. Recognises 100+ binary formats (images, audio, video, archives, documents, fonts, …). Optionally pass ?filename= to flag a spoofed extension. Text formats (txt, csv, svg, json) have no signature and return detected=false. Distinct from mime-api (extension lookup). Live, nothing stored.", "source": "Local magic-byte detection (file-type) — no key, no upstream", "endpoints": 2 }, "meta": { "timestamp": "2026-06-02T16:51:55.704Z", "request_id": "158d85cb-88a0-45b6-9407-7f739a16a6b6" }, "status": "ok", "message": "Meta", "success": true } ``` --- Marketplace page: https://www.oanor.com/api/filetype-api OpenAPI spec: https://www.oanor.com/api/filetype-api/openapi.json