Upload Video Directly to Vimeo from Client via API

I want to upload a video directly to Vimeo via API without having to upload it to my backend server. In Amazon S3, I would generated a signature on the backend and use it on the frontend form. However, in Vimeo, it looks like I need to provide the API token in the header to upload a video.

In this case, how do I upload a video directly to Vimeo on the client side without compromising security? I assume it's not safe to reveal the API token on the client side and there's no setting in Vimeo that lets me restrict the origin URL for file uploading.

Solution

Vimeo has a tutorial for uploading videos from your own frontend with HTTP requests.

How to disable security in Quarkus
SNC name of ABAP System
Is MD5 a good way to generate account verification code
Is there any relationship between Secure Boot and Kernel Lockdown?
CryptographicException: Access denied - How to give access on User store?
How to use an API from my mobile app without someone stealing the token
Symfony security component - Unable to find key \"username\" in the token payload
Is it a good praxis to secure an webservice endpoint with a simple token string?
Can using access token alone prevent CSRF attack, since browser prevents accessing cookies of another site?
Are there CSRF attacks that don't use cookies?
How does Double Submit Cookie Pattern Prevent against CSRF attacks?
vulnerable Tomcat 10.1.31 embedded in Artifactory 7.98.13
Why CSRF token should be in meta tag and in cookie?
How can I prevent SQL injection in PHP?
How/why is login page redirect required?
Do Electron apps enforce CORS restrictions in the renderer process?
How can i use a reverse shell over global Internet?
Should I Manually Patch the Pandas DataFrame.query() Vulnerability or Wait for an Official Update?
C# - Securely storing a password locally
how to secure keys for API calls from android device to amazon services
Should I add application.properties to .gitignore if the Git repository is private and both the server and DB are on an internal network?
Understanding the port numbers of a network connection strings in systemd output of an ubuntu device
Disable firefox same origin policy
SecurityError: Blocked a frame with origin from accessing a cross-origin frame
Securely decoding a Base64 character array in Java
Is There a Security Risk Using ADB Over TCP/IP for Wireless App Development in Expo?
Is it a good idea to distribute docker image containing my selfsigned certificate?
Is it possible to externalize nested components
How can I make a file trully immutable (non-deletable and read-only)?
Buzz words in architecture document