# Cloudinary provider

> Source: https://docs.strapi.io/cms/configurations/media-library-providers/cloudinary

The `@strapi/provider-upload-cloudinary` package lets you store Media Library assets on [Cloudinary](https://cloudinary.com/). This page covers installation and configuration using your Cloudinary cloud name, API key, and API secret.

The [Media Library](/cms/features/media-library) feature is powered by a back-end server package called Upload which leverages the use of providers.

Strapi maintains 3 providers for the Media Library. The present page is about the [Cloudinary](https://cloudinary.com/) provider installation and configuration. For other providers, please refer to the list in the [Media Library page](/cms/features/media-library#providers).

## Installation

To install the official Strapi-maintained Cloudinary provider, run the following command in a terminal:

```bash
yarn add @strapi/provider-upload-cloudinary
```

```bash
npm install @strapi/provider-upload-cloudinary --save
```

## Configuration

Providers configuration is defined in [the `/config/plugins` file](/cms/configurations/plugins). If this file does not exist, create it first. The provider configuration accepts the following entries:

* `provider` to define the provider name (i.e., `cloudinary`)
* `providerOptions` to define options that are passed down during the construction of the provider (see [Cloudinary documentation](https://cloudinary.com/documentation/cloudinary_sdks#configuration_parameters) for the full list of options)
* `actionOptions` to define options that are passed directly to the parameters to each method respectively. The official Cloudinary documentation lists available options for [upload/uploadStream](https://cloudinary.com/documentation/image_upload_api_reference#upload_optional_parameters) and [delete](https://cloudinary.com/documentation/image_upload_api_reference#destroy_optional_parameters).

```js title="/config/plugins.js"
module.exports = ({ env }) => ({
  // ...
  upload: {
    config: {
      provider: 'cloudinary',
      providerOptions: {
        cloud_name: env('CLOUDINARY_NAME'),
        api_key: env('CLOUDINARY_KEY'),
        api_secret: env('CLOUDINARY_SECRET'),
      },
      actionOptions: {
        upload: {},
        uploadStream: {},
        delete: {},
      },
    },
  },
  // ...
});
```

```ts title="/config/plugins.ts"

  // ...
  upload: {
    config: {
      provider: 'cloudinary',
      providerOptions: {
        cloud_name: env('CLOUDINARY_NAME'),
        api_key: env('CLOUDINARY_KEY'),
        api_secret: env('CLOUDINARY_SECRET'),
      },
      actionOptions: {
        upload: {},
        uploadStream: {},
        delete: {},
      },
    },
  },
  // ...
});
```

:::note Notes
* Strapi has a default [`security` middleware](/cms/configurations/middlewares#security) that has a very strict `contentSecurityPolicy` that limits loading images and media to `"'self'"` only. See the example configuration on the [provider page](https://www.npmjs.com/package/@strapi/provider-upload-aws-s3) or the [middleware documentation](/cms/configurations/middlewares#security) for more information.
* When using a different provider per environment, specify the correct configuration in `/config/env/${yourEnvironment}/plugins.js|ts` (see [environments](/cms/configurations/environment)).
:::