From 92b4db42fd476e34b32d7297bd96f959a7c10fd4 Mon Sep 17 00:00:00 2001
From: Krystian Jarmicki <krystian.jarmicki@cloudinary.com>
Date: Wed, 28 Jan 2026 11:14:39 +0100
Subject: [PATCH] require api secret only when api key is present

---
 api/uploader/upload.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/uploader/upload.go b/api/uploader/upload.go
index 3728cfa..835bbc9 100644
--- a/api/uploader/upload.go
+++ b/api/uploader/upload.go
@@ -97,8 +97,8 @@ func (u *API) postAndSignForm(ctx context.Context, urlPath string, formParams ur
 }
 
 func (u *API) signRequest(requestParams url.Values) (url.Values, error) {
-	// No signing for OAuth Token
-	if u.Config.Cloud.OAuthToken != "" {
+	// No signing for OAuth Token or without API key
+	if u.Config.Cloud.OAuthToken != "" || u.Config.Cloud.APIKey == "" {
 		return requestParams, nil
 	}