
Strapi Cloudinary Media Library Custom Field
released August 26, 2025
npm install @strapi-community/cloudinary-media-library
A Strapi plugin that adds a custom field for selecting Cloudinary media assets using Cloudinary's official Media Library widget.
npm install @strapi-community/cloudinary-media-library@latest
# or
yarn add @strapi-community/cloudinary-media-library@latestTo retrieve your Cloudinary credentials:
You donβt need the API secret for this integration β only cloud name and API key.
Your plugin settings should go in config/plugins.ts. Hereβs an example:
export default {
'cloudinary-media-library': {
enabled: true,
config: {
cloudName: 'your-cloud-name',
apiKey: 'your-api-key',
encryptionKey: '32 chars encryption key',
},
},
};Additionaly you can set up cloudName and apiKey properties through Settings page in the Admin panel. Please note that this configuration will overwrite config/plugin.ts

These options are passed directly to the Cloudinary Media Library widget.
IMPORTANT You must set the encryptionKey property in the config file. This key is required for Strapi to encrypt credentials in the database. If you donβt provide encryptionKey as a 32-character string, the media library will not work.
strapi::security middlewares to avoid CSP blocking CloudinaryWhen using Cloudinary's Media Library Plugin, modern browsers enforce Content Security Policy (CSP) rules. These policies prevent scripts, images, frames, and other resources from loading if they originate from domains not explicitly allowed β which will cause the Cloudinary widget to break.
To fix this, you need to explicitly allow Cloudinary domains in Strapi's security middleware configuration.
Edit ./config/middlewares.js
export default [
'strapi::logger',
'strapi::errors',
{
name: 'strapi::security',
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
'connect-src': ["'self'", 'https:'],
'img-src': [
"'self'",
'data:',
'blob:',
'https://market-assets.strapi.io',
'https://console.cloudinary.com',
'https://res.cloudinary.com',
],
'script-src': [
"'self'",
'example.com',
'https://media-library.cloudinary.com',
'https://upload-widget.cloudinary.com',
'https://console.cloudinary.com',
],
'media-src': [
"'self'",
'data:',
'blob:',
'https://console.cloudinary.com',
'https://res.cloudinary.com',
],
'frame-src': [
"'self'",
'https://media-library.cloudinary.com',
'https://upload-widget.cloudinary.com',
'https://console.cloudinary.com',
],
upgradeInsecureRequests: null,
},
},
},
},
'strapi::cors',
'strapi::poweredBy',
'strapi::query',
'strapi::body',
'strapi::session',
'strapi::favicon',
'strapi::public',
];The Cloudinary Media Library plugin supports two types of role-based permissions to control access to its features:
| Permission | Description |
|---|---|
Read | Allows the user to view Cloudinary credentials in the Settings page and upload media using the Cloudinary input field. |
Settings | Grants full access to modify Cloudinary configuration (cloud name and API key). |
Authenticated or Super Admin).β Readβ Settingsyarn buildyarn test:serveryarn test:ts:frontYou can also used official support platform of Strapi, and search [VirtusLab] prefixed people (maintainers)
See the MIT License file for licensing information.
Share your work with the community and get it listed in the Strapi ecosystem for everyone to discover and use.
Submit
