Secure image sharing with OpenAI API

Hi,

We are heavy users of the OpenAI API and have recently started processing a large number of images using GPT-4o’s vision capabilities. We currently upload these images by serializing them in Base64. However, we’re encountering performance and memory issues due to the high volume of images we need to process in parallel. Using public URLs is not a viable option for us either, given the sensitive nature of the patient data we handle.

We believe this challenge might be common among OpenAI clients dealing with sensitive image data. We were wondering if OpenAI had considered alternative solutions. One possible approach could be integrating with major cloud providers, allowing clients to authenticate securely and grant temporary access to specific resources like storage buckets. This would enable the API to fetch images directly from a secure location without exposing them to the public internet.

Is this something OpenAI has considered, or do you have other solutions to address these kinds of challenges?

3 Likes

Can we assume that only the IP ranges from this page will be used to access image URLs ? If so, an alternative solution could be to whitelist this range only to access the image URLs.

This has been flagged with OpenAI and is being looked at.

2 Likes

Hi @anatoleca,

The current workaround is to generate expiring links for just-in-time access for the image fetch tool to download the images, e.g., AWS pre-signed URLs that can be set to expire after a preset duration.

The API calls use HTTPS, so the links you send will be encrypted during transit.