Provide an authenticated upload endpoint or pre-signed URL mechanism (using a cloud storage service) so claimants and adjusters can upload photos and documents directly to cloud storage without routing files through your application server
Enforce file type validation (accept JPEG, PNG, PDF, HEIC) and maximum file size limits at the upload stage; reject unsupported formats with a clear error message before storage occurs
On successful upload, generate a persistent document record in your claims management system associating the file storage reference, document type (e.g., 'damage photo', 'repair estimate', 'police report'), uploader identity, and upload timestamp with the claim number
Run automated virus and malware scanning on uploaded files before making them accessible to claim reviewers; quarantine files that fail the scan and alert the security team
Implement role-based access controls so that claimants can only view their own claim documents, adjusters can view and annotate documents for their assigned claims, and supervisors have broader access; log all document access for audit purposes
Known gotchas
Pre-signed URLs with short expiration windows (e.g., 15 minutes) prevent unauthorized access but require the client to request a fresh URL for large or slow uploads; set the expiration generously enough for expected file sizes and connection speeds
HEIC files (common from iPhones) may not be natively viewable in all browsers or PDF viewers; convert HEIC to JPEG server-side before storing the display copy, while retaining the original for evidentiary purposes
Claim documents may constitute evidence in litigation; implement a legal hold mechanism that prevents deletion of documents flagged for litigation even if normal retention policies would otherwise allow it
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp