File attachments State - PENDING duration

Hi all,
Just a quick question, we’re nearing completion of implementing changes to handle the full set of file availability states (PENDING, VALIDATION_FAILED, THREATS_FOUND alongside AVAILABLE) being introduced in File attachments - Release 2.

From the documentation, my understanding is that malware scanning runs asynchronously in the background after upload, with the attachment held at PENDING until processing completes — rather than being triggered on-demand at access time. Could someone confirm that’s correct?

Assuming it is, my question is about timing. The only guidance I can find is that a PENDING file should be re-checked after a minimum of 5 minutes. Is there an expected or maximum scan duration, or an SLA we can rely on?

The reason I ask is the impact on clinical workflows: there’s a realistic scenario where a clinician needs a file very shortly after it’s uploaded and finds it still PENDING. We’d like to set the right expectations in our UI (and ideally a sensible poll/retry strategy), so any indication of typical and worst-case scan times would be really helpful.

Thanks,
Gareth

Good Morning. Thank you for posting your question.

Apologies for the late reply. Yes you are right, the PENDING status can be checked with a maximum time limit of 5 mins. However we have observed that the status gets changed within a min for us when we hit the endpoint again. We have observed that it changes within less than 6 secs in some cases where your file is of less MB. However the maximum time limit is 5 mins is the expectation.

I Hope this clarifies your query.