When using a remote blobstore, such as AWS, the response is a redirect to the actual location of the bits. If the client is automatically following redirects, then the OAuth token that was used to communicate with Cloud Controller will be replayed on the new redirect request. Some blobstores may reject the request in that case. Clients may need to follow the redirect without including the OAuth token.
GET /v2/apps/9379e790-196f-4031-ada6-620b185bdd7e/droplet/download
| Name | Description | Valid Values | Example Values |
|---|---|---|---|
| guid | The guid of the App |
|
|
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTkwIiwiZW1haWwiOiJlbWFpbC01N0Bzb21lZG9tYWluLmNvbSIsInNjb3BlIjpbImNsb3VkX2NvbnRyb2xsZXIuYWRtaW4iXSwiYXVkIjpbImNsb3VkX2NvbnRyb2xsZXIiXSwiZXhwIjoxNDUzMzEwOTczfQ.NNNXuNH5PHWSbNG5XrrlE9CNptYeH2N9Xbw7V3FChFw Host: example.org Cookie:
curl "https://api.[your-domain.com]/v2/apps/9379e790-196f-4031-ada6-620b185bdd7e/droplet/download" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTkwIiwiZW1haWwiOiJlbWFpbC01N0Bzb21lZG9tYWluLmNvbSIsInNjb3BlIjpbImNsb3VkX2NvbnRyb2xsZXIuYWRtaW4iXSwiYXVkIjpbImNsb3VkX2NvbnRyb2xsZXIiXSwiZXhwIjoxNDUzMzEwOTczfQ.NNNXuNH5PHWSbNG5XrrlE9CNptYeH2N9Xbw7V3FChFw" \ -H "Host: example.org" \ -H "Cookie: "
302 Found
Content-Type: application/json;charset=utf-8 Location: https://cc-droplets.s3.amazonaws.com/93/79/9379e790-196f-4031-ada6-620b185bdd7e/679de4171f04676c0270fd6daf8c67b77dc0c175?X-Amz-Expires=3600&X-Amz-Date=20160113T172933Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=fake_aws_key_id/20160113/us-east-1/s3/aws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=e0a2e3cbb7609870043df6d2a586b5f196acfd3f37ff67ae779fe44cde5f44ac X-VCAP-Request-ID: Content-Length: 0 X-Content-Type-Options: nosniff