When using a remote blobstore, such as AWS, the response is a redirect to the actual location of the bits. If the client is automatically following redirects, then the OAuth token that was used to communicate with Cloud Controller will be replayed on the new redirect request. Some blobstores may reject the request in that case. Clients may need to follow the redirect without including the OAuth token.
GET /v2/apps/f815ae61-1cb8-48e4-8441-c7d25d457f97/droplet/download
Name | Description | Valid Values | Example Values |
---|---|---|---|
guid | The guid of the App |
|
|
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTMxNSIsImVtYWlsIjoiZW1haWwtMjExQHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5hZG1pbiJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NjM2MTg3MjF9.Oxhv1XIO2Jn63YeO51Wzf2UswXuK5s39feeYJeNcyso Host: example.org Cookie:
curl "https://api.[your-domain.com]/v2/apps/f815ae61-1cb8-48e4-8441-c7d25d457f97/droplet/download" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTMxNSIsImVtYWlsIjoiZW1haWwtMjExQHNvbWVkb21haW4uY29tIiwic2NvcGUiOlsiY2xvdWRfY29udHJvbGxlci5hZG1pbiJdLCJhdWQiOlsiY2xvdWRfY29udHJvbGxlciJdLCJleHAiOjE0NjM2MTg3MjF9.Oxhv1XIO2Jn63YeO51Wzf2UswXuK5s39feeYJeNcyso" \ -H "Host: example.org" \ -H "Cookie: "
302 Found
Content-Type: application/json;charset=utf-8 Location: https://cc-droplets.s3.amazonaws.com/f8/15/f815ae61-1cb8-48e4-8441-c7d25d457f97/679de4171f04676c0270fd6daf8c67b77dc0c175?X-Amz-Expires=3600&X-Amz-Date=20160512T004521Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=fake_aws_key_id/20160512/us-east-1/s3/aws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=e1668e4631ce7d25729d9a8d1fb102138a23801aceac74b8dcdfb26028542d2f X-VCAP-Request-ID: 1632abd5-edbc-4249-be80-12d0390f8235 Content-Length: 0 X-Content-Type-Options: nosniff