When using a remote blobstore, such as AWS, the response is a redirect to the actual location of the bits. If the client is automatically following redirects, then the OAuth token that was used to communicate with Cloud Controller will be replayed on the new redirect request. Some blobstores may reject the request in that case. Clients may need to follow the redirect without including the OAuth token.
GET /v2/apps/bca5b084-9dfb-46b4-b737-6740d7bdc53b/download
| Name | Description | Valid Values | Example Values |
|---|---|---|---|
| guid | The guid of the App |
|
|
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTciLCJlbWFpbCI6ImVtYWlsLTdAc29tZWRvbWFpbi5jb20iLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLmFkbWluIl0sImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIl0sImV4cCI6MTQ2NjAwODg4MX0.v9F5y42WJH-IgwdhsNAycQVLFnwqNTotoga3fr_1zDs Host: example.org Cookie:
curl "https://api.[your-domain.com]/v2/apps/bca5b084-9dfb-46b4-b737-6740d7bdc53b/download" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTciLCJlbWFpbCI6ImVtYWlsLTdAc29tZWRvbWFpbi5jb20iLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLmFkbWluIl0sImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIl0sImV4cCI6MTQ2NjAwODg4MX0.v9F5y42WJH-IgwdhsNAycQVLFnwqNTotoga3fr_1zDs" \ -H "Host: example.org" \ -H "Cookie: "
302 Found
Content-Type: application/json;charset=utf-8 Location: https://cc-packages.s3.amazonaws.com/bc/a5/bca5b084-9dfb-46b4-b737-6740d7bdc53b?X-Amz-Expires=3600&X-Amz-Date=20160608T164121Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=fake_aws_key_id/20160608/us-east-1/s3/aws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=9a034edc8f5f3af9005a8f8490722e0109c0bb777c19f4ee6e234897138425cc X-VCAP-Request-ID: fd5860ef-5a2d-4d5d-96f8-38b7799bf957 Content-Length: 0 X-Content-Type-Options: nosniff