When using a remote blobstore, such as AWS, the response is a redirect to the actual location of the bits. If the client is automatically following redirects, then the OAuth token that was used to communicate with Cloud Controller will be replayed on the new redirect request. Some blobstores may reject the request in that case. Clients may need to follow the redirect without including the OAuth token.
GET /v2/apps/ad194247-1892-48c5-bdce-f44f168af21a/droplet/download
Name | Description | Valid Values | Example Values |
---|---|---|---|
guid | The guid of the App |
|
|
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTUiLCJlbWFpbCI6ImVtYWlsLTVAc29tZWRvbWFpbi5jb20iLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLmFkbWluIl0sImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIl0sImV4cCI6MTQ2NjAwODg4MX0.rOD63AAqjnJVEqsKg4uE6ZUUjnZgrc5sx5sCJUg0VKo Host: example.org Cookie:
curl "https://api.[your-domain.com]/v2/apps/ad194247-1892-48c5-bdce-f44f168af21a/droplet/download" -X GET \ -H "Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoidWFhLWlkLTUiLCJlbWFpbCI6ImVtYWlsLTVAc29tZWRvbWFpbi5jb20iLCJzY29wZSI6WyJjbG91ZF9jb250cm9sbGVyLmFkbWluIl0sImF1ZCI6WyJjbG91ZF9jb250cm9sbGVyIl0sImV4cCI6MTQ2NjAwODg4MX0.rOD63AAqjnJVEqsKg4uE6ZUUjnZgrc5sx5sCJUg0VKo" \ -H "Host: example.org" \ -H "Cookie: "
302 Found
Content-Type: application/json;charset=utf-8 Location: https://cc-droplets.s3.amazonaws.com/ad/19/ad194247-1892-48c5-bdce-f44f168af21a/679de4171f04676c0270fd6daf8c67b77dc0c175?X-Amz-Expires=3600&X-Amz-Date=20160608T164121Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=fake_aws_key_id/20160608/us-east-1/s3/aws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=6d8dba0c02388f37142dfc9164a3424c93c512c82e8f45758e4611b5209a2e9e X-VCAP-Request-ID: 7c899a4e-1dd3-4b7c-b18b-b19e83e39931 Content-Length: 0 X-Content-Type-Options: nosniff