Skip to main content

Download File

GET/api/v1/users/me/files/:id/download

Returns a short-lived signed download URL (15-minute TTL) for the attachment. Re-fetch on demand rather than caching the URL.

cv-api-key + Bearer accessToken
Productionhttps://api.care360-next.carevalidate.com/api/v1/users/me/files/{id}/download
Staginghttps://api-staging.care360-next.carevalidate.com/api/v1/users/me/files/{id}/download

Headers

Headers
cv-api-keystringrequired

Your unique API key for authentication.

Authorizationstringrequired

Bearer access token from /verify-otp.

Path Parameters

Path Parameters
idstringrequired

Attachment UUID.

Example: 550e8400-e29b-41d4-a716-446655440000

Behavior

The same uniform-404 rules from /metadata apply. A missing bucket-side object (DB row exists, bucket file does not) propagates as a top-level internal error.

Response Shape

FieldTypeNotes
downloadUrlstringShort-lived signed URL into the GCS bucket (V4 read action).
fileNamestringThe current file name to use as the download filename.
expiresInnumber900 (seconds). Matches the 15-minute signed-URL TTL.

Example Request

curl -X GET '<BASE_URL>/api/v1/users/me/files/<id>/download' \
-H 'cv-api-key: <redacted>' \
-H 'Authorization: Bearer <accessToken>'

Responses

200Success
{
  "status": 200,
  "success": true,
  "data": {
    "downloadUrl": "https://storage.googleapis.com/...&X-Goog-Expires=900",
    "fileName": "lab-result.pdf",
    "expiresIn": 900
  }
}
400Validation error
{
  "status": 400,
  "success": false,
  "error": "Validation failed",
  "code": "VALIDATION_ERROR"
}
401Authentication failure
{
  "status": 401,
  "success": false,
  "error": "Invalid or expired token",
  "code": "VALIDATION_ERROR"
}
404File not found
{
  "status": 404,
  "success": false,
  "error": "File not found",
  "code": "VALIDATION_ERROR"
}

Try It Out