Performing Authenticated Browser Downloads

This page describes how Cloud Storage users can download content from their browser by logging in to their Google account. This type of access uses browser cookies to verify a user's identity.

Prerequisites

Before a user can perform an authenticated browser download, they must be granted permission to download the object. When granting a user permission, they are identified using their Google account.

To grant a user access to download an image in one of your Cloud Storage storage buckets:

  1. Give the user the URL to access the image. In this case, something similar to: https://storage.cloud.google.com/[BUCKET_NAME]/[OBJECT_NAME]
  2. If they are not logged in to their Google account, they will be prompted to sign in.

When the user clicks the URL in their browser, they are automatically prompted to sign in to their Google account (if they're not already logged in). After they are authenticated, and their browser has acquired a cookie with an encapsulated identity token, they are redirected to the object in the Cloud Storage repository. Cloud Storage then verifies that the user is allowed to read the object, and the object is downloaded to the user's computer.

The following figure shows how the authentication process for browser-based authenticated downloads works.

Diagram showing cookie authentication

Var denne side nyttig? Giv os en anmeldelse af den:

Send feedback om...

Har du brug for hjælp? Besøg vores supportside.