Request Endpoints

You can access Google Cloud Storage through three request endpoints (URIs). Which one you use depends on the operation you are performing.

Typical API Requests

You can use the following URLs to access an object:

XML API<bucket>/<object>
JSON API<bucket>/o/<object-encoded-as-URL-path-segment>?alt=media

These URLs support secure sockets layer (SSL) encryption, which means you can use either HTTP or HTTPS. If you authenticate to the Google Cloud Storage API using OAuth 2.0, you should use HTTPS.

CNAME Redirects

A CNAME redirect is a special DNS record that lets you use a URL from your own domain to access a resource (bucket and object) in Google Cloud Storage without revealing the Google Cloud Storage URI. To do this, you must use the following URI in the host name portion of your CNAME record:

For example, let's assume your domain is and you want to make travel maps available to your customers. You could create a bucket in Google Cloud Storage called, and then create a CNAME record in DNS that redirects requests from to the Google Cloud Storage URI. To do this, you publish the following CNAME record in DNS: CNAME

By doing this, your customers can use the following URL to access a map of Paris:

Authenticated Browser Downloads

The Google Cloud Storage authentication and authorization models support authenticated browser downloads, which lets a user download data through their browser if they are logged in to their Google account and they have been granted permission to read the data. Authenticated browser downloads use cookie-based Google account authentication in conjunction with Google account-based ACLs. To download an object using cookie-based authentication you must use the following URL:<bucket>/<object>

For more information about authenticated browser downloads, see Cookie-based Authentication.

Monitor your resources on the go

Get the Google Cloud Console app to help you manage your projects.

Send feedback about...

Cloud Storage Documentation