# Download a file

Download the binary content of a file using a signed URL token.

Serves the raw file content with the correct `Content-Type` header. Authentication is handled via a signed token in the query parameters rather than an `Authorization` header, making this endpoint compatible with browser-native resource loading (e.g., `<img src="...">`, `<a href="...">`).

**Important:** Do not call this endpoint directly. Instead, use the [Get file content URL](/docs/api-reference/files/content) endpoint to obtain a signed download URL, then use that URL to fetch the file.

#### Path Parameters

**`organization_id`** string required

The unique identifier of the organization.

**`file_id`** string required

The unique identifier of the file (format: `file_*`).

#### Query Parameters

**`token`** string required

The HMAC-signed download token. Obtained from the [Get file content URL](/docs/api-reference/files/content) endpoint.

**`expires`** integer required

Unix timestamp when the token expires. Tokens are valid for 1 hour from creation.

## Returns

The raw file bytes with the appropriate `Content-Type` header (e.g., `image/png`, `application/pdf`). The response includes a `Cache-Control: private, max-age=3600` header.

## Errors

| Status | Code | Description |
|  --- | --- | --- |
| 401 | `TOKEN_INVALID` | The token is invalid, expired, or was signed for a different file |
| 404 | `FILE_NOT_FOUND` | The file does not exist or has been deleted |


Usage

```bash cURL
# Step 1: Get the signed download URL (authenticated)
CONTENT=$(curl -s https://api.aitronos.com/v1/organizations/org_123/files/file_abc123/download \
  -H "X-API-Key: $FREDDY_API_KEY")

DOWNLOAD_URL=$(echo $CONTENT | jq -r '.download_url')

# Step 2: Download the file (no auth header needed)
curl -o downloaded_file.png "$DOWNLOAD_URL"
```


```python Python SDK
from aitronos import Aitronos

client = Aitronos(api_key="your-api-key")

# Step 1: Get the signed content URL
content = client.files.get_file_content("org_abc123", "file_abc123")

# Step 2: Download using the signed token
result = client.files.download_file_content(
    "org_abc123",
    "file_abc123",
    token=content.token,
    expires=content.expires,
)
```


```python Python
import os
import requests

api_key = os.environ["FREDDY_API_KEY"]
org_id = "org_123"
file_id = "file_abc123"

# Step 1: Get the signed download URL
download_url_endpoint = f"https://api.aitronos.com/v1/organizations/{org_id}/files/{file_id}/download"
content_resp = requests.get(download_url_endpoint, headers={"X-API-Key": api_key})
download_url = content_resp.json()["download_url"]

# Step 2: Download the file (no auth header needed)
file_resp = requests.get(download_url)
with open("downloaded_file.png", "wb") as f:
    f.write(file_resp.content)
```


```html HTML
<!-- The download_url can be used directly in HTML tags -->
<img src="https://api.aitronos.com/v1/organizations/org_123/files/file_abc/download?token=a1b2c3...&expires=1771664140" />
```

Response

```text 200 OK
HTTP/1.1 200 OK
Content-Type: image/png
Content-Disposition: inline; filename="report.png"
Cache-Control: private, max-age=3600

[raw file bytes]
```


```json 401 Unauthorized
{
  "success": false,
  "error": {
    "code": "TOKEN_INVALID",
    "message": "The download link has expired or is invalid.",
    "system_message": "Token invalid or expired",
    "type": "client_error",
    "status": 401,
    "details": {},
    "trace_id": "2fbbf3b6-51a1-4f1b-88e2-c00e8b52fbb8",
    "timestamp": "2025-11-02T08:21:45Z"
  }
}
```

## Related Resources

- [Get File Content URL](/docs/api-reference/files/content)
- [Retrieve File](/docs/api-reference/files/retrieve)
- [Upload File](/docs/api-reference/files/upload)
- [File Object](/docs/api-reference/objects/file-object)