Download file from share link using API

I have share link to folder with files i need to download and password.
There is no problem in doing so by browser, but i need to do so from Java.
I’m able to retrive info by using GET cloud seafile com/api2/d/{token}/dir/ - “List Direntry in Dir Download Link”
What’s should i do next? API documentation says i need token to download files.

To download files you can just call GET cloud seafile com/api2/d/{token}/files/?p=%2Ffolder%2Ffile.ext&dl=1

It says 404
File is located inside root folder so i’m using
file.txt- file name
token is the same as for riest request

When downloading via browser i can see its sending GET request to
It works. But it works after few other requests which include using sfcsrftoken in Cookies, csrfmiddlewaretoken from html response and finally sessionid - required cookie for file downloading

Is this the right way? I dont like parsing html for csrfmiddlewaretoken
Where i can read API description for your solution?

No it works. No cookies and nothing required. Do not send anything extra just GET the url where token is the id of the share. It’ll send a 302 and by following that you’ll get the file.

Unfortunately I can’t get it to work
So… if i’m able to download file via browser by
GET /d/{token}/files/?p=%2FText.txt&dl=1
it sends back 302 as you said

and i’m able to view files in directory by
GET /api2/d/{token}/dir/?password={password}

i should be able to download by
GET /api2/d/{token}/files/?p=%2FText.txt&dl=1

Right? Do i understand correctly?

Tokens are all the same
For now it sends me back html page with “Sorry, but the requested page could not be found”

Oh, maybe without api2? Just go in your browser and hover over the download icon of a file. It shows the link.

It is a working link via browser
GET /d/{token}/files/?p=%2FText.txt
It leads to preview page with download button that uses
GET /d/{token}/files/?p=%2FText.txt&dl=1
It works

The thing is, If I use link with &dl=1 without any browser cookies, for example, from Postman, the answer is HTML page with “Please input the password if you want to browse the shared file/directory” and 200 as status.

Tried adding &password={password} - same response
Just for the science, i’m tried POST with same link - html with 403 and “CSRF verification failed. Request aborted” inside

So this is about downloading a password protected file via share link?

In that case I think you need to GET /d/token/, then POST csrfmiddlewaretoken=value from page (from the page), token=yourtoken and password=sharepassword and then send your sessionid cookie with the download request.

TLDR: I don’t think you get around grabbing the csrf token from the page.

Yes. I said it in my first post

Yes, it works - it is how my browser handles file downloading

Well… Thank you for clarifying!

1 Like

There is a way without scraping html page:

  1. Request download link from, API documentation see Seafile Server
  2. Download file with returned link

Voilà, can fetch file from code.