Google Cloud Storage

Request URIs

You can access Google Cloud Storage through three request endpoints (URIs). Which one you use depends on the operation you are performing.

Note: The Google Cloud Storage URIs described in this document are subject to change.


  1. URIs for Standard Requests
  2. URI for CNAME Redirects
  3. URI for Authenticated Browser Downloads

URIs for Standard Requests

For most operations you can use either of the following URLs to access objects:<bucket>/<object>


Both forms support secure sockets layer (SSL) encryption, which means you can use either HTTP or HTTPS.

Note: If there are two or more leading consecutive forward slashes when you specify the bucket name, all the slashes will be treated as a single forward slash. For example, if you specify a URL of<bucket>/<object>, Google Storage will treat it as<bucket>/<object>.

URI for CNAME Redirects

If you are using a CNAME alias to redirect requests, you must use a special URI to access Google Cloud Storage. A CNAME redirect is a special DNS record that lets you use a URL from your own domain to access a resource (bucket and object) in Google Cloud Storage without revealing the Google Cloud Storage URI. To do this, you must use the following URI in the host name portion of your CNAME record:

For example, let's assume your domain is and you want to make travel maps available to your customers. You could create a bucket in Google Cloud Storage called, and then create a CNAME record in DNS that redirects requests from to the Google Cloud Storage URI. To do this, you publish the following CNAME record in DNS: CNAME

By doing this, your customers can use the following URL to access a map of Paris:

Note: You can only use a CNAME redirect with HTTP, not with HTTPS.

URI for Authenticated Browser Downloads

The Google Cloud Storage authentication and authorization models support authenticated browser downloads for users who do not have Google Cloud Storage accounts. Authenticated browser downloads use cookie-based Google account authentication in conjunction with Google account-based ACLs. To download an object using cookie-based authentication you must use the following URL:<bucket>/<object>.

We recommend using HTTPS for authentication browser downloads, but both HTTP and HTTPS are supported. For more information about authenticated browser downloads, see Cookie-based Authentication in Authentication.

Note: All requests to the URI require authentication. This is true even if an object's ACL grants READ permission to the AllUsers group. If you want users to download anonymously accessible objects without authenticating, use the URI.

Back to top

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.