> ## Documentation Index
> Fetch the complete documentation index at: https://docs.artosai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Proxy Presigned File

> Stream a file via backend using a presigned S3 URL. Useful when clients cannot access S3 directly (for example, VPN-restricted browsers). The URL is validated to allow only S3 hosts.



## OpenAPI

````yaml /api-reference/openapi-v1.json get /api/v1/proxy/file
openapi: 3.0.0
info:
  title: Artos API
  description: API for document generation, template management, and document organization
  version: 1.0.0
  contact:
    name: Artos Support
    email: internal@artosai.com
servers:
  - url: https://api.artosai.com
    description: Production server
  - url: http://localhost:8000
    description: Local development server
security:
  - bearerAuth: []
paths:
  /api/v1/proxy/file:
    get:
      tags:
        - Files
      summary: Proxy Presigned File
      description: >-
        Stream a file via backend using a presigned S3 URL. Useful when clients
        cannot access S3 directly (for example, VPN-restricted browsers). The
        URL is validated to allow only S3 hosts.
      operationId: proxyPresignedFile
      parameters:
        - name: presigned_url
          in: query
          required: true
          schema:
            type: string
          description: Fully-qualified, URL-encoded S3 presigned URL to proxy
      responses:
        '200':
          description: File streamed successfully
          content:
            application/octet-stream:
              schema:
                type: string
                format: binary
        '403':
          description: 'Forbidden: only S3 URLs are allowed'
        '410':
          description: Expired or invalid presigned URL
        '422':
          description: Missing or invalid `presigned_url` query parameter
        '500':
          description: Internal server error while proxying file
        '502':
          description: Failed to fetch file from upstream
      security: []
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: Bearer token authentication. Token provides organization-scoped access.

````