The asset streamer allows you to request files from assets. You must already have a valid access key to do this. However, some assets/formats can be published to NoSecurity destinations, which can be requested without authorization.
Suppose you are using asset APIs to get information about assets all these URLs will already be prebuilt for you. The prebuilt URLs encode a special signature so you can request them without passing additional authorization and without exposing the underlying access key if you use the URLs directly on a public webpage.
There are 2 Apis available:
Getting the asset source file
GET https://<my-dam>/digizuitecore/legacyservice/api/assetstream/{assetId}
Authorization: AccessKey <my-access-key>
Getting a specific format from an asset
GET https://<my-dam>/digizuitecore/legacyservice/api/assetstream/{assetId}/{mediaFormatId}
Authorization: AccessKey <my-access-key>
It is also possible to pass an extension to the URL in case you are working with a system that requires it. The extension passed is completely ignored by the API, so it doesn’t necessarily have to match the media format. Therefore, it is generally recommended not to pass the extension.
GET https://<my-dam>/digizuitecore/legacyservice/api/assetstream/{assetId}.{extension}
Authorization: AccessKey <my-access-key>
GET https://<my-dam>/digizuitecore/legacyservice/api/assetstream/{assetId}/{mediaFormatId}.{extension}
Authorization: AccessKey <my-access-key>