> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lukittu.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Download Release

> The Classloader endpoint is used to download a release file. It is primarily intended for programming languages 
that support loading business logic code directly from a remote server into memory. For example, this is commonly used with Java classloaders.

The downloaded file is encrypted using the session key provided in the request. The client must decrypt the file using the same session key.




## OpenAPI

````yaml /api-reference/openapi.json get /api/v1/client/teams/{teamId}/verification/classloader
openapi: 3.0.1
info:
  title: Lukittu API
  description: >
    The Lukittu API provides comprehensive license management and verification
    services for software products.


    ## Authentication


    **Client Endpoints** (`/api/v1/client/*`): No authentication required. These
    are public endpoints for license verification.


    **Developer Endpoints** (`/api/v1/dev/*`): Require API key authentication
    via Bearer token.


    ## API Types


    - **Client API**: Used by your software to verify licenses, send heartbeats,
    and download releases

    - **Developer API**: Used for programmatic license management from your
    backend systems


    ## Rate Limiting


    All endpoints are rate-limited to prevent abuse. If you exceed the rate
    limit, you'll receive a 429 status code.


    ## Response Format


    All responses follow a consistent format with `data` and `result` objects:


    ```json

    {
      "data": {}, // Response data (null for errors)
      "result": {
        "timestamp": "2023-09-15T14:30:00Z",
        "valid": true,
        "details": "Human-readable message",
        "code": "SUCCESS_CODE" // Optional error/success code
      }
    }

    ```
  version: 1.0.0
  contact:
    name: Lukittu Community
    url: https://discord.lukittu.com
servers:
  - url: https://app.lukittu.com
    description: Production server
security: []
tags:
  - name: Client - Verify
    description: >
      Client endpoints for license verification, heartbeat monitoring, and file
      downloads.

      These endpoints are used directly by your software applications.
  - name: Dev - Licenses
    description: |
      Developer endpoints for license management operations.
      These endpoints require API key authentication.
  - name: Dev - Customers
    description: |
      Developer endpoints for customer management operations.
      These endpoints require API key authentication.
  - name: Dev - Releases
    description: |
      Developer endpoints for release management operations.
      These endpoints require API key authentication.
  - name: Dev - Statistics
    description: |
      Developer endpoints for retrieving team usage statistics.
      These endpoints require API key authentication.
paths:
  /api/v1/client/teams/{teamId}/verification/classloader:
    get:
      tags:
        - Client - Verify
      summary: Download Release
      description: >
        The Classloader endpoint is used to download a release file. It is
        primarily intended for programming languages 

        that support loading business logic code directly from a remote server
        into memory. For example, this is commonly used with Java classloaders.


        The downloaded file is encrypted using the session key provided in the
        request. The client must decrypt the file using the same session key.
      operationId: downloadRelease
      parameters:
        - $ref: '#/components/parameters/TeamId'
        - $ref: '#/components/parameters/LicenseKeyQuery'
        - $ref: '#/components/parameters/ProductIdRequired'
        - $ref: '#/components/parameters/SessionKey'
        - $ref: '#/components/parameters/HardwareIdentifier'
        - $ref: '#/components/parameters/Version'
        - $ref: '#/components/parameters/CustomerId'
        - $ref: '#/components/parameters/Branch'
      responses:
        '200':
          description: Successful response with encrypted file download
          headers:
            Content-Type:
              description: The MIME type of the file
              schema:
                type: string
              example: application/octet-stream
            X-File-Size:
              description: Size of the file in bytes
              schema:
                type: string
              example: '1048576'
            X-Product-Name:
              description: Name of the product
              schema:
                type: string
              example: My Software
            X-Release-Status:
              description: Status of the release
              schema:
                $ref: '#/components/schemas/ReleaseStatus'
              example: PUBLISHED
            X-Release-Created-At:
              description: Creation date of the release
              schema:
                type: string
                format: date-time
              example: '2023-09-15T14:30:00Z'
            X-File-Created-At:
              description: Creation date of the file
              schema:
                type: string
                format: date-time
              example: '2023-09-15T14:25:00Z'
            X-Version:
              description: Version of the release being downloaded
              schema:
                type: string
              example: 1.2.3
            X-Latest-Version:
              description: Latest version available (may differ from downloaded version)
              schema:
                type: string
              example: 1.2.4
            X-Lukittu-Version:
              description: Version of the Lukittu platform
              schema:
                type: string
              example: 2.1.0
            X-Main-Class:
              description: Main class name for Java JAR files
              schema:
                type: string
              example: com.example.Main
          content:
            application/octet-stream:
              schema:
                type: string
                format: binary
                description: Encrypted file content
        4XX:
          $ref: '#/components/responses/StandardError'
        5XX:
          $ref: '#/components/responses/StandardError'
      security: []
components:
  parameters:
    TeamId:
      name: teamId
      in: path
      required: true
      description: >-
        Your team's UUID. You can find this value in your team's settings on the
        Lukittu dashboard.
      schema:
        $ref: '#/components/schemas/UUID'
      example: 123e4567-e89b-12d3-a456-426614174000
    LicenseKeyQuery:
      name: licenseKey
      in: query
      required: true
      description: The Lukittu license key for verification.
      schema:
        $ref: '#/components/schemas/LicenseKey'
      example: ABCD1-EFGH2-IJKL3-MNOP4-QRST5
    ProductIdRequired:
      name: productId
      in: query
      required: true
      description: >-
        The product's UUID (UUID v4). Required to download the correct product
        release.
      schema:
        $ref: '#/components/schemas/UUID'
      example: 012e3456-e89b-12d3-a456-426614174333
    SessionKey:
      name: sessionKey
      in: query
      required: true
      description: >-
        A unique session identifier for encrypted file download. Must be
        encrypted using the team's public key.
      schema:
        $ref: '#/components/schemas/SessionKey'
      example: randomSessionKey123456789
    HardwareIdentifier:
      name: hardwareIdentifier
      in: query
      required: true
      description: >-
        A unique identifier for the client device. Typically a hardware ID that
        remains consistent across sessions.
      schema:
        $ref: '#/components/schemas/HardwareIdentifier'
      example: ABC123DEF456GHI789JKL012MNO345PQR678
    Version:
      name: version
      in: query
      required: false
      description: >-
        The version number of your software. Useful for tracking which releases
        are actively being used.
      schema:
        $ref: '#/components/schemas/Version'
      example: 1.2.3
    CustomerId:
      name: customerId
      in: query
      required: false
      description: >-
        The customer's UUID (UUID v4). Required if strict customers are enabled
        and the license has customers attached.
      schema:
        $ref: '#/components/schemas/UUID'
      example: 789e0123-e89b-12d3-a456-426614174222
    Branch:
      name: branch
      in: query
      required: false
      description: >-
        The branch name of your product. This allows targeting specific release
        branches.
      schema:
        $ref: '#/components/schemas/BranchName'
      example: main
  schemas:
    ReleaseStatus:
      type: string
      enum:
        - PUBLISHED
        - DRAFT
        - ARCHIVED
        - DEPRECATED
      description: Status of a product release
    UUID:
      type: string
      format: uuid
      description: UUID v4 identifier
    LicenseKey:
      type: string
      pattern: ^[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}$
      description: >-
        Lukittu license key format: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX where X is an
        uppercase letter (A-Z) or digit (0-9)
    SessionKey:
      type: string
      minLength: 10
      maxLength: 1000
      pattern: ^[^\s]+$
      description: >-
        Unique session identifier for encrypted file download (no spaces
        allowed)
    HardwareIdentifier:
      type: string
      minLength: 10
      maxLength: 1000
      pattern: ^[^\s]+$
      description: Unique hardware identifier for client device (no spaces allowed)
    Version:
      type: string
      minLength: 3
      maxLength: 255
      pattern: ^[^\s]+$
      description: Software version identifier (no spaces allowed)
    BranchName:
      type: string
      minLength: 2
      maxLength: 255
      pattern: ^[a-zA-Z0-9_-]+$
      description: Product branch name
    ErrorResponse:
      type: object
      properties:
        data:
          type: object
          description: Additional error-related data
          nullable: true
        result:
          allOf:
            - $ref: '#/components/schemas/StandardResult'
            - type: object
              properties:
                valid:
                  type: boolean
                  enum:
                    - false
                  description: Always false for error responses
                code:
                  type: string
                  description: Error code indicating the specific issue
                  enum:
                    - INTERNAL_SERVER_ERROR
                    - BAD_REQUEST
                    - LICENSE_NOT_FOUND
                    - IP_LIMIT_REACHED
                    - HWID_LIMIT_REACHED
                    - PRODUCT_NOT_FOUND
                    - CUSTOMER_NOT_FOUND
                    - LICENSE_EXPIRED
                    - LICENSE_SUSPENDED
                    - TEAM_NOT_FOUND
                    - RATE_LIMIT
                    - HARDWARE_IDENTIFIER_BLACKLISTED
                    - COUNTRY_BLACKLISTED
                    - IP_BLACKLISTED
                    - RELEASE_NOT_FOUND
                    - FORBIDDEN
                    - UNAUTHORIZED
                    - INVALID_SESSION_KEY
                    - NO_ACCESS_TO_RELEASE
                    - RELEASE_ARCHIVED
                    - RELEASE_DRAFT
              required:
                - code
      required:
        - result
    StandardResult:
      type: object
      properties:
        timestamp:
          type: string
          format: date-time
          description: Timestamp when the response was generated
        valid:
          type: boolean
          description: Indicates whether the operation was successful
        details:
          type: string
          description: Human-readable description of the result
      required:
        - timestamp
        - valid
        - details
  responses:
    StandardError:
      description: >
        Standard API error response. All errors follow the same `{data, result}`
        structure.

        The HTTP status code indicates the general error category, while
        `result.code` provides specific error details.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'

````