Custom Route doesn't pass OAuth token via app.api.fileDownload()


I made a custom route to be able to download file via link (e.g. sent in email notification). I made a custom API endpoint for that, which shouldn't be accessible without login (noLoginRequired parameter in registerApiRest() shouldn't be true). The issue is, that I get {"error":"need_login","error_message":"No valid authentication for user."} although Sugar gets loaded first, MegaMenu renders and then the app.api.fileDownload() function is called. The JS code is here:

(function(app){'router:init', function() {
        var routes = [
                route: 'directDownload/:id',
                name: 'directDownload',
                callback: function() {
                    var getParams = {
                        platform: app.config.platform,
                        filename: '',
                    var id = arguments[0];
                    var url = app.api.buildURL('directDownload/' + id, null, getParams);
                            success: function () {
                                app.router.navigate('Home', {trigger: true});
                            error: function (data) {
                      'download_failed', {level: 'error', title: 'Download failed'});
                        {iframe: self.$el}

I tried to achieve the same with custom layout JS code (with URL /#Notes/:id/layout/:layout_name). I thought it will load later after some helpful (e.g. init) functions were triggered. But i got same results.

Am I missing something? Why isn't the token passed? I use the fileDownload function within Sugar on a button event and it works as expected.


Jakub V.