diff --git a/controller/sharecontroller.php b/controller/sharecontroller.php
index 23aeb256..24b92f0a 100644
--- a/controller/sharecontroller.php
+++ b/controller/sharecontroller.php
@@ -469,8 +469,8 @@ class ShareController extends ApiController {
 		} catch (DoesNotExistException $e){
 			return new NotFoundJSONResponse();
 		}
-
-		$acl = $this->shareService->getACL($this->userId->getUID(), $credential->getGuid());
+		$userId = ($this->userId) ? $this->userId->getUID() : null;
+		$acl = $this->shareService->getACL($userId, $credential->getGuid());
 		if (!$acl->hasPermission(SharingACL::FILES)){
 			return new NotFoundJSONResponse();
 		} else {
diff --git a/js/app/controllers/public_shared_credential.js b/js/app/controllers/public_shared_credential.js
index c333cc3d..20e18afd 100644
--- a/js/app/controllers/public_shared_credential.js
+++ b/js/app/controllers/public_shared_credential.js
@@ -9,20 +9,18 @@
 	 * Controller of the passmanApp
 	 */
 	angular.module('passmanApp')
-		.controller('PublicSharedCredential', ['$scope', 'ShareService', '$window', function ($scope, ShareService, $window) {
-			$scope.test = 'hello world';
-			//@TODO Add download files
+		.controller('PublicSharedCredential', ['$scope', 'ShareService', '$window', 'EncryptService', 'NotificationService', function ($scope, ShareService, $window, EncryptService, NotificationService) {
+			var _key;
 			$scope.loading = false;
 			$scope.loadSharedCredential = function () {
 				$scope.loading = true;
 				var data = window.atob($window.location.hash.replace('#', '')).split('<::>');
 				var guid = data[0];
-				var _key = data[1];
+				_key = data[1];
 				ShareService.getPublicSharedCredential(guid).then(function (sharedCredential) {
 					$scope.loading = false;
 					if (sharedCredential.status === 200) {
-						var _credential = ShareService.decryptSharedCredential(sharedCredential.data.credential_data, _key);
-						$scope.shared_credential = _credential;
+						$scope.shared_credential = ShareService.decryptSharedCredential(sharedCredential.data.credential_data, _key);
 					} else {
 						$scope.expired = true;
 					}
@@ -30,5 +28,17 @@
 				});
 
 			};
+
+			$scope.downloadFile = function (credential, file) {
+				ShareService.downloadSharedFile(credential, file).then(function (result) {
+					var key = null;
+					if (!result.hasOwnProperty('file_data')) {
+						NotificationService.showNotification('Error downloading file, you probably don\'t have enough permissions', 5000);
+						return;
+					}
+					var file_data = EncryptService.decryptString(result.file_data, _key);
+					download(file_data, escapeHTML(file.filename), file.mimetype);
+				});
+			};
 		}]);
 }());
diff --git a/templates/public_share.php b/templates/public_share.php
index 3f13d58d..d5fc815e 100644
--- a/templates/public_share.php
+++ b/templates/public_share.php
@@ -22,6 +22,7 @@ script('passman', 'vendor/angular-xeditable/xeditable.min');
 script('passman', 'vendor/sha/sha');
 script('passman', 'vendor/llqrcode/llqrcode');
 script('passman', 'vendor/forge.0.6.9.min');
+script('passman', 'vendor/download');
 script('passman', 'lib/promise');
 script('passman', 'lib/crypto_wrap');
 
@@ -138,7 +139,7 @@ style('passman', 'public-page');
 						</td>
 						<td>
 							<div ng-repeat="file in shared_credential.files"
-								 class="link" ng-click="downloadFile(file)">
+								 class="link" ng-click="downloadFile(shared_credential, file)">
 								{{file.filename}} ({{file.size | bytes}})
 							</div>
 						</td>