diff --git a/src/apps.js b/src/apps.js
index bd8dd8b12..6c10eb4c2 100644
--- a/src/apps.js
+++ b/src/apps.js
@@ -53,6 +53,7 @@ exports = module.exports = {
     backup,
     listBackups,
 
+    getTask,
     getLocalLogfilePaths,
     getLogs,
 
@@ -934,6 +935,13 @@ async function listByUser(user) {
     return result.filter((app) => canAccess(app, user));
 }
 
+async function getTask(app) {
+    assert.strictEqual(typeof app, 'object');
+
+    if (!app.taskId) return null;
+    return await tasks.get(app.taskId);
+}
+
 async function downloadManifest(appStoreId, manifest) {
     if (!appStoreId && !manifest) throw new BoxError(BoxError.BAD_FIELD, 'Neither manifest nor appStoreId provided');
 
diff --git a/src/routes/apps.js b/src/routes/apps.js
index 06c8b16b3..7ece1d3a9 100644
--- a/src/routes/apps.js
+++ b/src/routes/apps.js
@@ -11,6 +11,7 @@ exports = module.exports = {
     exportApp,
     backup,
     update,
+    getTask,
     getLogs,
     getLogStream,
     listEventlog,
@@ -826,3 +827,13 @@ async function checkForUpdates(req, res, next) {
     await updateChecker.checkForUpdates({ automatic: false }); // appId argument is ignored for the moment
     next(new HttpSuccess(200, { update: updateChecker.getUpdateInfo() }));
 }
+
+async function getTask(req, res, next) {
+    assert.strictEqual(typeof req.app, 'object');
+
+    const [error, result] = await safe(apps.getTask(req.app));
+    if (error) return next(BoxError.toHttpError(error));
+    if (result === null) return next(new HttpError(400, 'No active task'));
+
+    next(new HttpSuccess(200, result));
+}
diff --git a/src/server.js b/src/server.js
index f03eb6134..d0c878e07 100644
--- a/src/server.js
+++ b/src/server.js
@@ -234,6 +234,7 @@ function initializeExpressSync() {
     router.get ('/api/v1/apps/:id/logstream',                          token, routes.apps.load, authorizeOperator, routes.apps.getLogStream);
     router.get ('/api/v1/apps/:id/logs',                               token, routes.apps.load, authorizeOperator, routes.apps.getLogs);
     router.get ('/api/v1/apps/:id/eventlog',                           token, routes.apps.load, authorizeOperator, routes.apps.listEventlog);
+    router.get ('/api/v1/apps/:id/task',                               token, routes.apps.load, authorizeOperator, routes.apps.getTask);
     router.get ('/api/v1/apps/:id/graphs',                             token, routes.apps.load, authorizeOperator, routes.graphs.getGraphs); // TODO: restrict to app graphs
     router.post('/api/v1/apps/:id/clone',                        json, token, routes.apps.load, authorizeAdmin, routes.apps.clone);
     router.get ('/api/v1/apps/:id/download',                           token, routes.apps.load, authorizeOperator, routes.apps.downloadFile);