basic authorization command for curl

CurlAuthorization

Curl Problem Overview

How do I set up the basic authorization using 64 encoded credentials ? I tried below the two commands but of no use , please suggest.

curl -i -H 'Accept:application/json' Authorization:Basic <username:password> http://example.com
curl -i -H 'Accept:application/json' Authorization:Basic.base64_encode(username:password) http://example.com

Curl Solutions

Solution 1 - Curl

> How do I set up the basic authorization?

All you need to do is use -u, --user USER[:PASSWORD]. Behind the scenes curl builds the Authorization header with base64 encoded credentials for you.

Example:

curl -u username:password -i -H 'Accept:application/json' http://example.com

Solution 2 - Curl

Use the -H header again before the Authorization:Basic things. So it will be

curl -i \
    -H 'Accept:application/json' \
    -H 'Authorization:Basic BASE64_string' \
    http://example.com

Here, BASE64_string = Base64 of username:password

Solution 3 - Curl

Background

You can use the base64 CLI tool to generate the base64 encoded version of your username + password like this:

$ echo -n "joeuser:secretpass" | base64
am9ldXNlcjpzZWNyZXRwYXNz

-or-

$ base64 <<<"joeuser:secretpass"
am9ldXNlcjpzZWNyZXRwYXNzCg==

Base64 is reversible so you can also decode it to confirm like this:

$ echo -n "joeuser:secretpass" | base64 | base64 -D
joeuser:secretpass

-or-

$ base64 <<<"joeuser:secretpass" | base64 -D
joeuser:secretpass

NOTE: username = joeuser, password = secretpass

Example #1 - using -H

You can put this together into curl like this:

$ curl -H "Authorization: Basic $(base64 <<<"joeuser:secretpass")" http://example.com
Example #2 - using -u

Most will likely agree that if you're going to bother doing this, then you might as well just use curl's -u option.

> $ curl --help |grep -- "--user " > -u, --user USER[:PASSWORD] Server user and password

For example:

$ curl -u someuser:secretpass http://example.com

But you can do this in a semi-safer manner if you keep your credentials in a encrypted vault service such as LastPass or Pass.

For example, here I'm using the LastPass' CLI tool, lpass, to retrieve my credentials:

$ curl -u $(lpass show --username example.com):$(lpass show --password example.com) \
     http://example.com
Example #3 - using curl config

There's an even safer way to hand your credentials off to curl though. This method makes use of the -K switch.

$ curl -X GET -K \
    <(cat <<<"user = \"$(lpass show --username example.com):$(lpass show --password example.com)\"") \
    http://example.com

When used, your details remain hidden, since they're passed to curl via a temporary file descriptor, for example:

+ curl -skK /dev/fd/63 -XGET -H 'Content-Type: application/json' https://es-data-01a.example.com:9200/_cat/health
++ cat
+++ lpass show --username example.com
+++ lpass show --password example.com
1561075296 00:01:36 rdu-es-01 green 9 6 2171 1085 0 0 0 0 - 100.0%

NOTE: Above I'm communicating with one of our Elasticsearch nodes, inquiring about the cluster's health.

This method is dynamically creating a file with the contents user = "<username>:<password>" and giving that to curl.

HTTP Basic Authorization

The methods shown above are facilitating a feature known as Basic Authorization that's part of the HTTP standard.

> When the user agent wants to send authentication credentials to the > server, it may use the Authorization field. > > The Authorization field is constructed as follows: > > 1. The username and password are combined with a single colon (:). > This means that the username itself cannot contain a colon. > 2. The resulting string is encoded into an octet sequence. The character set > to use for this encoding is by default unspecified, as > long as it is compatible with US-ASCII, but the server may suggest use > of UTF-8 by sending the charset parameter. > 3. The resulting string is encoded using a variant of Base64. > 4. The authorization method and a space (e.g. "Basic ") is then prepended to > the encoded string. > > For example, if the browser uses Aladdin as the username and > OpenSesame as the password, then the field's value is the > base64-encoding of Aladdin:OpenSesame, or QWxhZGRpbjpPcGVuU2VzYW1l. > Then the Authorization header will appear as: > > Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l

Source: Basic access authentication

Solution 4 - Curl

One way, provide --user flag as part of curl, as follows:

curl --user username:password http://example.com

Another way is to get Base64 encoded token of "username:password" from any online website like - https://www.base64encode.org/ and pass it as Authorization header of curl as follows:

curl -i -H 'Authorization:Basic dXNlcm5hbWU6cGFzc3dvcmQ=' http://localhost:8080/

Here, dXNlcm5hbWU6cGFzc3dvcmQ= is Base64 encoded token of username:password.

Solution 5 - Curl

It can happen for big Intranets, that you will need the base64(domain/user:password).

Solution 6 - Curl

>curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" http://localhost:7990/rest/api/1.0/projects

--note

base46 encode =ZnJlZDpmcmVk
Categories
Recommended Curl Solutions
Recommended Authorization Solutions

Previous Solution:

Recommended values for OpenCV detectMultiScale() parameters

C++OpencvCascade Classifier

Next Solution:

Update records using LINQ

C#LinqEntity Framework

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionAmit SharadView Question on Stackoverflow
Solution 1 - CurldeltheilView Answer on Stackoverflow
Solution 2 - CurlSabuj HassanView Answer on Stackoverflow
Solution 3 - CurlslmView Answer on Stackoverflow
Solution 4 - CurlArpit AggarwalView Answer on Stackoverflow
Solution 5 - CurlNikolai EhrhardtView Answer on Stackoverflow
Solution 6 - CurlFikalefazaView Answer on Stackoverflow