In this article, I am going to show you how to use basic authentication with cURL.


Getting started

Basic authentication is a method of specifying a user and password by adding the Authorization header to an HTTP request. This header is in the form of Authorization: Basic <token>, where token is the base64 encoding of user:password.

To perform an HTTP request, you can use the following command with cURL:

$ curl

In the following sections, you will see how easy to use basic authentication when performing an HTTP request.

Let’s go!

Method #1: Using URL encoding

You just need to add the text user:[email protected] before the host name in the URL:

$ curl https://user:[email protected]

Behind the scenes, cURL automatically converts the credential to the Authorization header then adds this header to the HTTP request.

At first glance, this may be the most attractive method because you do not have to add any additional options. But there are 3 reasons why I do not recommend it:

  • First, it makes the URL ugly.
  • Second, it is not supported by all clients.
  • Lastly, it is deprecated by modern browsers.

This method works perfectly with cURL. What I have mentioned is just additional information for you.

Method #2: Using the “-u” option

cURL provides -u or --user option to let you set the credential.

$ curl -u user:password

Method #3: Using the “Authorization” header

Setting up then adding the Authorization header to the HTTP request is a method that can be used by any client, not only cURL.

$ curl -H "Authorization: Basic $(echo -n 'user:password' | base64)"


  • The command echo -n 'user:password' | base64 encodes the credential to the base64 encoding.
  • -H is a cURL’s option that lets you add a header to the HTTP request


Using basic authentication with cURL is super easy, right?