Set Auth Header in cURL

By | December 28, 2018

If it comes to testing REST APIs I’m a big fan of Postman. But for quick and command line testing I always prefer to use cURL. For developing and testing protected endpoints we need to pass an authorization header. How can we do this with cURL?

Example of using Bearer tokens:

$ curl -H "Authorization: Bearer <ACCESS_TOKEN>" http://www.example.com

Example request (invalid token):

$ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Impha3ViQHdwLnBsIiwiaXNzIjoiY291cnNlIn0.wwRWNypw0tLkhnyKPQZ7RSIOlGuwZx3eFEIz2A7r6Ji" http://localhost:8000/protected

Response:

{"message":"signature is invalid","status":401}

Example request (valid token):

Success!

More information about jwt tokens and authentication mechanism: