Set Auth Header in cURL

By | December 28, 2018

If it comes to testing REST APIs I’m a big fan of Postman. But for quick and command line testing I always prefer to use cURL. For developing and testing protected endpoints we need to pass an authorization header. How can we do this with cURL?

Example of using Bearer tokens:

$ curl -H "Authorization: Bearer <ACCESS_TOKEN>"

Example request (invalid token):

$ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Impha3ViQHdwLnBsIiwiaXNzIjoiY291cnNlIn0.wwRWNypw0tLkhnyKPQZ7RSIOlGuwZx3eFEIz2A7r6Ji" http://localhost:8000/protected


{"message":"signature is invalid","status":401}

Example request (valid token):


More information about jwt tokens and authentication mechanism: