How to Use Basic Authentication With cURL?

Best practices

Always use HTTPS instead of HTTP when using basic authentication with cURL to ensure your credentials are encrypted during transmission.
Store your credentials in environment variables instead of hard coding them directly in your scripts to enhance security.
Use base64 encoding for your credentials when manually constructing the Authorization header to comply with the HTTP Basic Authentication standard.
Regularly rotate your passwords and update your cURL commands accordingly to minimize security risks.

# Basic cURL with username and password
curl -L -d "username=admin&password=pass123" https://quotes.toscrape.com/login

# Using cURL with the -H option for the Authorization header
curl -H "Authorization: Basic $(echo -n 'admin:pass123' | base64)" https://example.com

# Storing credentials in an environment variable and using it in the cURL command
export USERPWD="admin:pass123" 
curl -u $USERPWD https://api.example.com

# Encode credentials to base64 manually and use in header
export ENCODED=$(echo -n 'admin:pass123' | base64)
curl -H "Authorization: Basic $ENCODED" https://example.com

# Using cURL with --basic to enforce basic authentication
curl --basic -u "admin:pass123" https://api.example.com

Common issues

Ensure the base64 utility is available on your system to avoid errors when manually encoding credentials for the Authorization header.
Double-check the syntax and spacing in your cURL command, especially around quotation marks and colons, to prevent authentication failures.
Avoid using special characters in usernames or passwords that might not be properly URL-encoded unless they are handled correctly in the script.
Test your cURL commands in a secure environment before deploying them in production to ensure they work as expected without exposing sensitive information.

### Example 1: Ensure the base64 utility is available
# Good Example:
# Check if base64 is available and then use it

command -v base64
# Will output the directory of base64.

# Alternatively, you can try to test it:

echo "test" | base64

# Bad Example:
# Using base64 without checking if it's available


### Example 2: Correct syntax and spacing in cURL command
# Good Example:
# Properly formatted cURL command

curl -L -d "username=admin&password=pass123" https://quotes.toscrape.com/login

# Bad Example:
# Incorrect spacing leading to authentication error

curl -L -d"username=admin&password=pass123" https://quotes.toscrape.com/login


### Example 3: Handling special characters in credentials
# Good Example:
# URL-encode special characters in credentials

curl -L -d "username=$(echo -n 'admin!' | jq -sRr @uri)&password=$(echo -n 'pass#123' | jq -sRr @uri)" https://quotes.toscrape.com/login 

# Bad Example:
# Special characters not handled, may cause failure

curl -L -d "username=admin!&password=pass#123" https://quotes.toscrape.com/login


### Example 4: Testing cURL commands in a secure environment
# Good Example:
# Use a test environment URL to ensure safety

curl -H "Authorization: Basic $(echo -n 'admin:pass123' | base64)" https://test.example.com

# Bad Example:
# Directly using production URL without testing

curl -H "Authorization: Basic $(echo -n 'admin:pass123' | base64)" https://example.com