What does '--user' mean with curl
Late to the party, but here goes...
You can use curl with the -v
(verbose) parameter to see the headers sent. You will then see that the information provided with --user is transformed into a header, such as:
Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
The text after the Basic
keyword is a base64 encoded text string of the username:password combination provided with the --user
parameter
To manually generate the base64 encoded credentials on Linux, you can simply call:
echo -n "username:password" | base64 -w0
For windows, save the "username:password" to a file, then use certutil.exe to create a base64 encoded file:
certutil -encode credentials.txt credentials.asc
To test this end to end, you can remove --user username:password
and substitute with --header Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
and it will still authenticate just fine.
In summary, to do this manually without curl, you would need to base64 encode username:password
combination. You would then need to set the HTTP Authorization
header with the type as Basic
along with the base64 encoded string.
--user
parameter in curl used for server authentication. So if you don't define authentication type via other parameters like --digest or --negotiate, it means USER parameter for http basic authentication, it also could be combined with :PASSWORD chunk to set a password as well. The full answer on your question depends on what kind authentication is used behind API you are sending request to, and maybe curl would not be enough for it, as it support a limited set of authentication schemes ...