Curl Option for Digest Authentication
This article explains the specific command-line option required to
use Digest Access Authentication with curl. It provides a
straightforward guide on how to implement the --digest
flag, combine it with user credentials, and execute secure HTTP
requests.
To use Digest Authentication in curl, you must use the
--digest option.
By default, curl defaults to Basic Authentication when credentials
are provided. Adding the --digest flag tells curl to use
the more secure Digest Authentication protocol, which prevents sending
passwords in plain text by using cryptographic hashing.
How to Use the
--digest Option
To perform a request using Digest Authentication, combine the
--digest flag with the -u (or
--user) option to specify your credentials.
curl --digest -u username:password https://api.example.com/protected-resourceIn this command: * --digest enables the Digest
Authentication method. * -u username:password passes the
login credentials to the server.
Prompting for Passwords Securely
If you prefer not to leave your password in your terminal history, you can omit the password from the command. Curl will prompt you to enter it securely.
curl --digest -u username https://api.example.com/protected-resourceUsing --anyauth
as an Alternative
If you do not know whether the destination server requires Digest or
Basic authentication, you can use the --anyauth option.
This tells curl to automatically negotiate with the server and select
the most secure authentication method available.
curl --anyauth -u username:password https://api.example.com/protected-resource