How to Use cURL to Send Bearer Token
This article provides a quick and straightforward guide on how to use the cURL command-line tool to send an OAuth 2.0 Bearer token in an HTTP request. You will learn the exact syntax required to include the authorization header and see practical examples of how to make secure API calls.
To authenticate an HTTP request using an OAuth 2.0 Bearer token with
cURL, you must pass the token inside the Authorization
header. This is achieved using the -H (or
--header) option.
The Basic Syntax
The standard format for sending a Bearer token is as follows:
curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" https://api.example.com/endpointReplace YOUR_ACCESS_TOKEN with your actual OAuth 2.0
token and the URL with your target API endpoint.
Key Components
-Hor--header: This flag tells cURL to send a custom header with the request.Authorization:: The name of the HTTP header used for credentials.Bearer: The authentication scheme. It must be followed by a single space and then the token.
Practical Examples
1. Making a GET Request
By default, cURL performs a GET request. To fetch data from a protected resource, use:
curl -H "Authorization: Bearer abcd1234xyz" https://api.example.com/v1/user/profile2. Making a POST Request with JSON Data
If you need to send data to a secure endpoint (such as creating a new
resource), you can combine the authorization header with a POST method
(-X POST) and a data payload (-d):
curl -X POST \
-H "Authorization: Bearer abcd1234xyz" \
-H "Content-Type: application/json" \
-d '{"name": "New Project", "description": "API Integration"}' \
https://api.example.com/v1/projects3. Using a Bash Variable for the Token
For security and convenience, especially in scripts, you can store your token in a variable:
TOKEN="abcd1234xyz"
curl -H "Authorization: Bearer $TOKEN" https://api.example.com/v1/dashboard