How do I make a request using HTTP basic authentication with PHP curl?

php curl authentication token
php basic authentication example
php basic auth curl
php authentication methodologies
php curl authorization header
php curl post
php curl get request
php rest api basic authentication

I'm building a REST web service client in PHP and at the moment I'm using curl to make requests to the service.

How do I use curl to make authenticated (http basic) requests? Do I have to add the headers myself?

You want this:

curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);  

Zend has a REST client and zend_http_client and I'm sure PEAR has some sort of wrapper. But its easy enough to do on your own.

So the entire request might look something like this:

$ch = curl_init($host);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', $additionalHeaders));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadName);
$return = curl_exec($ch);

How do I make a request using HTTP basic , HTTP post with PHP & CURL using basic authentication and following I have tried to look at what is happening using strace and gdb with the PHP: Using cURL with Basic HTTP Authentication. This is a short PHP tutorial on how to use cURL to make a Basic Access Authentication request. In this post, I will show you how to configure PHP’s cURL functions to access a web resource that is protected by basic HTTP authentication.

CURLOPT_USERPWD basically sends the base64 of the user:password string with http header like below:

Authorization: Basic dXNlcjpwYXNzd29yZA==

So apart from the CURLOPT_USERPWD you can also use the HTTP-Request header option as well like below with other headers:

$headers = array(
    'Authorization: Basic '. base64_encode("user:password") // <---
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

HTTP post with PHP & CURL using basic authentication and , This is part 2 of how to connect to an API using cURL in php, as I received a Some API's only allow POST or GET requests if you use an auth-token. try{ $.​post({ type: 'POST', url: '',  Once the user has filled in a username and a password, the URL containing the PHP script will be called again with the predefined variables PHP_AUTH_USER, PHP_AUTH_PW, and AUTH_TYPE set to the user name, password and authentication type respectively. These predefined variables are found in the $_SERVER array.

The most simple and native way it's to use CURL directly.

This works for me :

$login = 'login';
$password = 'password';
$url = 'http://your.url';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_USERPWD, "$login:$password");
$result = curl_exec($ch);

cURL API calls with authentication in php (GET POST), In order to get HTTP Authentication to work using IIS server with the CGI version of PHP you Here HTTP request header Authorization would be acessible as  HTTP basic authentication is a simple challenge and response mechanism with which a server can request authentication information (a user ID and password) from a client. The client passes the authentication information to the server in an Authorization header.

Unlike SOAP, REST isn't a standardized protocol so it's a bit difficult to have a "REST Client". However, since most RESTful services use HTTP as their underlying protocol, you should be able to use any HTTP library. In addition to cURL, PHP has these via PEAR:


which replaced


A sample of how they do HTTP Basic Auth

// This will set credentials for basic auth
$request = new HTTP_Request2('');

The also support Digest Auth

// This will set credentials for Digest auth
$request->setAuth('user', 'password', HTTP_Request2::AUTH_DIGEST);

HTTP authentication with PHP - Manual, Basic curl example I wrote the following to see if a submitted URL has a valid http response code and also if it Also I add support server auth. and fixed some little bugs on the script. Here you have a function that I use to get the content of a URL using cURL: function @param array $header The other request header I need to build a proxy for a Flash Player project I'm working on. I simply need to make a HTTP GET request with HTTP-Basic authentication to another URL, and serve the response from PHP as if the PHP file was the original source. How can I do this?

If the authorization type is Basic auth and data posted is json then do like this


$data = array("username" => "test"); // data u want to post                                                                   
$data_string = json_encode($data);                                                                                   
 $api_key = "your_api_key";   
 $password = "xxxxxx";                                                                                                                 
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, "https://xxxxxxxxxxxxxxxxxxxxxxx");    
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");  
curl_setopt($ch, CURLOPT_POST, true);                                                                   
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);                                                                  
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);     
curl_setopt($ch, CURLOPT_USERPWD, $api_key.':'.$password);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(   
    'Accept: application/json',
    'Content-Type: application/json')                                                           

if(curl_exec($ch) === false)
    echo 'Curl error: ' . curl_error($ch);
$errors = curl_error($ch);                                                                                                            
$result = curl_exec($ch);
$returnCode = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
echo $returnCode;
print_r(json_decode($result, true));

cURL - Manual, CURL and PHP combined can be really useful for getting data from websites, is the url to connect to and $username and $password contain your authorization details: Array ( [url] => http://www.testing.local/auth/ [content_type] => text/html  Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional. If you simply specify the user name, curl will prompt for a password. The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option.

Sending a username and password with PHP CURL, Here's how you do HTTP basic authentication with curl and PHP: example (get the list of passwords) with an API request using this type of authentication:  Basic curl example Once you've compiled PHP with cURL support, you can begin using the cURL functions. The basic idea behind the cURL functions is that you initialize a cURL session using the curl_init() , then you can set all your options for the transfer via the curl_setopt() , then you can execute the session with the curl_exec() and then you finish off your session using the curl_close() .

API: Authentication, client in PHP and at the moment I'm using curl to make requests to the service. How do I use curl to make authenticated (http basic) requests? All source code included in the card How to send HTTP requests using cURL is licensed under the license stated below. This includes both code snippets embedded in the card text and code that is included as a file attachment.

How do I make a request using HTTP basic , Connected to webservice.local ( port 80 (#0); * Server auth using Basic with user 'student'; > GET /app_test.php/api/student HTTP/1.1  If Curl is not there in your system you can install it from this URL How to Use Curl for HTTP Requests. I have built 2 REST API Endpoints using NodeJS. One endpoint supports GET request and the other endpoint supports POST request. In this article, we will be calling the GET and POST endpoints using Curl.

  • This worked better then setting the user and password separately
  • This method of passing a custom auth header instead of using CURLOPT_USERPWD worked for me.
  • By REST client I mean something that abstracts away some of the low level details of using curl for http get, post, put, delete etc. which is what I'm doing by building my own php class to do this; I'm wondering if someone has already done this.
  • Yes, then HTTP_Request_2 may be of interest to you. It abstracts away a lot of the ugliest of cUrl in PHP. To set the method you use, setMethod(HTTP_Request2::METHOD_*). With PUT and POSTs, to set the body of the request you just setBody(<<your xml,json,etc. representation here>>). Authentication described above. It also has abstractions for the HTTP Response (something that cUrl really lacks).