What is Curl?
Curl (Client URL) is a command-line tool that can transfer data to/from a server using a number of network protocols, including HTTP, HTTPS, SCP, SFTP, FTP, and works on almost any platform, including Linux, Windows, and macOS. Curl is used for API testing, has built-in support for proxies, SSL, HTTP Cookies, certificate validation, user authentication.
What is HTTP Authentication?
HTTP Authentication is the process that determines whether the client is authorized to access the requested resource. HTTP supports authentication from the box to restrict access to protected resources.
What is Basic Authentication?
Basic Authentication is an authentication method built into the HTTP protocol. Basic Authentication is based on base64 encoded text and sends the username and password obfuscated but utterly readable by anyone listening on the network between you and the remote server. For security reasons, Basic Authentication should only be used in conjunction with other security mechanisms such as HTTPS and SSL.
What are Credentials?
Credentials are cookies, authorization headers, TLS client certificates, by which a client obtains credentials from a service or user and secures this information for future presentation of the authentication purpose. Credentials used in authentication are digital documents that associate a user's identity with some form of proof of identities, such as a certificate or password.
How to make Curl request with Credentials
To tell Curl to send a request with HTTP authentication, you need to pass the credentials using the -u/-user command-line option and separate the username and password with a colon.
Server response to our Curl with Credentials request:
What is Proxy Authentication?
Proxy Authentication is a built-in HTTP mechanism that prevents unauthorized use of the proxy server. Proxy Authentication blocks the client's requests until the user provides valid credentials to access the proxy. To Authenticate Proxies with Curl, you need to use the -U/--proxy-user command-line options and provide credentials, separated by colons.
Cookie-based authentication: what does it entail?