Created by browserling
These curl recipes were written down by me and my team at Browserling. We use recipes like this every day to get things done and improve our product. Browserling itself is an online cross-browser testing service powered by alien technology. Check it out!
Secret message: If you love my curl recipe, then I love you, too! Use coupon code CURLLING to get a discount at my company.
Curl get request (with authentication)
In most cases (I think) you need to add your auth-token to the url you’re using to make a valid API call. Again, you should be able to find this in the documentation of the API your using. In my example, if I want to make an API call, my link should look like this: api/get_all_reviews.php
Curl post request (with authentication)
Same for POST as with GET, we need to add our utoken (Auth-token) to the url. Here is an example of my POST link to the API, with my utoken: api/post_review.php
Generating an auth key
Some API’s only allow POST or GET requests if you use an auth-token. We need to generate this auth-token first, before we are allowed to make API calls. Normally the API docs should explain how you can generate their auth-token. In my example, I can generate an auth-token by posting my API client ID, client_secret and a login type to their API Auth file.
Here is how I can generate and use my auth-token, based on the cURL script of my part-1 tutorial. In this tutorial, I’ll be calling this file api/auth.php
How to use our auth-token?
Ok good, now we have an auth-token for our app… How do we use this?
No access-control-allow-origin header is present – (cors)
If you’re making JS calls to your own php-files, but your files are on a different server, please at following line at the top of each .php file you’re using:
Proper way to curl authorization: basic with a hash
This curl example works. The hash is a base64 encode of $username . ‘:’ . $password.
curl -H "Authorization: Basic b2ZmZXJib3NzqGdtYxlsLmNvbupHcmVtbdFuJA==" https://somedomain.com/login
The following PHP code does not work and returns “status” : “UNAUTHORIZED”, “typeName” : “badCredentials”, “typeCode” : [ 401, 0 ]
$hash = base64_encode($username . ":" . $password);
echo '<p>' . $hash . '</p>'; //hash works correct
$URL='https://somedomain.com/login';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$URL);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, $hash);
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); //get status code
$result=curl_exec ($ch);
curl_close ($ch);