Curl cheat sheet
Summary
This curl cheat sheet and quick reference quide provides essential commands and options for making HTTP requests, transferring files, debugging connections, and working with APIs.
Introduction #
curl (Client URL) is a command-line utility used for transferring data with URL syntax. It supports various protocols including Hypertext Transfer Protocol (HTTP), Hypertext Transfer Protocol Secure (HTTPS), File Transfer Protocol (FTP), Secure Copy Protocol (SCP), and more.
You can use curl to send requests, download or upload files, test endpoints, or interact with Representational State Transfer (REST) Application Programming Interfaces (APIs).
Synopsis #
The general syntax of the curl command is:
curl [options...] <URL>
Basic usage #
curl https://example.com
With options #
curl -X POST -H "Content-Type: application/json" -d '{"key":"value"}' https://api.example.com/data
With multiple URLs #
curl https://example.com https://example.org
Quick reference guide #
Options #
| command | description |
|---|---|
-v | Enables verbose output, useful for debugging. |
-s | Runs curl silently without progress meter or error messages. |
-o <filename> | Writes output to the given file name. |
-O | Saves the file with the same name as in the URL. |
-L | Follows redirects. |
-I | Fetches only the headers from the server. |
--limit-rate <speed> | Limits the download speed, e.g., --limit-rate 500k. |
--compressed | Requests a compressed response (gzip, deflate). |
-C - | Resumes a previous download (auto-finds offset). |
-x <proxy> | Uses a proxy (e.g., -x http://proxy:8080). |
-u <user:password> | Specifies username and password for authentication. |
--proxy-user <user:pw> | Specifies proxy credentials. |
-m <seconds> | Maximum time allowed for the transfer (e.g., -m 30 for 30 seconds). |
--retry <num> | Retries failed requests a specified number of times. |
--retry-delay <secs> | Waits between retries (e.g., --retry-delay 5). |
-w <format> | Custom output after completion (e.g., -w "%{http_code}"). |
-T <file> | Uploads a file (e.g., -T file.txt ftp://example.com/). |
--trace <file> | Logs detailed debug info to a file (includes raw data). |
--resolve <host:port:addr> | Forces resolution of a host:port to an IP (e.g., --resolve example.com:443:1.2.3.4). |
Request #
| command | description |
|---|---|
-X GET | Makes a GET request. This is the default method. |
-X POST | Makes a POST request. |
-X PUT | Makes a PUT request. |
-X DELETE | Makes a DELETE request. |
-X PATCH | Makes a PATCH request. |
--head | Fetches headers only, same as -I. |
Data #
| command | description |
|---|---|
-d "<data>" | Sends data in a POST request. |
--data-urlencode | URL-encodes the data before sending. |
--data-binary | Sends binary data without any processing. |
-F "<key>=<value>" | Sends form data, including file uploads. |
Header information #
| command | description |
|---|---|
-H "<header>" | Adds a custom header to the request. |
-A "<user-agent>" | Sets the user-agent string. |
-b "<cookie>" | Sends cookies with the request. |
-c <cookie-file> | Saves received cookies to a file. |
SSL/TLS #
| command | description |
|---|---|
--cacert <file> | Uses a specific Certificate Authority (CA) certificate file. |
--cert <file> | Uses a specific client certificate file. |
--key <keyfile> | Specifies a private key for the client certificate. |
-k, --insecure | Skips SSL certificate verification. |
--tlsv1.2 | Forces curl to use Transport Layer Security (TLS) 1.2. |
HTTP/2 and HTTP/3 #
| Command | Description |
|---|---|
--http2-prior-knowledge | Uses HTTP/2 without HTTP/1.1 Upgrade. |
--http3 | Uses HTTP/3 (if curl is built with support). |
Authentication #
| Command | Description |
|---|---|
--negotiate | Uses SPNEGO (GSS-API) authentication. |
--oauth2-bearer <token> | Sends OAuth 2.0 Bearer Token. |
Cookies #
| Command | Description |
|---|---|
-j, --junk-session-cookies | Discards session cookies when reading from a file. |
-J, --remote-header-name | Uses the filename from the Content-Disposition header. |
Networking #
| Command | Description |
|---|---|
--connect-timeout <sec> | Maximum time for connection establishment. |
--interface <name/ip> | Binds to a specific network interface. |
--local-port <range> | Forces specific local port(s) (e.g., --local-port 4000-5000). |
Output Control #
| Command | Description |
|---|---|
-D <file> | Writes response headers to a file. |
--stderr <file> | Redirects stderr to a file. |
Configuration file #
| command | description |
|---|---|
--config <file> | Loads curl options from the specified config file. |
~/.curlrc | Default config file in the user’s home directory. |
-K <file> | Alternate form of --config. |
curl supports #
| feature | description |
|---|---|
| HTTP, HTTPS | Transfers using HTTP and HTTPS. |
| FTP, FTPS | Transfers files over FTP and FTP Secure. |
| SCP, SFTP | Transfers using Secure Copy and Secure File Transfer Protocols. |
| LDAP | Supports Lightweight Directory Access Protocol. |
| SMB | Supports Server Message Block protocol. |
| Proxy | Supports HTTP and SOCKS proxies. |
| IPv6 | Fully supports Internet Protocol version 6. |
| HTTP/2 | Can use HTTP/2 with --http2. |
| Authentication | Supports Basic, Digest, NTLM, Negotiate, and Bearer. |
curl command examples #
The following practical examples demonstrate common curl usage for web requests, file transfers, debugging, and API interactions.
Download a file #
curl -O https://example.com/file.txt
Download with authentication and custom filename #
curl -u username:password -o custom_name.zip https://example.com/secure-file.zip
Send a GET request #
curl https://api.example.com/data
Send a GET request with query parameters #
curl "https://api.example.com/search?q=term&limit=20"
Send a POST request with data #
curl -X POST -d "username=user&password=pass" https://example.com/login
Send a JSON payload #
curl -X POST -H "Content-Type: application/json" -d '{"key":"value"}' https://api.example.com/data
Send a PUT request with JSON from file #
curl -X PUT -H "Content-Type: application/json" -d @data.json https://api.example.com/update
Include headers in request #
curl -H "Authorization: Bearer TOKEN123" https://api.example.com/secure-data
Include multiple headers #
curl -H "Authorization: Bearer TOKEN123" -H "X-Custom-Header: value" https://api.example.com/data
Save output to a file #
curl -o result.html https://example.com
Follow redirects #
curl -L https://short.url/example
Use a proxy server #
curl -x socks5h://127.0.0.1:1080 https://example.com
Upload a file using form data #
curl -F "file=@/path/to/file.txt" https://example.com/upload
Upload multiple files and form fields #
curl -F "file=@document.pdf" -F "name=Document" -F "id=123" https://example.com/upload
Use SSL certificate and key #
curl --cert cert.pem --key key.pem https://secure.example.com
Ignore SSL certificate validation #
curl -k https://self-signed.example.com
Use a custom user-agent #
curl -A "CustomUserAgent/1.0" https://example.com
Fetch headers only #
curl -I https://example.com
Fetch both headers and body (verbose) #
curl -i https://example.com
Test response time (silent, no output) #
curl -w "Response: %{http_code}, Time: %{time_total}s\n" -o /dev/null -s https://example.com
Resume a failed download #
curl -C - -O https://example.com/large-file.zip
Use configuration file #
curl --config myconfig.txt
Debug a request (show full request/response) #
curl -v https://example.com/api
Save cookies to file and use them later #
curl -c cookies.txt https://example.com/login
curl -b cookies.txt https://example.com/dashboard
Limit download speed (e.g., 100KB/s) #
curl --limit-rate 100K -O https://example.com/large-file.iso
Send OAuth2 Bearer token #
curl -H "Authorization: Bearer ACCESS_TOKEN" https://api.example.com/protected
FAQ's #
Most common questions and brief, easy-to-understand answers on the topic:
What is curl used for?
curl is a command-line tool for transferring data using URL syntax. It supports multiple protocols like HTTP, HTTPS, FTP, and more.
Can curl send POST requests?
Yes. You can use the -X POST option along with -d or --data to send POST data.
How can I send headers with curl?
Use the -H option followed by the header string. For example: -H "Content-Type: application/json".
How do I ignore SSL certificate verification in curl?
Use the -k or --insecure option to allow curl to perform "insecure" SSL connections.
Does curl support configuration files?
Yes. Use --config to load settings from a file. The default file is .curlrc in the user home directory.
Further readings #
Sources and recommended, further resources on the topic:
Author
Jonas Jared Jacek (J15k)
Jonas works as project manager, web designer, and web developer since 2001. On top of that, he is a Linux system administrator with a broad interest in things related to programming, architecture, and design. See: https://www.j15k.com/License
Curl cheat sheet by Jonas Jared Jacek is licensed under CC BY-SA 4.0.
This license requires that reusers give credit to the creator. It allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, for noncommercial purposes only. To give credit, provide a link back to the original source, the author, and the license e.g. like this:
<p xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/"><a property="dct:title" rel="cc:attributionURL" href="https://www.ditig.com/curl-cheat-sheet">Curl cheat sheet</a> by <a rel="cc:attributionURL dct:creator" property="cc:attributionName" href="https://www.j15k.com/">Jonas Jared Jacek</a> is licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/" target="_blank" rel="license noopener noreferrer">CC BY-SA 4.0</a>.</p>For more information see the Ditig legal page.
