manpagez: man pages & more
Home | html | info | man
CURLOPT_HTTPAUTH(3)        curl_easy_setopt options        CURLOPT_HTTPAUTH(3)


       CURLOPT_HTTPAUTH - set HTTP server authentication methods to try


       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPAUTH, long bitmask);


       Pass  a  long  as parameter, which is set to a bitmask, to tell libcurl
       which authentication method(s) you want  it  to  use  speaking  to  the
       remote server.

       The  available  bits  are  listed  below.  If more than one bit is set,
       libcurl will first query the site to see which  authentication  methods
       it  supports  and  then pick the best one you allow it to use. For some
       methods, this will induce an extra network round-trip. Set  the  actual
       name  and  password with the CURLOPT_USERPWD(3) option or with the CUR-
       LOPT_USERNAME(3) and the CURLOPT_PASSWORD(3) options.

       For authentication with a proxy, see CURLOPT_PROXYAUTH(3).

              HTTP Basic authentication. This is the default choice,  and  the
              only  method  that is in wide-spread use and supported virtually
              everywhere. This sends the user name and password over the  net-
              work in plain text, easily captured by others.

              HTTP Digest authentication.  Digest authentication is defined in
              RFC2617 and is a more secure way to do authentication over  pub-
              lic networks than the regular old-fashioned Basic method.

              HTTP  Digest authentication with an IE flavor.  Digest authenti-
              cation is defined in RFC2617 and is a  more  secure  way  to  do
              authentication  over  public networks than the regular old-fash-
              ioned Basic method. The IE flavor is simply  that  libcurl  will
              use  a special "quirk" that IE is known to have used before ver-
              sion 7 and that some servers require the client to use.

              HTTP Bearer token authentication, used primarily  in  OAuth  2.0

              You    can   set   the   Bearer   token   to   use   with   CUR-

              HTTP Negotiate (SPNEGO) authentication. Negotiate authentication
              is  defined  in  RFC  4559 and is the most secure way to perform
              authentication over HTTP.

              You need to build libcurl with a  suitable  GSS-API  library  or
              SSPI on Windows for this to work.

              HTTP  NTLM  authentication.  A proprietary protocol invented and
              used by Microsoft. It uses a challenge-response and hash concept
              similar  to  Digest,  to  prevent the password from being eaves-

              You need to build libcurl with either  OpenSSL,  GnuTLS  or  NSS
              support  for  this  option  to work, or build libcurl on Windows
              with SSPI support.

              NTLM delegating to winbind helper. Authentication  is  performed
              by  a  separate binary application that is executed when needed.
              The name of the application is specified at compile time but  is
              typically /usr/bin/ntlm_auth

              Note  that  libcurl  will fork when necessary to run the winbind
              application and kill it  when  complete,  calling  waitpid()  to
              await  its  exit  when done. On POSIX operating systems, killing
              the process will cause a SIGCHLD signal to be raised (regardless
              of  whether  CURLOPT_NOSIGNAL(3)  is set), which must be handled
              intelligently by the application. In particular, the application
              must  not unconditionally call wait() in its SIGCHLD signal han-
              dler to avoid being subject to a race condition.  This  behavior
              is subject to change in future versions of libcurl.

              This  is  a  convenience macro that sets all bits and thus makes
              libcurl pick any it finds suitable. libcurl  will  automatically
              select the one it finds most secure.

              This  is a convenience macro that sets all bits except Basic and
              thus makes libcurl pick any  it  finds  suitable.  libcurl  will
              automatically select the one it finds most secure.

              This is a meta symbol. OR this value together with a single spe-
              cific auth value to force libcurl  to  probe  for  un-restricted
              auth  and if not, only that single auth algorithm is acceptable.






       CURL *curl = curl_easy_init();
       if(curl) {
         CURLcode ret;
         curl_easy_setopt(curl, CURLOPT_URL, "");
         /* allow whatever auth the server speaks */
         curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
         curl_easy_setopt(curl, CURLOPT_USERPWD, "james:bond");
         ret = curl_easy_perform(curl);


       Option Added in 7.10.6.

       CURLAUTH_DIGEST_IE was added in 7.19.3

       CURLAUTH_ONLY was added in 7.21.3

       CURLAUTH_NTLM_WB was added in 7.22.0

       CURLAUTH_BEARER was added in 7.61.0


       Returns CURLE_OK if the option is  supported,  CURLE_UNKNOWN_OPTION  if
       not,  or  CURLE_NOT_BUILT_IN  if  the  bitmask  specified  no supported
       authentication methods.



libcurl 7.61.0                   June 15, 2018             CURLOPT_HTTPAUTH(3)

curl 7.61.0 - Generated Thu Jul 26 07:44:37 CDT 2018
© 2000-2018
Individual documents may contain additional copyright information.