CLI
curl Cheatsheet
Quick reference for curl commands including GET, POST, headers, authentication, cookies, file upload, and debugging options.
Basic Requests
| Command | Description |
|---|---|
curl https://example.com | Simple GET request |
curl -o file.html https://example.com | Save to file |
curl -O https://example.com/file.zip | Save with remote filename |
curl -L https://example.com | Follow redirects |
curl -s https://example.com | Silent mode (no progress) |
curl -S https://example.com | Show errors in silent mode |
curl -sS https://example.com | Silent but show errors |
HTTP Methods
# GET (default)
curl https://api.example.com/users
# POST
curl -X POST https://api.example.com/users
# PUT
curl -X PUT https://api.example.com/users/1
# PATCH
curl -X PATCH https://api.example.com/users/1
# DELETE
curl -X DELETE https://api.example.com/users/1
# HEAD (headers only)
curl -I https://example.comSending Data
# POST with form data
curl -d "name=Alice&age=30" https://api.example.com/users
# POST with JSON
curl -X POST https://api.example.com/users \
-H "Content-Type: application/json" \
-d '{"name": "Alice", "age": 30}'
# POST with JSON from file
curl -X POST https://api.example.com/users \
-H "Content-Type: application/json" \
-d @data.json
# URL-encoded data (explicit)
curl --data-urlencode "name=Alice Smith" https://api.example.com/users
# Send raw data from stdin
echo '{"key":"value"}' | curl -d @- https://api.example.com/dataHeaders
# Set custom header
curl -H "Authorization: Bearer token123" https://api.example.com
# Multiple headers
curl -H "Accept: application/json" \
-H "X-Custom: value" \
https://api.example.com
# Show response headers
curl -i https://example.com
# Show only response headers
curl -I https://example.comAuthentication
# Basic auth
curl -u username:password https://api.example.com
# Bearer token
curl -H "Authorization: Bearer token123" https://api.example.com
# API key in header
curl -H "X-API-Key: key123" https://api.example.com
# Netrc file
curl -n https://api.example.com # Uses ~/.netrcCookies
# Send cookies
curl -b "session=abc123" https://example.com
# Save cookies to file
curl -c cookies.txt https://example.com
# Load cookies from file
curl -b cookies.txt https://example.com
# Save and send cookies (session persistence)
curl -c cookies.txt -b cookies.txt https://example.comFile Upload
# Upload file (multipart form)
curl -F "file=@photo.jpg" https://api.example.com/upload
# Upload with field name and filename
curl -F "avatar=@photo.jpg;filename=profile.jpg" https://api.example.com/upload
# Multiple files
curl -F "file1=@a.txt" -F "file2=@b.txt" https://api.example.com/upload
# Upload with additional form fields
curl -F "file=@photo.jpg" -F "description=My photo" https://api.example.com/upload
# PUT upload (raw)
curl -T file.txt https://api.example.com/files/file.txtDebugging & Verbose
# Verbose output
curl -v https://example.com
# Extra verbose (includes hex dump)
curl --trace - https://example.com
# Trace to file
curl --trace trace.log https://example.com
# Show timing information
curl -w "time_total: %{time_total}s\n" -o /dev/null -s https://example.com
# Write-out format variables
curl -w "\n%{http_code}\n%{size_download}\n%{time_total}\n" -sS https://example.comWrite-Out Variables
| Variable | Description |
|---|---|
%{http_code} | HTTP status code |
%{time_total} | Total time in seconds |
%{time_connect} | Time to connect |
%{time_starttransfer} | Time to first byte |
%{size_download} | Downloaded bytes |
%{size_upload} | Uploaded bytes |
%{url_effective} | Final URL (after redirects) |
%{redirect_url} | Redirect URL |
%{content_type} | Content-Type header |
%{num_redirects} | Number of redirects |
SSL / TLS
# Skip certificate verification (insecure)
curl -k https://self-signed.example.com
# Use specific CA certificate
curl --cacert /path/to/ca.pem https://example.com
# Client certificate
curl --cert client.pem --key client-key.pem https://example.comProxy
# HTTP proxy
curl -x http://proxy:8080 https://example.com
# SOCKS5 proxy
curl --socks5 localhost:1080 https://example.com
# Proxy with auth
curl -x http://user:pass@proxy:8080 https://example.com
# No proxy for specific hosts
curl --noproxy "localhost,127.0.0.1" https://example.comDownload
# Download with progress bar
curl -# -O https://example.com/large-file.zip
# Resume interrupted download
curl -C - -O https://example.com/large-file.zip
# Limit download speed
curl --limit-rate 1M -O https://example.com/file.zip
# Timeout
curl --connect-timeout 5 --max-time 30 https://example.com
# Retry
curl --retry 3 --retry-delay 2 https://example.comUseful Combinations
# Pretty-print JSON response
curl -s https://api.example.com/data | jq .
# POST JSON and pretty-print response
curl -sS -X POST https://api.example.com/data \
-H "Content-Type: application/json" \
-d '{"key":"value"}' | jq .
# Download multiple files
curl -O https://example.com/file[1-5].txt
# Check if URL is reachable
curl -sS --head --fail https://example.com > /dev/null && echo "OK" || echo "FAIL"