Click any command to expand the explanation and examples.
📡 Basic Requests
curl <url> — GET request basics
# Simple GET curl https://api.example.com/usersSave output to file
curl -o output.json https://api.example.com/users
Follow redirects
curl -L https://example.com
Silent mode (no progress bar)
curl -s https://api.example.com/users
Silent but show errors
curl -sS https://api.example.com/users
curl -X POST — POST request basics
# POST with JSON body
curl -X POST https://api.example.com/users \
-H "Content-Type: application/json" \
-d '{"name": "Alice", "email": "alice@example.com"}'
POST form data
curl -X POST https://example.com/login
-d “username=alice&password=secret”
POST from a file
curl -X POST https://api.example.com/data
-H “Content-Type: application/json”
-d @payload.json
PUT, PATCH, DELETE basics
# PUT (full update)
curl -X PUT https://api.example.com/users/1 \
-H "Content-Type: application/json" \
-d '{"name": "Alice Updated"}'
PATCH (partial update)
curl -X PATCH https://api.example.com/users/1
-H “Content-Type: application/json”
-d ’{“name”: “Alice Updated”}‘
DELETE
curl -X DELETE https://api.example.com/users/1
📋 Headers
-H "Header: Value" headers
# Single header curl -H "Accept: application/json" https://api.example.comMultiple headers
curl -H “Content-Type: application/json”
-H “Accept: application/json”
-H “X-Custom-Header: value”
https://api.example.comSee response headers
curl -I https://example.com # Headers only (HEAD request) curl -i https://example.com # Headers + body curl -v https://example.com # Full verbose output
🔐 Authentication
Bearer token / API key auth
# Bearer token (OAuth, JWT) curl -H "Authorization: Bearer YOUR_TOKEN" \ https://api.example.com/meAPI key in header
curl -H “X-API-Key: YOUR_KEY”
https://api.example.com/dataAPI key as query parameter
-u user:pass — Basic auth auth
# Basic authentication curl -u username:password https://api.example.comPrompt for password (don’t put it in command)
curl -u username https://api.example.com
Using .netrc file
curl —netrc https://api.example.com
📁 File Upload & Download
-F — file upload (multipart) files
# Upload a file curl -X POST https://api.example.com/upload \ -F "file=@photo.jpg"Upload with extra fields
curl -X POST https://api.example.com/upload
-F “file=@photo.jpg”
-F “description=My photo”
-F “tags=vacation”Upload multiple files
curl -X POST https://api.example.com/upload
-F “files=@photo1.jpg”
-F “files=@photo2.jpg”
Download files files
# Save with specific name curl -o myfile.zip https://example.com/file.zipSave with original filename
curl -O https://example.com/file.zip
Resume interrupted download
curl -C - -O https://example.com/large-file.zip
Download with progress bar
curl -# -O https://example.com/file.zip
Limit download speed
curl —limit-rate 1M -O https://example.com/file.zip
🍪 Cookies
-b / -c — send and save cookies cookies
# Send a cookie curl -b "session=abc123" https://example.comSave cookies to file
curl -c cookies.txt https://example.com/login
-d “user=alice&pass=secret”Send cookies from file
curl -b cookies.txt https://example.com/dashboard
Save and send (session flow)
curl -c cookies.txt -b cookies.txt https://example.com
🔧 Debugging & Troubleshooting
-v — verbose output debug
# See everything (request + response headers) curl -v https://api.example.comEven more detail
curl —trace - https://api.example.com
Write debug to file
curl —trace-ascii debug.txt https://api.example.com
Show timing info
curl -w “\nTime: %{time_total}s\nHTTP: %{http_code}\n”
-s https://example.com
-w — custom output format debug
# Show response code only
curl -s -o /dev/null -w "%{http_code}" https://example.com
Detailed timing
curl -s -o /dev/null -w ”
DNS: %{time_namelookup}s
Connect: %{time_connect}s
TLS: %{time_appconnect}s
Start: %{time_starttransfer}s
Total: %{time_total}s
HTTP Code: %{http_code}
” https://example.com
SSL / TLS options debug
# Skip SSL verification (dev only!) curl -k https://self-signed.example.comUse specific CA certificate
curl —cacert /path/to/ca.pem https://example.com
Client certificate
curl —cert client.pem —key client-key.pem https://example.com
Force TLS version
curl —tlsv1.2 https://example.com
⚡ Common Patterns
JSON API workflow pattern
# GET + pretty print with jq curl -s https://api.example.com/users | jq .POST + check response
curl -s -X POST https://api.example.com/users
-H “Content-Type: application/json”
-d ’{“name”: “Alice”}’ | jq .Chain: create then fetch
ID=$(curl -s -X POST https://api.example.com/users
-H “Content-Type: application/json”
-d ’{“name”: “Alice”}’ | jq -r ‘.id’)curl -s https://api.example.com/users/$ID | jq .
Retry and timeout pattern
# Set timeout (seconds) curl --connect-timeout 5 --max-time 30 https://example.comRetry on failure
curl —retry 3 —retry-delay 2 https://example.com
Retry on specific HTTP codes
curl —retry 3 —retry-all-errors https://example.com
Proxy pattern
# HTTP proxy curl -x http://proxy:8080 https://example.comSOCKS5 proxy
curl —socks5 localhost:1080 https://example.com
No proxy for specific hosts
curl —noproxy “localhost,127.0.0.1” https://example.com