Sortix cross-nightly manual
This manual documents Sortix cross-nightly. You can instead view this document in the latest official manual.
CURLOPT_HTTPAUTH(3) | Library Functions Manual | CURLOPT_HTTPAUTH(3) |
NAME
CURLOPT_HTTPAUTH - HTTP server authentication methods to trySYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPAUTH, long bitmask);
DESCRIPTION
Pass a long as parameter, which is set to a bitmask, to tell libcurl which authentication method(s) you want it to use speaking to the remote server.- CURLAUTH_BASIC
- HTTP Basic authentication. This is the default choice, and the only method that is in wide-spread use and supported virtually everywhere. This sends the username and password over the network in plain text, easily captured by others.
- CURLAUTH_DIGEST
- HTTP Digest authentication. Digest authentication is defined in RFC 2617 and is a more secure way to do authentication over public networks than the regular old-fashioned Basic method.
- CURLAUTH_DIGEST_IE
- HTTP Digest authentication with an IE flavor. Digest authentication is defined in RFC 2617 and is a more secure way to do authentication over public networks than the regular old-fashioned Basic method. The IE flavor is simply that libcurl uses a special "quirk" that IE is known to have used before version 7 and that some servers require the client to use.
- CURLAUTH_BEARER
-
HTTP Bearer token authentication, used primarily in OAuth 2.0 protocol.
- CURLAUTH_NEGOTIATE
-
HTTP Negotiate (SPNEGO) authentication. Negotiate authentication is defined in RFC 4559 and is the most secure way to perform authentication over HTTP.
- CURLAUTH_NTLM
-
HTTP NTLM authentication. A proprietary protocol invented and used by Microsoft. It uses a challenge-response and hash concept similar to Digest, to prevent the password from being eavesdropped.
- CURLAUTH_NTLM_WB
-
Support for this is removed since libcurl 8.8.0.
- CURLAUTH_ANY
- This is a convenience macro that sets all bits and thus makes libcurl pick any it finds suitable. libcurl automatically selects the one it finds most secure.
- CURLAUTH_ANYSAFE
- This is a convenience macro that sets all bits except Basic and thus makes libcurl pick any it finds suitable. libcurl automatically selects the one it finds most secure.
- CURLAUTH_ONLY
- This is a meta symbol. OR this value together with a single specific auth value to force libcurl to probe for unrestricted auth and if not, only that single auth algorithm is acceptable.
- CURLAUTH_AWS_SIGV4
- provides AWS V4 signature authentication on HTTPS header see CURLOPT_AWS_SIGV4(3).
DEFAULT
CURLAUTH_BASICPROTOCOLS
This functionality affects http onlyEXAMPLE
int main(void)
{
CURL *curl = curl_easy_init();
if(curl) {
CURLcode ret;
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
/* allow whatever auth the server speaks */
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_ANY);
curl_easy_setopt(curl, CURLOPT_USERPWD, "james:bond");
ret = curl_easy_perform(curl);
}
}
HISTORY
CURLAUTH_DIGEST_IE was added in 7.19.3AVAILABILITY
Added in curl 7.10.6RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_NOT_BUILT_IN if the bitmask specified no supported authentication methods.SEE ALSO
CURLOPT_PASSWORD(3), CURLOPT_PROXYAUTH(3), CURLOPT_USERNAME(3)2024-11-24 | libcurl |