Knowledge

How to send GET and POST requests with curl

#CommandLine

Send GET and POST API requests with curl, including JSON bodies, form data, auth headers and bearer tokens, and how to inspect the response.

Published by Mark van Eijk on June 23, 2026 · 2 minute read

  1. Talking to APIs from the terminal
  2. GET requests
  3. POST requests
  4. Sending JSON
  5. Auth headers and bearer tokens
  6. Inspecting the response
  7. Saving the response

Talking to APIs from the terminal

When I'm building or debugging an API, curl is the first tool I reach for. It lets me fire requests straight from the terminal without opening a browser or a GUI client. Here's how I use it day to day. For the full reference, see my complete curl guide.

GET requests

A GET request is the default, so you only need the URL:

curl https://api.example.com/users

If you need query parameters, just append them to the URL. I like to use -G together with --data-urlencode so curl handles the encoding for me:

curl -G https://api.example.com/users \
  --data-urlencode "search=jane doe" \
  --data-urlencode "page=2"

POST requests

To send a POST, use -X POST and pass a body with -d (or --data). The presence of -d already implies POST, but I keep -X POST for clarity:

curl -X POST https://api.example.com/users \
  -d "name=Jane" \
  -d "email=jane@example.com"

That sends data as application/x-www-form-urlencoded, which is the classic HTML form encoding.

Sending JSON

Most modern APIs expect JSON. Set the Content-Type header with -H and pass the body with -d:

curl -X POST https://api.example.com/users \
  -H "Content-Type: application/json" \
  -d '{"name": "Jane", "email": "jane@example.com"}'

I wrap the JSON in single quotes so the double quotes inside survive the shell. For larger payloads, read the body from a file with -d @payload.json.

Auth headers and bearer tokens

Authentication is almost always a header. Add as many -H flags as you need:

curl https://api.example.com/me \
  -H "Authorization: Bearer eyJhbGciOi..." \
  -H "Accept: application/json"

For HTTP basic auth there's a shortcut, -u user:password, which builds the header for you:

curl -u admin:secret https://api.example.com/admin

Inspecting the response

When something isn't behaving, I want to see the status code and headers. Use -i to include response headers in the output:

curl -i https://api.example.com/users

For the full story, including the request curl sent and the TLS handshake, use -v (verbose):

curl -v https://api.example.com/users

If -v shows a certificate error, I've written up the fix for the most common one: curl error 60: SSL certificate problem.

Saving the response

To write the body to a file instead of the terminal, use -o with a filename, or -O to reuse the remote filename:

curl -o response.json https://api.example.com/users

That's enough to test almost any HTTP API. Once you're comfortable with -X, -H, -d, and -i/-v, the rest is just combining them.

Subscribe to our newsletter

Do you want to receive regular updates with fresh and exclusive content to learn more about web development, hosting, security and performance? Subscribe now!

Related articles

Argument list too long (Bash: /bin/rm)

Send GET and POST API requests with curl, including JSON bodies, form data, auth headers and bearer tokens, and how to inspect the response.

Read more →

How to install Composer packages locally

Send GET and POST API requests with curl, including JSON bodies, form data, auth headers and bearer tokens, and how to inspect the response.

Read more →