cURL Cheat Sheet
A searchable, printable curl reference — HTTP methods, headers, data and forms, auth, downloads, cookies, TLS, proxies and debugging. Free.
Basics
12curl https://api.example.com
Send a GET request and print the body
curl -o page.html https://example.com
Save the response to a named file
curl -O https://example.com/file.zip
Save using the remote file name
curl -i https://example.com
Show response headers plus the body
curl -I https://example.com
Fetch the response headers only (HEAD)
curl -v https://example.com
Verbose output of the request/response
curl -s https://example.com
Silent mode, hide progress and errors
curl -sS https://example.com
Silent but still show errors
curl -L https://example.com
Follow HTTP redirects (3xx)
curl https://a.com https://b.com
Request multiple URLs in one call
curl 'https://x.com/p?[1-5]'
Use a numeric range to loop URLs
curl --version
Print the curl version and features
HTTP methods
9curl -X GET https://api.example.com
Explicitly send a GET request
curl -X POST https://api.example.com
Send a POST request
curl -X PUT https://api.example.com/1
Send a PUT request to replace a resource
curl -X PATCH https://api.example.com/1
Send a PATCH request to update fields
curl -X DELETE https://api.example.com/1
Send a DELETE request
curl -I https://api.example.com
Send a HEAD request for headers only
curl -X OPTIONS https://api.example.com
Send an OPTIONS preflight request
curl --head https://api.example.com
Long form of -I for a HEAD request
curl --request POST https://x.com
Long form of -X to set the method
Headers
10curl -H 'Accept: application/json' https://x.com
Add a single request header
curl -H 'X-Token: abc' -H 'X-Env: dev' https://x.com
Add multiple headers
curl -H 'Content-Type: application/json' https://x.com
Declare the request body content type
curl -H 'Authorization: Bearer TOKEN' https://x.com
Send a bearer authorization header
curl -H 'Host: example.com' https://1.2.3.4
Override the Host header
curl -H 'Accept-Encoding: gzip' https://x.com
Request a gzip-compressed response
curl -A 'MyAgent/1.0' https://x.com
Set the User-Agent string
curl -e 'https://ref.com' https://x.com
Set the Referer header
curl -H 'X-Debug:' https://x.com
Remove a default header by leaving it empty
curl --compressed https://x.com
Ask for and auto-decompress the response
Sending data
11curl -d 'name=Jane&age=30' https://x.com
POST URL-encoded form data
curl -d '@payload.json' https://x.com
POST data read from a file
curl --data-urlencode 'q=hello world' https://x.com
POST a single URL-encoded field
curl --data-binary '@file.bin' https://x.com
POST raw bytes without processing
curl -G --data-urlencode 'q=cats' https://x.com
Append the data as a GET query string
curl -X POST -H 'Content-Type: application/json' -d '{"name":"Jane"}' https://x.com
POST a JSON body
curl --json '{"name":"Jane"}' https://x.com
POST JSON and set JSON headers automatically
curl -F 'name=Jane' https://x.com
Send a multipart form field
curl -F 'file=@photo.png' https://x.com
Upload a file as multipart form-data
curl -F 'file=@a.pdf;type=application/pdf' https://x.com
Upload a file with an explicit MIME type
curl -d '' https://x.com
POST with an empty body
Authentication
9curl -u user:pass https://x.com
HTTP basic authentication
curl -u user https://x.com
Basic auth, prompt for the password
curl -H 'Authorization: Bearer TOKEN' https://x.com
Send a bearer token header
curl --oauth2-bearer TOKEN https://x.com
Send an OAuth 2.0 bearer token
curl --digest -u user:pass https://x.com
Use HTTP digest authentication
curl --ntlm -u user:pass https://x.com
Use NTLM authentication
curl --netrc https://x.com
Read credentials from ~/.netrc
curl --netrc-file creds https://x.com
Read credentials from a custom netrc file
curl -H 'X-Api-Key: KEY' https://x.com
Send an API key header
Downloading & uploading
11curl -O https://x.com/file.zip
Download using the remote file name
curl -o out.zip https://x.com/file.zip
Download to a chosen file name
curl -OL https://x.com/file.zip
Download and follow redirects
curl -C - -O https://x.com/file.zip
Resume a partial download
curl --limit-rate 200k -O https://x.com/f
Cap the transfer speed
curl -r 0-1023 -o part https://x.com/f
Download a byte range only
curl --retry 3 -O https://x.com/f
Retry the download on failure
curl -T file.txt ftp://x.com/
Upload a file with PUT/FTP
curl -T file.txt https://x.com/up
Upload a file via HTTP PUT
curl --create-dirs -o a/b/f.txt https://x.com
Create missing directories for the output
curl -# -O https://x.com/file.zip
Show a simple progress bar
Cookies
8curl -b 'session=abc123' https://x.com
Send a cookie inline
curl -b cookies.txt https://x.com
Send cookies from a file
curl -c cookies.txt https://x.com
Write received cookies to a jar
curl -b jar.txt -c jar.txt https://x.com
Read and update the same cookie jar
curl -b 'a=1; b=2' https://x.com
Send multiple cookies at once
curl -c - https://x.com
Print received cookies to stdout
curl --junk-session-cookies -b jar.txt https://x.com
Ignore session cookies from the jar
curl -L -c jar.txt -b jar.txt https://x.com/login
Keep a session across redirects
TLS / SSL
10curl -k https://x.com
Allow insecure (skip cert verification)
curl --cacert ca.pem https://x.com
Verify with a custom CA bundle
curl --capath /etc/ssl/certs https://x.com
Use a directory of CA certificates
curl --cert client.pem https://x.com
Send a client certificate
curl --cert client.pem --key client.key https://x.com
Use a client cert and private key
curl --tlsv1.2 https://x.com
Require at least TLS 1.2
curl --tlsv1.3 https://x.com
Require at least TLS 1.3
curl --tls-max 1.2 https://x.com
Cap the maximum TLS version
curl --ciphers ECDHE-RSA-AES128-GCM-SHA256 https://x.com
Restrict allowed TLS ciphers
curl -vI https://x.com
Inspect the TLS handshake details
Proxies
9curl -x http://proxy:8080 https://x.com
Route the request through an HTTP proxy
curl --proxy http://proxy:8080 https://x.com
Long form of -x to set a proxy
curl -x proxy:8080 -U user:pass https://x.com
Authenticate to the proxy
curl --proxy-user user:pass -x proxy:8080 https://x.com
Long form of proxy credentials
curl --socks5 127.0.0.1:1080 https://x.com
Use a SOCKS5 proxy
curl --socks5-hostname 127.0.0.1:1080 https://x.com
SOCKS5 proxy with remote DNS resolution
curl --socks4 127.0.0.1:1080 https://x.com
Use a SOCKS4 proxy
curl --noproxy example.com https://x.com
Bypass the proxy for given hosts
curl -x '' https://x.com
Disable any configured proxy
Debugging & output
11curl -w '%{http_code}\n' -o /dev/null -s https://x.com
Print only the HTTP status code
curl -w '%{time_total}\n' -o /dev/null -s https://x.com
Print the total transfer time
curl -w '@format.txt' https://x.com
Read the write-out format from a file
curl -D headers.txt https://x.com
Dump response headers to a file
curl -D - -o body.txt https://x.com
Headers to stdout, body to a file
curl --trace trace.txt https://x.com
Full hex trace of the transfer
curl --trace-ascii - https://x.com
ASCII trace to stdout
curl --trace-time -v https://x.com
Add timestamps to verbose output
curl -v https://x.com 2>&1 | less
Page through the verbose log
curl -sS -o /dev/null -w '%{size_download}\n' https://x.com
Print the downloaded byte count
curl --libcurl out.c https://x.com
Emit equivalent libcurl C source
Timeouts & retries
10curl --connect-timeout 5 https://x.com
Limit the connection phase in seconds
curl --max-time 30 https://x.com
Cap the whole operation time
curl --retry 3 https://x.com
Retry on transient errors
curl --retry 3 --retry-delay 2 https://x.com
Wait between retry attempts
curl --retry 5 --retry-max-time 60 https://x.com
Bound the total time spent retrying
curl --retry-connrefused https://x.com
Also retry on connection refused
curl --retry-all-errors https://x.com
Retry on any error, not just transient
curl --speed-limit 100 --speed-time 10 https://x.com
Abort if too slow for a duration
curl --keepalive-time 60 https://x.com
Set the TCP keep-alive interval
curl --expect100-timeout 1 https://x.com
Limit the wait for a 100-continue
No entry matches “:q”.
Need help?
Found an issue with this tool? Let our team know.