Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

CURL.SetOptionHTTPAuth

Defines which HTTP authentication methods are used.

Component Version macOS Windows Linux Server iOS SDK
CURL 2.5 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "CURL.SetOptionHTTPAuth"; curl; Value )   More

Parameters

Parameter Description Example
curl The CURL session handle. $curl
Value Which http authentication to use. 15

Result

Returns "OK" on success.

Description

Defines which HTTP authentication methods are used.
Pass a number as parameter, which is set to a bitmask, to tell libcurl which authentication method(s) you want it to use. The available bits are listed below. If more than one bit is set, libcurl will first query the site to see which authentication methods it supports and then pick the best one you allow it to use. For some methods, this will induce an extra network round-trip. Set the actual name and password with the CURL.SetOptionUserName and the CURL.SetOptionPassword options.

CURLAUTH_BASIC1HTTP Basic authentication. This is the default choice, and the only method that is in wide-spread use and supported virtually everywhere. This sends the user name and password over the network in plain text, easily captured by others.
CURLAUTH_DIGEST2HTTP Digest authentication. Digest authentication is defined in RFC 2617 and is a more secure way to do authentication over public networks than the regular old-fashioned Basic method.
CURLAUTH_DIGEST_IE16HTTP Digest authentication with an IE flavor. Digest authentication is defined in RFC 2617 and is a more secure way to do authentication over public networks than the regular old-fashioned Basic method. The IE flavor is simply that libcurl will use a special "quirk" that IE is known to have used before version 7 and that some servers require the client to use. (This define was added in 7.19.3)
CURLAUTH_GSSNEGOTIATE4HTTP GSS-Negotiate authentication. The GSS-Negotiate (also known as plain "Negotiate") method was designed by Microsoft and is used in their web applications. It is primarily meant as a support for Kerberos5 authentication but may also be used along with other authentication methods. For more information see IETF draft draft-brezak-spnego-http-04.txt. You need to build libcurl with a suitable GSS-API library for this to work.
CURLAUTH_NTLM8HTTP NTLM authentication. A proprietary protocol invented and used by Microsoft. It uses a challenge-response and hash concept similar to Digest, to prevent the password from being eavesdropped. You need to build libcurl with OpenSSL support for this option to work, or build libcurl on Windows.
CURLAUTH_ANY15This is a convenience macro that sets all bits and thus makes libcurl pick any it finds suitable. libcurl will automatically select the one it finds most secure.
CURLAUTH_ANYSAFE14This is a convenience macro that sets all bits except Basic and thus makes libcurl pick any it finds suitable. libcurl will automatically select the one it finds most secure.

See also HTTPAUTH option in CURL manual.

Examples

Request GSS-Negotiate:

MBS( "CURL.SetOptionHTTPAuth"; $curl; 4 )

Use BASIC or Digest authorization:

MBS( "CURL.SetOptionHTTPAuth"; $curl; 1+2+16 )

See also

Blog Entries

Created 18th August 2014, last changed 13th June 2019


CURL.SetOptionHTTP200Aliases - CURL.SetOptionHTTPContentDecoding