In most, if not all, my API examples, you will see a -H Authorization: Basic ... instead of username and password hard-coded directly.

The curl command is a widely used command-line tool for transferring data with URLs. It supports various protocols, including HTTP, HTTPS, FTP, and more. The -H option is used to specify a header to include in the request.

Here’s a detailed breakdown of the command curl -H 'Authorization: Basic ...':

1. curl: This is the command itself, used to transfer data from or to a server.
2. -H 'Authorization: Basic ...': This option specifies an HTTP header to include in the request.

• -H: Stands for “header” and is used to add a header to the request.
• 'Authorization: Basic ...': This is the actual header being added.
  • Authorization:: This specifies the authorization method.
  • Basic: This indicates that Basic Authentication is being used.
  • ...: This represents the Base64-encoded username and password.

Basic Authentication

Basic Authentication is a simple authentication scheme built into the HTTP protocol. The client sends the Authorization header with the value Basic followed by a space and a Base64-encoded string of username:password.

Example Usage

Assuming you have a username oggadmin and a password Welcome##123, you can encode these credentials in Base64 and include them in the Authorization header.

Here’s how you might do it:

• Encode the Credentials:

1. Concatenate the username and password with a colon: oggadmin:Welcome##123
2. Encode this string in Base64: b2dnYWRtaW46V2VsY29tZSMjMTIz

Test yourself: https://passwords-generator.org/base64-encode

• Use the Encoded String in the curl Command:

curl -k -L -X GET 'https://<hostname>/services/v2/tasks/<tast_name>/info/history' \
-H 'Authorization: Basic b2dnYWRtaW46V2VsY29tZSMjMTIz'

Detailed Breakdown of the Command

• curl: Initiates the curl command.
• -k: This option tells the curl to skip verification of the SSL/TLS certificate presented by the server.
• -L: This option tells the curl to follow any HTTP redirections (3xx responses) that the server returns.
• -X: This option follows the HTTP method you want to use. In this case, GET, but could be POST, PATCH, PUT or DELETE
• -H: Specifies the header.
• 'Authorization: Basic b2dnYWRtaW46V2VsY29tZSMjMTIz': The actual header value with the encoded credentials.
• https://<hostname>/services/v2/tasks/<tast_name>/info/history': The URL to which the request is being sent.

Security Warning

Basic Authentication sends the username and password encoded in Base64, which is not secure as it can be easily decoded. It’s important to use HTTPS to encrypt the connection and protect the credentials.