How to make a request using HTTP basic authentication with PHP curl?
Last Updated :
28 Apr, 2025
Making secure API requests is a common requirement in web development, and PHP provides a powerful tool for this purpose, which is cURL. The challenge is to seamlessly integrate HTTP basic authentication with PHP cURL for secure API communication. This involves not only transmitting sensitive user credentials securely but also ensuring that the PHP application can successfully retrieve and process API responses. Here, we need to provide a way to address potential security concerns and facilitate the smooth integration of HTTP basic authentication with cURL in PHP.
HTTP Basic Authentication
HTTP basic authentication involves including a username and password in the request header. This is commonly used to secure APIs. PHP cURL provides the necessary functionality to include these credentials in your requests.
We start by initializing a cURL session and setting various options to configure the request. The crucial options include CURLOPT_RETURNTRANSFER for receiving the response as a string, CURLOPT_HTTPAUTH for specifying basic authentication, and CURLOPT_USERPWD for providing the username and password.
Using curl_setopt() Function
The curl_setopt() function empowers developers to tailor and enhance cURL sessions, ensuring resilient authentication mechanisms and robust communication between applications and APIs.
Example 1: Implementation for making a request using HTTP basic authentication with PHP curl.
PHP
<?php
$apiUrl = "https://...example.com";
$ch = curl_init($apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER,
["User-Agent: phpApplication"]);
$response = curl_exec($ch);
if (curl_errno($ch)) {
echo "Curl error: " . curl_error($ch);
}
curl_close($ch);
$data = json_decode($response, true);
if ($data) {
print_r($data);
} else {
echo "Error fetching data from GitHub API.";
}
?>
Explaination
- Set the GitHub API endpoint for retrieving organizations of the user "hadley." Initialize a cURL session.
- Configure cURL options, such as returning the response as a string and setting the User-Agent header.
- Execute the cURL request and store the response.
- Check for cURL errors and display an error message if there is an issue.
- Parse the JSON response into a PHP array.
- Check if the decoding was successful and print organizations or an error message accordingly.
Output:

Example 2: Here, we are making a simple GET request to an API endpoint without using any specific authentication credentials.
PHP
<?php
$apiUrl = "https://...example.com";
$ch = curl_init($apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if (curl_errno($ch)) {
echo "Curl error: " . curl_error($ch);
}
curl_close($ch);
echo "API Response:\n";
echo $response;
?>
Explaination
- Define API URL which will set the variable $apiUrl with the target API endpoint.
- Initialize cURL that will use curl_init($apiUrl) to start a cURL session.
- Configure Options which use curl_setopt() to set cURL options for GET request and response handling.
- Execute cURL, which use curl_exec($ch) to make the API request and store the response in $response.
- Check for Errors, whiich use curl_errno($ch) to identify and echo any cURL errors.
- Close cURL Session & use curl_close($ch) to finish the cURL session.
- Process Response, and echo the API response ($response) for further use or display.
Output:
These techniques ensure that your PHP applications communicate securely with external APIs while handling authentication seamlessly.
Similar Reads
Access a Site with Two-Factor Authentication Using Python Requests web security is of paramount importance, and many websites implement two-factor authentication (2FA) to enhance security. This additional layer of security ensures that even if someone obtains your password, they cannot access your account without the second form of verification, usually a code sent
4 min read
How to Handle Authentication with Postman API Testing? Authentication is very important for securing access to resources and data. When testing APIs, handling authentication correctly is important to ensure that your tests can interact with secured endpoints effectively. Postman, a popular API testing tool, provides robust features for handling various
4 min read
Elasticsearch API Authentication: How to Set Up with Examples Elasticsearch is a powerful distributed search and analytics engine widely used for logging, monitoring, and data analysis. To protect your data and ensure secure access, setting up API authentication is essential. This article will guide you through the process of configuring Elasticsearch API auth
5 min read
How to Use API Keys authentication in Postman Postman is an API(application programming interface) development tool that helps to build, test and modify APIs. In this tutorial, we will see how to use API Keys authentication in Postman. The API key is a unique identifier that authenticates requests and if several users are there, their username
2 min read
How to Set Up Apache htpasswd Authentication in Ubuntu? Installing htpasswd authentication on Apache in Ubuntu is an excellent approach to fortify the web server with additional protection. We shall see the step-by-step process for that in this tutorial.PrerequisitesApache server installed.Command-line basic operations.Steps to set up Apache htpasswd aut
2 min read
How to make an HTTP GET request manually with netcat? Netcat,also known as "nc", is a powerful Unix-networking utility that enables users to interact with network services through a command-line interface (CLI). It uses both TCP and UDP network protocols for communication and is designed to be a reliable back-end tool to instantly provide network conne
6 min read