How to make a request using HTTP basic authentication with PHP curl? Last Updated : 28 Apr, 2025 Comments Improve Suggest changes Like Article Like Report Making secure API requests is a common requirement in web development, and PHP provides a powerful tool for this purpose, which is cURL. The challenge is to seamlessly integrate HTTP basic authentication with PHP cURL for secure API communication. This involves not only transmitting sensitive user credentials securely but also ensuring that the PHP application can successfully retrieve and process API responses. Here, we need to provide a way to address potential security concerns and facilitate the smooth integration of HTTP basic authentication with cURL in PHP. HTTP Basic AuthenticationHTTP basic authentication involves including a username and password in the request header. This is commonly used to secure APIs. PHP cURL provides the necessary functionality to include these credentials in your requests. We start by initializing a cURL session and setting various options to configure the request. The crucial options include CURLOPT_RETURNTRANSFER for receiving the response as a string, CURLOPT_HTTPAUTH for specifying basic authentication, and CURLOPT_USERPWD for providing the username and password. Using curl_setopt() FunctionThe curl_setopt() function empowers developers to tailor and enhance cURL sessions, ensuring resilient authentication mechanisms and robust communication between applications and APIs. Example 1: Implementation for making a request using HTTP basic authentication with PHP curl. PHP <?php $apiUrl = "https://...example.com"; $ch = curl_init($apiUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, ["User-Agent: phpApplication"]); $response = curl_exec($ch); if (curl_errno($ch)) { echo "Curl error: " . curl_error($ch); } curl_close($ch); $data = json_decode($response, true); if ($data) { print_r($data); } else { echo "Error fetching data from GitHub API."; } ?> Explaination Set the GitHub API endpoint for retrieving organizations of the user "hadley." Initialize a cURL session.Configure cURL options, such as returning the response as a string and setting the User-Agent header.Execute the cURL request and store the response.Check for cURL errors and display an error message if there is an issue.Parse the JSON response into a PHP array.Check if the decoding was successful and print organizations or an error message accordingly.Output: Example 2: Here, we are making a simple GET request to an API endpoint without using any specific authentication credentials. PHP <?php $apiUrl = "https://...example.com"; $ch = curl_init($apiUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); if (curl_errno($ch)) { echo "Curl error: " . curl_error($ch); } curl_close($ch); echo "API Response:\n"; echo $response; ?> Explaination Define API URL which will set the variable $apiUrl with the target API endpoint.Initialize cURL that will use curl_init($apiUrl) to start a cURL session.Configure Options which use curl_setopt() to set cURL options for GET request and response handling.Execute cURL, which use curl_exec($ch) to make the API request and store the response in $response.Check for Errors, whiich use curl_errno($ch) to identify and echo any cURL errors.Close cURL Session & use curl_close($ch) to finish the cURL session.Process Response, and echo the API response ($response) for further use or display.Output: These techniques ensure that your PHP applications communicate securely with external APIs while handling authentication seamlessly. Comment More infoAdvertise with us Next Article How to make a request using HTTP basic authentication with PHP curl? D dhruvi1267be21 Follow Improve Article Tags : PHP PHP-Questions Similar Reads Access a Site with Two-Factor Authentication Using Python Requests web security is of paramount importance, and many websites implement two-factor authentication (2FA) to enhance security. This additional layer of security ensures that even if someone obtains your password, they cannot access your account without the second form of verification, usually a code sent 4 min read How to Handle Authentication with Postman API Testing? Authentication is very important for securing access to resources and data. When testing APIs, handling authentication correctly is important to ensure that your tests can interact with secured endpoints effectively. Postman, a popular API testing tool, provides robust features for handling various 4 min read Elasticsearch API Authentication: How to Set Up with Examples Elasticsearch is a powerful distributed search and analytics engine widely used for logging, monitoring, and data analysis. To protect your data and ensure secure access, setting up API authentication is essential. This article will guide you through the process of configuring Elasticsearch API auth 5 min read How to Use API Keys authentication in Postman Postman is an API(application programming interface) development tool that helps to build, test and modify APIs. In this tutorial, we will see how to use API Keys authentication in Postman. The API key is a unique identifier that authenticates requests and if several users are there, their username 2 min read How to Set Up Apache htpasswd Authentication in Ubuntu? Installing htpasswd authentication on Apache in Ubuntu is an excellent approach to fortify the web server with additional protection. We shall see the step-by-step process for that in this tutorial.PrerequisitesApache server installed.Command-line basic operations.Steps to set up Apache htpasswd aut 2 min read How to make an HTTP GET request manually with netcat? Netcat,also known as "nc", is a powerful Unix-networking utility that enables users to interact with network services through a command-line interface (CLI). It uses both TCP and UDP network protocols for communication and is designed to be a reliable back-end tool to instantly provide network conne 6 min read Testing REST API with Postman and curl In the world of API testing, there are many tools available. Postman and cURL are two of the most popular tools for it. Let's look at how to use these tools for testing them. We will send some HTTP requests and explore the basic syntax for both of them in this article. The article focuses on using a 7 min read How to add Bearer Token authentication in Postman ? Postman is a crucial platform for developers, aiding in API testing, creation, and modification. APIs support various website features, such as user registration and login. For secure actions like changing passwords, Bearer Token Authentication is used. Upon login, the server issues a token, acting 3 min read How to Convert a Postman Request to cURL? If you're a web developer, quality assurance engineer, or system administrator, chances are you're familiar with Postman, a crucial tool for API testing. However, there are instances where you may need to convert a Postman request to cURL, a command-line tool for data transfer. This article provides 3 min read How to check user authentication in GET method using Node.js ? There are so many authentication methods like web token authentication, cookies based authentication, and many more. In this article, we will discuss one of the simplest authentication methods using express.js during handling clients get a request in node.js with the help of the HTTP headers. Appro 3 min read Like