How to add authentication header to curl command to request resources?

Question

This question has repeated and I have seen many different answers however it did not work for me yet! I have a server set up with ruby in rails.

My first command through terminal which works fine and receive an access token:

curl -i -X POST -d 'member_id=123456789&access_code=password&device_id=1234567890' https://myserver/customer_authentication

Specification says to request for resources:

The request requires an authorization header.

Beside this:

The user's online access token that is stored in the authorization header will be used to look up the user. The anonymised user identifier will be used to lookup the customer info as well and ensures a correlation with the customer associated with the access token. Example: header['Authorization'] = "Bearer online_banking_access_token"

Now I am trying to get list of data from server, which in specification says:

GET /org1/customers/:acid/accounts

This will return a json of user's account. I have used these but neither worked for me:

curl -H GET Authorization: "348129" https://myserver/api/org1/customers/:acid/accounts

curl –H GET "Authorization: Token 348129" https://myserver/api/org1/customers/:acid/accounts

This is the code on the server:

  if @customer && authenticated_customer_matches_requested_customer
    body = { accounts: array_of_account_hashes }
    status_code = :ok
  else
    body = { error_message: 'Invalid access token' }.to_json
    status_code = :unauthorized
  end

And I receive:

{"error_message":"Invalid access token"}

Answer 1

You need to change curl command as follows.

curl https://myserver/api/org1/customers/:acid/account -X GET -H "Authorization: Token 348129" 

Answer 2

Use curl with option -X to set type of request and option -H to set request header.

curl -X [GET|POST|PUT|DELETE] -H "Authentication xxx" "http://your.server.com"