Build any cURL command visually — set your URL, HTTP method, headers, request body and authentication. The ready-to-copy command updates live as you type.
cURL (Client URL) is a command-line tool for transferring data over network protocols including HTTP, HTTPS, FTP, SMTP, and more. It is one of the most widely used utilities in software development for making HTTP requests, testing REST APIs, and automating web interactions directly from the terminal — available on Linux, macOS, and Windows.
Writing cURL commands from scratch can be tedious, especially when dealing with complex configurations: Bearer tokens, multiple custom headers, JSON payloads, form fields, or SSL options. A cURL command generator lets you build these commands visually by filling in fields for URL, method, headers, authentication and body — without memorizing the exact flag syntax. The command updates live as you type, ready to paste into any terminal.
Testing a REST API with cURL involves four key parts: the endpoint URL, the HTTP method, any required headers, and an optional request body. Here is the step-by-step workflow:
Step 1 — Enter the URL. Paste your API endpoint into the URL field. This can be any valid HTTP or HTTPS address, including URLs with query parameters such as ?page=1&limit=20.
Step 2 — Choose the HTTP method. Select GET, POST, PUT, PATCH, DELETE, HEAD, or OPTIONS from the dropdown. The generator automatically adds the -X METHOD flag for non-GET requests, keeping GET commands clean.
Step 3 — Add request headers. Switch to the Headers tab to add key/value pairs. Common headers include Content-Type, Accept, X-Request-ID, or any custom application header required by your API.
Step 4 — Configure authentication. Use the Auth tab to set up Basic Auth (adds -u user:pass), Bearer Token (adds -H 'Authorization: Bearer …'), or an API Key sent as a custom header.
Step 5 — Add a body for POST / PUT / PATCH. In the Body tab choose JSON to paste your payload — Content-Type: application/json is added automatically — Form Data for URL-encoded fields, or Plain Text for raw content.
cURL supports multiple authentication schemes out of the box. Basic Auth sends credentials encoded in Base64 using the -u username:password shorthand. Bearer tokens (used in OAuth 2.0 and JWT flows) are passed as an Authorization header: -H 'Authorization: Bearer your-token'. API keys are typically sent as a custom header such as X-API-Key: your-key, which this generator builds for you automatically. For sensitive production tokens, always use HTTPS endpoints.
Understanding the most useful cURL flags speeds up day-to-day API work:
-L — Follow HTTP redirects automatically (301, 302, 307, 308). Essential when APIs redirect to versioned endpoints or CDN URLs.-v — Verbose mode. Shows full request and response headers, TLS handshake details, DNS resolution and connection timing. Invaluable for debugging.-k — Skip SSL certificate verification. Useful in local development with self-signed certificates. Never use in production.-i — Include HTTP response headers in the output, printed before the response body. Useful for inspecting Set-Cookie, Location, rate-limit headers and more.--compressed — Request a compressed response (gzip or deflate) and decompress it automatically. Reduces bandwidth, mirrors what browsers do by default.cURL is often compared to tools like HTTPie, Postman, Insomnia, or Wget. Unlike GUI tools, cURL runs entirely in the terminal and is available on virtually every server and CI environment. It is the de-facto standard for sharing reproducible HTTP examples in documentation, Stack Overflow answers, and API guides. Learning cURL pays dividends for any developer working with APIs, webhooks, or microservices.
curl -L \
-H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9...' \
-H 'Accept: application/json' \
'https://api.example.com/users/42'curl -X POST \
-u 'admin:secret' \
-H 'Content-Type: application/json' \
-d '{"name":"Alice","email":"alice@example.com"}' \
'https://api.example.com/users'curl -X DELETE \
-H 'X-API-Key: sk-prod-abc123xyz' \
-v \
'https://api.example.com/users/42'cURL is an open-source command-line tool and library for transferring data with URLs. It supports HTTP, HTTPS, FTP, SMTP, and dozens of other protocols. It comes pre-installed on macOS, most Linux distributions, and Windows 10/11, and is the standard tool for making HTTP requests from the terminal or shell scripts.
Use -X POST to set the method, -H 'Content-Type: application/json' to declare the body format, and -d '{"key":"value"}' to pass the JSON payload. This generator adds the Content-Type header automatically when you select the JSON body type.
Use the -H flag followed by the header in 'Name: Value' format. You can repeat -H for multiple headers. For example: curl -H 'Accept: application/json' -H 'X-Client-ID: app42' https://api.example.com. Use the Headers tab in this generator to add as many headers as needed.
The -k (or --insecure) flag tells cURL to skip SSL/TLS certificate verification. This is useful when testing against local development servers that use self-signed certificates. You should never use -k against production endpoints, as it disables protection against man-in-the-middle attacks.
Use the -u username:password flag. cURL automatically encodes the credentials in Base64 and sends an Authorization: Basic … header. Alternatively, you can build the header manually with -H 'Authorization: Basic base64(user:pass)'. Select Basic Auth in the Auth tab to have this generated for you.
Use --data-urlencode 'key=value' for URL-encoded form fields, or -F 'field=value' for multipart/form-data (file uploads). The Form Data body type in this generator uses --data-urlencode, which correctly handles special characters in field values.
The -L flag tells cURL to follow HTTP redirects. When a server responds with a 301, 302, or 307 status, cURL will automatically repeat the request to the new location. Without -L, cURL stops at the redirect response and returns the 3xx status code without fetching the final resource.
Yes. Webhooks are standard HTTP POST requests with a JSON or form payload and often a signature header (e.g. X-Hub-Signature-256). Use the POST method, add your signature as a custom header in the Headers tab, paste the payload in the JSON body tab, and the generator will build the full cURL command ready to replay the webhook locally.