Working with curl

Simplifying using IAM credentials with curl

Using curl with IBM Cloudant accounts that use IAM for authentication can be frustrating because API keys need to be exchanged for short-lived tokens that are sent with requests.

A IBM Cloudant engineer created the ccurl tool to help with this. For more information, see ccurl on npm.

Simplifying using IBM Cloudant Legacy credentials with curl

You can supply username and password data for a request in four ways.

1. [Recommended] You can define a curl control file that contains your credentials, disables some curl URL parsing that can get in the way when using IBM Cloudant, and ensures you are using HTTPS. Substitute ACCOUNT and PASSWORD for your real credentials.

   --user "ACCOUNT:PASSWORD"
   --globoff
   --proto "=https"
   

   You can then define an "alias" that enables the curl command to apply the control file, for example:

   alias acurl="curl -s --config <full_path_and_name_of_control_file> "
   

   Then, when making requests to IBM Cloudant, type acurl in place of curl.

   Remember to exclude the control file from backups, since it includes the password in clear text.

2. [Recommended for one-off commands] If you use the -u ACCOUNT parameter, curl prompts you to enter your password interactively on the command line before you perform the request.

   This option is used for the curl examples in the IBM Cloudant API reference.

3. [Caution: this option is not secure] Entering the combination parameter -u ACCOUNT:PASSWORD as part of your command means that you are not asked to enter your password interactively.

   However, a plain text copy of your password appears in the terminal log.

4. [Caution: this option is not secure.] For an HTTPS curl request, you can supply the username and password as part of the URL:

   ... https://ACCOUNT:PASSWORD@ACCOUNT.cloudant.com ...
   

   However, a plain text copy of your password appears in the terminal log.