Working with curl
Curl
by itself is not secure. We suggest acurl
, which can run curl
IBM® Cloudant® for IBM Cloud® commands to URLs without entering your username and password repeatedly.
You use curl examples in the following steps.
For the curl samples
You can supply the username and password data for a request in three ways.
-
If you use the
-u $ACCOUNT
parameter, curl prompts you to enter your password interactively on the command line before you perform the request.This option is used for the curl examples in the IBM Cloudant API reference.
-
[Caution: this option isn't secure] Entering the combination parameter
-u $ACCOUNT:$PASSWORD
as part of your command means that you aren't asked to enter your password interactively.However, a plain text copy of your password appears in the terminal log.
If you use a safer variation of this method, you can define a curl control file that includes the following details:
--user "$ACCOUNT:$PASSWORD" --globoff --proto "=https"
You can then define an "alias" that enables the curl command to apply the control file, for example:
alias acurl="curl -s --config <full_path_and_name_of_config_file> "
Remember to exclude the control file from backups, since it includes the password in clear text.
-
[Caution: this option isn't secure.] For an
https
curl request, you can supply the username and password as part of the following URL:... https://$ACCOUNT:$PASSWORD@$ACCOUNT.cloudant.com ...
However, a plain text copy of your password appears in the terminal log.
An alternative approach is to use a hashed version of your username and password combination, and supply that data in your curl command. The next section on authorized curl explains how to create a more
complex acurl
command that uses this technique.