Why doesn't cURL work with Windows Authentication on IIS7?

Question

I am trying to access a service that is behind Windows Authentication. I thought I could pass the credentials the way HTTP Basic Authentication credentials are passed, but it\'s

Answer 1

I had the same issue with you, but I through adjust iis server configuration to authenticate, to enable HTTP basic or digest authentication, after done, you could use simplest authenticate, sorry for my bad English

Answer 2

You can also leave the username and password fields empty (-u :) and curl will use your current credentials from your environment:

curl --ntlm -u : http://example.com

Per the docs (under -u, --user)

If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".

Kerberos-Enabled Binaries

Answer 3

I just want to add that authorization might include several redirects and the NTLM authentication might be required for the second or subsequent requests, but not the first one. In this case the answers here won't work.

The thing is, CURL sends credentials with the first request only, while you might need them for the second one for example. To pass credentials with all the requests, use the --location-trusted option.

From CURL documentation (-L option):

When authentication is used, curl only sends its credentials to the initial host. If a redirect takes curl to a different host, it won't be able to intercept the user+password. See also --location-trusted on how to change this.

This important note helped me authorize on my company website. Hope that helps somebody else.

Answer 4

If you are using Windows Authentication, you need to use NTLM:

curl --ntlm --user username:password http://example.com