curl is the go-to command-line tool for transferring data with URLs. It supports HTTP, HTTPS, FTP, and dozens of other protocols. Developers use it daily for API testing, file downloads, form submissions, and debugging network requests — all without leaving the terminal.
LinuxcurlHTTPAPIcurl https://api.example.com/data
curl -L https://example.com
-L flag instructs curl to follow all redirects until it reaches the final destination. Essential when working with URLs that redirect to CDNs or HTTPS versions.curl -I https://example.com
-I flag sends a HEAD request, printing only the response headers. Useful for checking HTTP status codes, Content-Type, cache headers, and server information without downloading the full response body.curl -v https://example.com
-v flag shows the full request/response exchange including headers and TLS details. Lines with > are sent data; lines with < are received. Invaluable for debugging API authentication and redirect issues.curl -X POST \
-H "Content-Type: application/json" \
-d '{"name":"Alice","role":"admin"}' \
https://api.example.com/users
-X POST to set the HTTP method, -H to add headers, and -d to send a request body. Setting Content-Type: application/json tells the server to expect JSON. This is the standard pattern for REST API calls.curl -X POST -d "username=alice&password=secret" https://example.com/login
-d flag automatically sets the method to POST. Use this to simulate form submissions when testing login endpoints or webhooks.curl -H "Authorization: Bearer YOUR_TOKEN" https://api.example.com/profile
YOUR_TOKEN with your actual JWT or API token. This is the standard authentication method for most modern REST APIs.curl -O https://example.com/file.zip
-O flag saves the file using its original filename from the URL path. The file is saved in the current directory. Add -L if the download URL involves redirects before serving the file content.curl -o myfile.zip https://example.com/download?id=123
-o filename saves to a custom path you specify. Unlike -O, this works even when the URL has no clean filename — such as query-string-based download endpoints.curl --max-time 10 https://api.example.com/slow-endpoint
--max-time flag aborts after the specified number of seconds. Essential in scripts where a hanging request would block execution. Use --connect-timeout to limit only the initial TCP connection phase.curl URL to see the raw response from any endpoint.-v to see full request/response details when troubleshooting.-H for headers, -d for request body, and -X to override the HTTP method.jq for pretty JSON: curl URL | jq .Capital -O saves the file using the filename from the URL path. Lowercase -o filename saves to a custom filename you specify. Use -o when the URL doesn't have a clean filename in its path, or when saving to a specific directory.
Use -d @filename.json — the @ prefix tells curl to read body data from a file rather than treating the string as literal data. Always pair this with -H "Content-Type: application/json" so the server knows how to parse it.
Use -k or --insecure to skip certificate verification. This is acceptable in local development environments but never use it in production scripts as it disables all TLS security checks. For production, provide the CA cert with --cacert ca.pem.