I am trying to access a service that is behind Windows Authentication. I thought I could pass the credentials the way HTTP Basic Authentication credentials are passed, but it's not working. When I do the following, I get a 401 error, and I am absolutely sure the password is correct.
curl --user username:password http://example.com
Why doesn't this work?
If you are using Windows Authentication, you need to use NTLM:
curl --ntlm --user username:password http://example.com
You can also leave the username and password fields empty (-u :) and curl will use your current credentials from your environment:
curl --ntlm -u : http://example.com
Per the docs (under -u, --user)
If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".
I just want to add that authorization might include several redirects and the NTLM authentication might be required for the second or subsequent requests, but not the first one. In this case the answers here won't work.
The thing is, CURL sends credentials with the first request only, while you might need them for the second one for example. To pass credentials with all the requests, use the --location-trusted option.
From CURL documentation (-L option):
When authentication is used, curl only sends its credentials to the initial host. If a redirect takes curl to a different host, it won't be able to intercept the user+password. See also --location-trusted on how to change this.
This important note helped me authorize on my company website. Hope that helps somebody else.
I had the same issue with you, but I through adjust iis server configuration to authenticate, to enable HTTP basic or digest authentication, after done, you could use simplest authenticate, sorry for my bad English
