Skip to content
LangStop

Systems in Practice

NoLogin
Private
Secure

Synthesis

The Linux curl Command: My API Debugging Survival Guide

The Linux curl Command: My API Debugging Survival Guide

3 min read
Last updated:

The Linux curl Command: My API Debugging Survival Guide

The production API was returning 500 errors. My junior dev said "curl works fine on my machine." I spent an hour debugging, only to realize he was testing against localhost while I was debugging production.

That's when I learned the hard way: curl is deceptively powerful, and small differences matter.

First Encounter with curl

My initial curl command was simple:

curl https://api.example.com/data

This worked to test connectivity. But I needed more.

Adding headers

curl -H "Content-Type: application/json" \
     -H "Authorization: Bearer token123" \
     https://api.example.com/data

POST request

curl -X POST -d '{"name":"test"}' \
     -H "Content-Type: application/json" \
     https://api.example.com/data

Follow redirects

curl -L https://short.url/abc

The -L flag follows redirects—essential for testing URL shorteners!

Why curl Confused Me

1. GET vs POST

GET is default. Need -X POST explicitly:

curl -X POST https://api.example.com/endpoint

2. Data format

Without -H "Content-Type: application/json", API expects form data:

curl -X POST -d "param1=value1&param2=value2" \
     https://api.example.com/endpoint

vs:

curl -X POST -d '{"param1":"value1","param2":"value2"}' \
     -H "Content-Type: application/json" \
     https://api.example.com/endpoint

3. Authentication

Basic auth isn't intuitive:

curl -u username:password https://api.example.com/

4. SSL verification

Self-signed cert fails:

curl -k https://self-signed.example.com/

The -k flag ignores SSL errors (use for testing only!).

curl Commands That Saved My Job

Testing REST APIs

curl -X GET https://api.example.com/users \
     -H "Authorization: Bearer token" \
     -H "Accept: application/json"

GET with headers.

POST with JSON

curl -X POST https://api.example.com/users \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer token" \
     -d '{"name":"John","email":"john@example.com"}'

Debug with verbose

curl -v https://api.example.com/

Shows request/response headers, SSL handshake—everything.

Save response to file

curl -o response.json https://api.example.com/data

Download instead of stdout.

Include cookies

curl -b cookies.txt -c cookies.txt https://api.example.com/

-b reads cookies, -c saves them.

Form submission

curl -F "file=@document.pdf" \
     -F "description=Test" \
     https://upload.example.com/

Multipart form upload.

Testing with user agent

curl -A "Mozilla/5.0" https://example.com/

Spoof browser.

Silent mode

curl -s https://api.example.com/data | jq .

-s suppresses progress meter.

The curl Command Builder: Visual API Testing

API testing with curl has many options—the curl Command Builder helps:

  • Visual interface for request type, headers, body
  • Quick presets for common API patterns
  • Copy with curl/cURL formatting
  • Header builder without typos

curl Options Quick Reference

Flag What It Does
-X Request method
-H Header
-d POST data
-F Form field
-u Basic auth
-v Verbose
-k Insecure SSL
-L Follow redirects
-o Output file
-s Silent
-A User agent
-b Cookies (read)
-c Cookies (write)

Debugging SSL Errors

Show certificate info

curl -v https://example.com 2>&1 | grep -A2 "SSL"

Verify certificate chain

curl --cacert ca.pem https://example.com/

Show all certificates

curl -vvv https://example.com 2>&1 | grep "certificate"

Lessons Learned

  1. Use -v when debugging — verbose output shows exactly what's happening.

  2. Always set Content-Type for POST requests.

  3. Use -L for redirects — otherwise you'll miss the final response.

  4. Use -s with jq — suppress progress for clean JSON parsing.

  5. Test with -k temporarily but remove for production.

Conclusion: curl Is Your API Best Friend

curl went from being a mystery to my favorite debugging tool. The key is understanding headers, methods, and SSL.

The curl Command Builder makes building requests visual—click, test, copy.

Further Reading

Explore Our Toolset

AI Prompt Generator

Create dynamic and reusable AI prompts with ease.

Regex Tester

Test and debug regular expressions instantly with live match highlighting and flag support.

JSON to Code Generator

Convert JSON into clean, strongly-typed code in multiple programming languages. Generate models, classes, and structs instantly from JSON.

XML to Code Generator

Convert XML into clean, strongly-typed code across multiple languages. Supports attributes, namespaces, and complex XML schemas.

YAML to Code Generator

Convert YAML into clean, strongly-typed code for multiple languages. Supports nested schemas, anchors, and configuration files.

JSON Formatter

Make your JSON sparkle with clean, readable formatting.

JSON To YAML

Switch your JSON to human-friendly YAML on the fly.

JSON Schema GUI Builder

Visually build, edit, and manage JSON Schema with an intuitive GUI — no manual schema writing needed.

SchemaCode ER Diagram Generator

Generate and visualize ER diagrams from SQL schemas using SchemaCode.

XML To JSON

Convert complex XML to friendly JSON in seconds.

YAML To JSON

Convert readable YAML into structured JSON effortlessly.

Base 64 Converter

Switch between base64 and other formats with ease.

Base 64 to Image

Generate and download images from base64 text

Timestamp Converter

Timestamp Converter: Effortlessly convert UNIX time to human-readable format and back.

Cron Helper

Cron Helper: Build, validate, and understand crontab expressions visually with live previews and next-run insights.

Age Calculator

Age Calculator: Quickly calculate your age in years, months, and days from your date of birth.

JWT Encoder

JWT creation made simple — sign, encode, go

JWT Decoder

Decode JWTs safely — fast, clean, and offline

UUID v1 Generator

Generate UUID v1: time-based unique identifiers for distributed systems.

UUID v3 Generator

Generate UUID v3: name-based UUIDs using MD5 hashing.

UUID v4 Generator

Generate UUID v4: random UUIDs for general-purpose unique IDs.

UUID v5 Generator

Generate UUID v5: name-based UUIDs using SHA-1 hashing.

UUID v7 Generator

Generate UUID v7: time-ordered, sortable UUIDs ideal for databases.

GUID Generator

Generate GUIDs: Microsoft-style UUIDs compatible across platforms.

ULID Generator

Generate ULIDs: lexicographically sortable unique IDs for modern apps.

URL Encoder

Encode URLs to URL-safe format instantly.

URL Decoder

Decode URL-encoded strings back to plain text.

JSON URL Encoder

Encode JSON objects to URL-safe strings.

JSON URL Decoder

Decode URL-encoded strings back to JSON.

XML URL Encoder

Encode XML to URL-safe strings.

XML URL Decoder

Decode URL-encoded strings back to XML.

YAML URL Encoder

Encode YAML to URL-safe strings.

YAML URL Decoder

Decode URL-encoded strings back to YAML.

Sort Lines

Sort lines of text alphabetically or numerically.

Remove Duplicates

Remove duplicate lines from text instantly.

Word Counter

Count the number of words in your text.

Character Counter

Count the number of characters in your text.

Line Counter

Count the number of lines in your text.

Duplicate Counter

Count duplicate lines in your text.

Spaces to Newlines

Convert spaces to newlines or vice versa.

Sort Words

Sort words in your text alphabetically.

String Case Converter

Convert strings between camelCase, PascalCase, snake_case, kebab-case, and more.