How to fix Authentication required error 401 when using curl with http authentication

Question

I'm using a local php script that runs curl on a script on a remote server. The remote script is protected with http authentication.

When I run my local script, I receive the following error:

"This server could not verify that you are authorized to access the URL "/script.php". You either supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

In case you are allowed to request the document, please check your user-id and password and try again.

If you think this is a server error, please contact the webmaster.

Error 401"

I've tried the highest-voted answers from here: How do I make a request using HTTP basic authentication with PHP curl? and I've tried this: https://thisinterestsme.com/php-curl-http-auth/

-> I always receive the same error from above.

I have $username and $password defined. The code I'm using:

$url = 'https://' . $page . '/script.php';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', $additionalHeaders));
print_r($additionalHeaders);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadName);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($ch);
print_r($return);
curl_close($ch);

After printing the $additionalHeaders variable I get the following additional information before the error:

"HTTP/1.1 401 Unauthorized Date: Sat, 10 Aug 2019 22:05:26 GMT Server: Apache WWW-Authenticate: Digest realm="Protected", nonce="Xg78fMqPBQA=8d674639fbd19b9ec67b085aa43e90be7a4c57cc", algorithm=MD5, qop="auth" Vary: accept-language,accept-charset Strict-Transport-Security: max-age=16000000 Upgrade: h2 Connection: Upgrade Accept-Ranges: bytes Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Content-Language: en"

Printing $return does not show anything ...

Try the long way of authentification: https://stackoverflow.com/questions/2140419/how-do-i-make-a-request-using-http-basic-authentication-with-php-curl/22358239#22358239 people report it only works like that for them. — paskl, Aug 10 '19 at 22:39
your website isn't using HTTP Basic Auth at all, it's using [Digest access authentication](https://en.wikipedia.org/wiki/Digest_access_authentication), google `CURLAUTH_DIGEST`, `curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_DIGEST);` — hanshenrik, Aug 11 '19 at 00:32
Thank you for the answers @paskl and @hanshenrik! replacing `curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', $additionalHeaders));` with `curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);` solved the issue! — codingforworlddomination, Aug 11 '19 at 07:52

score 2 · Accepted Answer · answered Aug 11 '19 at 00:34

2

your website isn't using HTTP Basic Auth at all, it's using Digest access authentication, google CURLAUTH_DIGEST,

curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_DIGEST);

answered Aug 11 '19 at 00:34

hanshenrik

19,904
4
43
89

Thank you @hanshenrik, this solved the problem! I'd vote your answer up, but I can't yet, because I don't have enough reputation on here yet. – codingforworlddomination Aug 11 '19 at 07:53

score 0 · Answer 2 · answered Aug 11 '19 at 08:05

The working solution in its entirety (except for $url $username and $password) looks like this:

$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadName);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($ch);
curl_close($ch);

How to fix Authentication required error 401 when using curl with http authentication

2 Answers2