curl Command Generator

Build a ready-to-run curl command from a simple form. Set the URL, HTTP method, headers, request body, basic auth, and common flags, and get a properly shell-escaped curl command you can copy and paste. Everything is generated in your browser.

Request headers
Basic auth (optional)
Options

    

ToolsSoup's curl Command Generator turns a simple form into a ready-to-run curl command. Choose an HTTP method, type a URL, add request headers, paste a raw or JSON body, set basic auth, and flip on common flags like follow-redirects or silent mode. The tool assembles the full curl command and handles shell quoting for you, single-quoting every value and safely escaping embedded quotes, so the command pastes cleanly into a terminal. It only builds the command text; it never sends the request, and everything runs locally in your browser.

What is a curl command generator?

curl is a command-line tool for making HTTP requests, and its commands can get long once you add a method, several headers, an authorization token, and a JSON body. A curl command generator lets you fill in those pieces as form fields and produces the assembled curl line for you. The hard part it handles is shell escaping: values that contain spaces, quotes, ampersands, or braces must be quoted correctly or the shell will mangle them. This generator single-quotes each value and rewrites any embedded single quote as the standard escape sequence, so the result is safe to paste and run.

How to build a curl command

Fill in only the parts you need:

  1. Pick the HTTP method (GET, POST, PUT, PATCH, DELETE, HEAD, or OPTIONS) and enter the request URL.
  2. Add any request headers as name and value rows, such as Authorization or Accept.
  3. Choose a body type and paste a raw or JSON payload if your request sends data.
  4. Optionally add a basic-auth username and password, and toggle flags like follow redirects or silent.
  5. Copy the generated curl command and paste it into your terminal.

Why shell escaping matters

If you build a curl command by hand and a header value or JSON body contains a space, a single quote, or a special character, the shell may split the argument or interpret part of it, producing a broken or even dangerous command. The safe approach is to wrap each value in single quotes, because the shell treats everything inside single quotes literally. The one character that cannot appear inside single quotes is the single quote itself, so it is written as the sequence close-quote, escaped-quote, open-quote. This generator applies that rule automatically to URLs, headers, bodies, and credentials, so you never have to reason about it yourself.

Why use this curl generator?

  • Supports GET, POST, PUT, PATCH, DELETE, HEAD, and OPTIONS methods.
  • Add unlimited custom request headers with name and value fields.
  • Send a raw or JSON body, with a Content-Type header added automatically for JSON.
  • Set basic auth with a username and password to produce a -u flag.
  • Toggle common flags: follow redirects (-L), insecure (-k), include headers (-i), and silent (-s).
  • Properly shell-escapes every value, including tricky single quotes, so the command pastes cleanly.
  • Builds the command text only and never sends the request, running 100% in your browser.

Frequently asked questions

Does this tool actually send the HTTP request?

No. It only generates the curl command as text. Nothing is ever requested or sent from this page; you copy the command and run it yourself in a terminal. That keeps the tool fully client-side and free of any cross-origin or network restrictions.

How does it handle quotes and special characters?

Each value is wrapped in single quotes so the shell reads it literally. If a value contains a single quote, that quote is rewritten as the standard escape so the surrounding quoting stays valid. This makes the command safe to paste even when headers or bodies contain spaces, ampersands, or braces.

Why did a Content-Type header appear automatically?

When you choose the JSON body type and have not already added your own Content-Type header, the generator adds Content-Type: application/json so the server interprets the payload correctly. If you set a Content-Type header yourself, it is left untouched.

How is the basic-auth password handled?

If you enter a username, the generator emits a -u flag with username:password, quoted for the shell. The password is only used to assemble the command text in your browser; it is never transmitted anywhere by this tool.

Which curl flags can I add?

You can toggle follow redirects (-L), insecure mode that skips TLS verification (-k), include response headers in the output (-i), and silent mode (-s). The chosen HTTP method becomes -X when it is not GET, headers become -H, and a request body becomes --data-raw.