rest - Set Authorization header using PHP and curl

Question

We're using Commission Junction's REST service, which requires we sent an API key in the Authorization header.

We set the header like this:

$ch = curl_init();
curl_setopt_array($ch, array(
  // set url, timeouts, encoding headers etc.
  CURLOPT_URL => 'https://....',
  // ...
));

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
  'Authorization: ' . CJ_API_KEY,
  'User-Agent: ' . OUR_USER_AGENT
));

$response = curl_exec($ch);
$info = curl_getinfo($ch);

The problem is that the Authorization header isn't sent (we debugged this by using a local url and doing a var_export($_SERVER) which shows a User-Agent header is set, but not the Authorization header.)

If we change the header name to X-Authorization, it gets sent - but this hasn't helped us as the service specifically requires the Authorization header.

How do we get PHP + cURL to send an arbitrary Authorization header?

Answer 1

The Authorization header isn't included in PHP's $_SERVER variable. To properly debug a request you should use apache_request_headers() which shows we were sending the Authorization header exactly as we wanted.

The problem then moved on to figuring out exactly what to put in the Authorization header given some pretty bad documentation.