vercel curl
The vercel curl command is currently in beta. Features and behavior may change.
The vercel curl command works like curl, but automatically handles deployment protection bypass tokens for you. When your project has Deployment Protection enabled, this command lets you test protected deployments without manually managing bypass secrets.
The command runs the system curl command with the same arguments you provide, but adds an x-vercel-protection-bypass header with a valid token. This makes it simple to test API endpoints, check responses, or debug issues on protected deployments.
This command is available in Vercel CLI v48.8.0 and later. If you're using an older version, see Updating Vercel CLI.
vercel curl [path]Using the vercel curl command to make an HTTP request
to a deployment.
Make a GET request to your production deployment:
vercel curl /api/helloMaking a GET request to the /api/hello endpoint on
your production deployment.
Send a POST request with JSON data:
vercel curl /api/users -X POST -H "Content-Type: application/json" -d '{"name":"John"}'Making a POST request with JSON data to create a new user.
Test a specific deployment by its URL:
vercel curl /api/status --deployment https://my-app-abc123.vercel.appMaking a request to a specific deployment instead of the production deployment.
See detailed request information:
vercel curl /api/data -vUsing curl's -v flag for verbose output, which shows
headers and connection details.
When you run vercel curl:
- The CLI finds your linked project (or you can specify one with
--scope) - It gets the latest production deployment URL (or uses the deployment you specified)
- It retrieves or generates a deployment protection bypass token
- It runs the system
curlcommand with the bypass token in thex-vercel-protection-bypassheader
The command requires curl to be installed on your system.
These are options that only apply to the vercel curl command.
The --deployment option, shorthand -d, lets you specify a deployment URL to request instead of using the production deployment.
vercel curl /api/hello --deployment https://my-app-abc123.vercel.appUsing the --deployment option to target a specific
deployment.
The --protection-bypass option, shorthand -b, lets you provide your own deployment protection bypass secret instead of automatically generating one. This is useful when you already have a bypass secret configured.
vercel curl /api/hello --protection-bypass your-secret-hereUsing the --protection-bypass option with a manual
secret.
You can also use the VERCEL_AUTOMATION_BYPASS_SECRET environment variable:
export VERCEL_AUTOMATION_BYPASS_SECRET=your-secret-here
vercel curl /api/helloSetting the bypass secret as an environment variable.
Make sure curl is installed on your system:
# macOS (using Homebrew)
brew install curl
# Ubuntu/Debian
sudo apt-get install curl
# Windows (using Chocolatey)
choco install curlInstalling curl on different operating systems.
Make sure you're in a directory with a linked Vercel project and that the project has at least one deployment:
# Link your project
vercel link
# Deploy your project
vercel deployLinking your project and creating a deployment.
If automatic token creation fails, you can create a bypass secret manually in the Vercel Dashboard:
- Go to your project's Settings → Deployment Protection
- Find "Protection Bypass for Automation"
- Click "Create" or "Generate" to create a new secret
- Copy the generated secret
- Use it with the
--protection-bypassflag orVERCEL_AUTOMATION_BYPASS_SECRETenvironment variable
When using --deployment, verify that:
- The deployment ID or URL is correct
- The deployment belongs to your linked project
- The deployment hasn't been deleted
The following global options can be passed when using the vercel curl command:
For more information on global options and their usage, refer to the options section.
Was this helpful?