Skip to content
Latchkey

wget --header: Send Custom Request Headers

wget --header "Name: value" adds a custom HTTP header to the request, repeatable for several headers.

Private artifact stores and APIs gate downloads behind headers. --header is how you send a bearer token or a custom Accept type.

What it does

wget --header="<Name: value>" sends an arbitrary HTTP request header. You can pass the flag multiple times to send several headers. It is the standard way to attach an Authorization token or an Accept type to a download.

Common usage

Terminal
wget --header="Authorization: Bearer $TOKEN" \
  -O app.bin https://api.example.com/artifacts/app.bin
# multiple headers
wget --header="Authorization: token $GH_TOKEN" \
  --header="Accept: application/octet-stream" \
  -O asset.zip https://api.github.com/repos/o/r/releases/assets/123

Options

FlagWhat it does
--header="<Name: value>"Add a custom request header (repeatable)
--auth-no-challengeSend Basic auth without waiting for a 401
-O <file>Output filename for the downloaded asset
--max-redirect=<n>Limit redirects (auth headers can be dropped on redirect)

In CI

Pass secrets through an environment variable, not a literal, so they do not appear in the committed command. Be aware that wget may not resend an Authorization header after a cross-host redirect; for asset URLs that redirect to a CDN this can turn into a 403.

Common errors in CI

ERROR 401: Unauthorized means the token is missing, expired, or the header name is wrong. ERROR 403: Forbidden after a redirect often means the Authorization header was dropped when wget followed the redirect to a presigned URL. ERROR 406: Not Acceptable usually means a missing or wrong Accept header.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →