wget --header: Send Custom Request Headers
wget --header "Name: value" adds a custom HTTP header to the request, repeatable for several headers.
Private artifact stores and APIs gate downloads behind headers. --header is how you send a bearer token or a custom Accept type.
What it does
wget --header="<Name: value>" sends an arbitrary HTTP request header. You can pass the flag multiple times to send several headers. It is the standard way to attach an Authorization token or an Accept type to a download.
Common usage
wget --header="Authorization: Bearer $TOKEN" \
-O app.bin https://api.example.com/artifacts/app.bin
# multiple headers
wget --header="Authorization: token $GH_TOKEN" \
--header="Accept: application/octet-stream" \
-O asset.zip https://api.github.com/repos/o/r/releases/assets/123Options
| Flag | What it does |
|---|---|
| --header="<Name: value>" | Add a custom request header (repeatable) |
| --auth-no-challenge | Send Basic auth without waiting for a 401 |
| -O <file> | Output filename for the downloaded asset |
| --max-redirect=<n> | Limit redirects (auth headers can be dropped on redirect) |
In CI
Pass secrets through an environment variable, not a literal, so they do not appear in the committed command. Be aware that wget may not resend an Authorization header after a cross-host redirect; for asset URLs that redirect to a CDN this can turn into a 403.
Common errors in CI
ERROR 401: Unauthorized means the token is missing, expired, or the header name is wrong. ERROR 403: Forbidden after a redirect often means the Authorization header was dropped when wget followed the redirect to a presigned URL. ERROR 406: Not Acceptable usually means a missing or wrong Accept header.