Last updated 13 June 2013. Created on 21 March 2012.
Edited by ygerasimov, jackbravo, jimthunderbird. Log in to edit this page.

Assume that I created an rest server endpoint:

http://localhost:3000/rest_api/user/login and I have an account with username: jimthunderbird and password 123456, here is how to log the user in using curl and the services module in Drupal 7

// Retrieve CSRF token
$curl_get = curl_init();
curl_setopt_array($curl_get, array(
    CURLOPT_URL => 'http://localhost:3000/services/session/token',
$csrf_token = curl_exec($curl_get);
$csrf_header = 'X-CSRF-Token: ' . $csrf_token;

// REST Server URL
$request_url = 'http://localhost:3000/rest_api/user/login';

// User data
$user_data = array(
  'username' => 'jimthunderbird',
  'password' => '123456',

// cURL
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $request_url);
curl_setopt($curl, CURLOPT_POST, 1); // Do a regular HTTP POST
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', $csrf_header));
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($user_data)); // Set POST data

$response = curl_exec($curl);

print $response;

$http_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
// Check if login was successful
if ($http_code == 200) {
  // Convert json response as array
  $logged_user = json_decode($response);
else {
  // Get error msg
  $http_message = curl_error($curl);


Looking for support? Visit the forums, or join #drupal-support in IRC.


rolkos’s picture

For this example endpoint set in "Path to endpoint field" is "rest_api" rest of the end point came from resource path that is available in this service (set in service on "resource" tab) in this case user > login.

giorgio79’s picture

David Fiaty’s picture

The code above will work if you replace 'username' by 'user' and 'password' by 'pass', like this:

$user_data = array(
  'user' => 'jimthunderbird',
  'pass' => '123456',