Curl authorization

From man curl:

--anyauth

(HTTP) Tells curl to figure out authentication method by itself, and use the most secure one the remote site claims to support. This is done by first doing a request and checking the response-headers, thus possibly inducing an extra network round-trip. This is used instead of setting a specific authentication method, which you can do with --basic, --digest, --ntlm, and --negotiate.

Note that using --anyauth is not recommended if you do uploads from stdin, since it may require data to be sent twice and then the client must be able to rewind. If the need should arise when uploading from stdin, the upload operation will fail.

You should use --digest instead of --anyauth.

Digest authentication cannot take place without the first 401 response from the server.

Ie: The server replies to the first request with:

WWW-Authenticate: Digest realm="Protected", qop="auth", nonce="MTM0Njg2MjYwMjY0ODozNDk5ZDkxNTYxNjMxMDJmNDA4MWQ1NTBmZjk5OGQ5Nw=="

The client needs this information before it can assemble a valid digest authentication request. Digest requires the nonce and the op method to use in order to provide a valid

response="58faded9ae5f639ba0056fb86edca71f"

as shown in the second request.

So in short you can't do a digest request without without first getting the 401 as you don't have enough information to assemble the response without it.