Quoting JSON in Shell Scripts for API Requests
When using curl or similar command-line tools to make HTTP API requests, it’s important to understand how your shell processes quotes in command arguments. This becomes especially relevant when the payload includes JSON — and even more so when the JSON contains both single and double quotes.
This guide explains:
- Why quoting breaks when used naively
- How to structure payloads safely using heredoc
- Other viable alternatives
Note
The complexity described in this guide is not caused by DataPrime or its APIs. It stems entirely from how shell environments (like bash or zsh) interpret quoted strings. When integrating with DataPrime programmatically, no escaping is required — you can pass JSON strings directly and cleanly.
Common pitfall: single quotes in JSON
Here's a basic curl example that works fine with simple JSON:
curl --location 'https://ng-api-http.coralogix.com/api/v1/dataprime/query' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <cx_api_key>' \
--data '{
"query": "source logs | limit 10"
}'
However, if your query includes single quotes, like:
Trying to include that directly in the --data flag without escaping will cause the shell to break the string early, resulting in a malformed request. This happens because the shell does not allow single quotes inside single-quoted strings. When the shell sees a ' character, it assumes the string has ended, which corrupts the structure of your JSON. To work around this, you need to escape single quotes properly.
Best practice: use heredoc to avoid escaping
To avoid this entirely, use a heredoc — a standard shell feature (unrelated to DataPrime) that lets you safely pass multi-line strings into a command.
What is a heredoc?
A heredoc is a generic syntax in Unix-like shells that allows passing blocks of text without escape characters. It looks like this:
Heredoc example for JSON payload
curl --location 'https://ng-api-http.coralogix.com/api/v1/dataprime/query' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <cx_api_key>' \
--data @- <<EOF
{
"query": "source logs | filter log_obj.applicationName == 'my-app'"
}
EOF
No escaping is needed. It's clean, readable, and robust. You can replace EOF with any token, as long as it matches at both ends.
Alternative: escaping single quotes in bash
You can manually insert single quotes inside a single-quoted string using this technique:
curl -X POST https://your-api-endpoint.com/query \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"query": "source logs | filter $l.applicationname == '\''my-app'\''"}'
The outer string is wrapped in single quotes. The '\'' sequence:
- Ends the current string with
'. -
Inserts a literal single quote with
\'.As the shell is interpreting this, there’s a need to escape the single quote with a backslash. Otherwise, the shell will assume that it’s just the beginning of another single-quoted string.
-
Starts a new string with
'.
This alternative works but may be hard to read and maintain.
Alternative: double quotes with escaped inner quotes
You can also wrap the JSON payload in double quotes, but then every " inside the JSON must be escaped. Note, in the example below, that there are double quotes right after the --data param:
curl --location "https://ng-api-http.coralogix.com/api/v1/dataprime/query" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer <cx_api_key>" \
--data "{\"query\": \"source logs | filter log_obj.applicationName == 'my-app'\"}"
This is technically valid but gets cluttered fast.
Final takeaway
Quoting challenges arise from your shell — not from DataPrime.
When working with DataPrime’s programmatic APIs, you can use native JSON formatting directly without escaping or shell workarounds.
Direct Archive Query HTTP API
Light
light
dark
User Guides
DataPrime
Integrations
OpenTelemetry
Developer Portal