> ## Documentation Index
> Fetch the complete documentation index at: https://docs.afauth.org/llms.txt
> Use this file to discover all available pages before exploring further.

# afauth call

> Make a signed HTTP request to an AFAuth-supporting service.

<Note>Hand-maintained reference. For the authoritative flags on your installed version, run the command with `--help`.</Note>

```bash theme={null}
# Signed GET (default method)
afauth call https://api.example.com/afauth/v1/accounts/me

# Signed POST with inline body
afauth call --method POST --data '{"x":1}' https://api.example.com/x

# POST with body read from a file (--data accepts @path syntax)
afauth call --method POST --data @body.json https://api.example.com/x

# Repeatable extra headers
afauth call --header 'X-Trace: abc' --header 'X-Tenant: foo' \
            https://api.example.com/x

# Include response headers in output
afauth call --show-headers https://api.example.com/afauth/v1/accounts/me

# Attach an attestation proactively (otherwise auto-minted on a §10.7 challenge)
afauth call --attest "$(afauth trust token did:web:api.example.com)" https://api.example.com/x
```

<Note>
  Against an `attested_only` service, `afauth call` runs the §10.7 refresh-on-challenge loop: on `401 attestation_required` it mints a fresh attestation from your trust binding and retries once. A revoked or expired binding surfaces with re-link guidance rather than looping. `--attest` attaches one up front. See [Keep attested access live](/guides/keep-attested-access-live).
</Note>
