ureq

Simple, blocking HTTP client for Rust. Zero async complexity — synchronous API with no tokio/async-std dependency. Small binary footprint. Supports TLS (via rustls or native-tls), JSON (via serde_json feature), redirects, and timeouts. Perfect for CLI tools, scripts, and simple applications that don't need async HTTP.

Evaluated Mar 06, 2026 (0d ago) v2.x
Homepage ↗ Repo ↗ Developer Tools rust http client blocking simple minimal tls no-async
⚙ Agent Friendliness
64
/ 100
Can an agent use this?
🔒 Security
84
/ 100
Is it safe for agents?
⚡ Reliability
82
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
85
Error Messages
82
Auth Simplicity
88
Rate Limits
88

🔒 Security

TLS Enforcement
92
Auth Strength
82
Scope Granularity
78
Dep. Hygiene
88
Secret Handling
82

Uses rustls by default — modern TLS. No built-in credential store; auth headers are application responsibility.

⚡ Reliability

Uptime/SLA
85
Version Stability
82
Breaking Changes
78
Error Recovery
82
AF Security Reliability

Best When

Building Rust CLI tools or simple utilities that need HTTP without async runtime complexity.

Avoid When

Your application needs concurrent HTTP requests or is already using an async runtime.

Use Cases

  • Make HTTP requests in Rust CLI tools without async runtime overhead: ureq::get(url).call()?
  • Build simple REST API clients in Rust without tokio dependency for binary size or complexity reduction
  • Implement sync HTTP utilities in Rust libraries that shouldn't force async on consumers
  • Fetch web data in Rust scripts and tools where reqwest's async API is overkill
  • Prototype HTTP integrations quickly with ureq's simple chaining API before migrating to reqwest if needed

Not For

  • High-concurrency HTTP workloads — use reqwest (async) for concurrent requests without blocking threads
  • Complex middleware, retry, or connection pooling — reqwest + tower provides richer HTTP middleware
  • Applications already using tokio that need async HTTP — reqwest integrates better with tokio

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
Yes
Webhooks
No

Authentication

Methods: api_key bearer_token basic
OAuth: No Scopes: No

HTTP client — auth configured via header() method. No built-in OAuth flow.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

MIT licensed open source library.

Agent Metadata

Pagination
none
Idempotent
Partial
Retry Guidance
Documented

Known Gotchas

  • ureq treats 4xx and 5xx status codes as errors by default — check response.status() before calling .into_string() or use response.into_string() which succeeds on any status
  • Response body must be read before the connection can be reused — always call .into_string() or .into_reader() even for error responses
  • ureq v2.x requires reading the entire response body — not reading it leaks the connection; always consume the response
  • TLS defaults to rustls — use ureq::builder().tls_connector() for native-tls if rustls causes issues with corporate cert stores
  • Timeouts are per-read not per-response — set both connect_timeout and read_timeout: ureq::builder().timeout(Duration::from_secs(5))
  • ureq is blocking — using it in async code blocks the tokio thread; use tokio::task::spawn_blocking() or switch to reqwest

Alternatives

reqwest-api minreq-rs-api curl-rs-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for ureq.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5215
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered