Skip to main content


REST API enables you to access your Upstash database using REST.

Get Started

If you do not have a database already, follow these steps to create one.

In the database details section of the Upstash Console, click the REST API button. Copy the REST URL and the authentication token. Send an HTTP GET request to the provided URL by adding an Authorization: Bearer $TOKEN header.

curl \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

The above script executes a SET foo bar command. It will return a JSON response:


You can also set the token as _token request parameter as below:


API Semantics

Upstash REST API follows the same convention with Redis Protocol. Give the command name and parameters in the same order as Redis protocol by separating them with a /.

curl REST_URL/COMMAND/arg1/arg2/../argN

Here are some examples:

  • SET foo bar -> REST_URL/set/foo/bar

  • SET foo bar EX 100 -> REST_URL/set/foo/bar/EX/100

  • GET foo bar -> REST_URL/get/foo

  • MGET foo1 foo2 foo3 -> REST_URL/mget/foo1/foo2/foo3

  • HGET employee:23381 salary -> REST_URL/hget/employee:23381/salary

  • ZADD teams 100 team-x 90 team-y -> REST_URL/zadd/teams/100/team-x/90/team-y

JSON or Binary Value

To post a JSON or a binary value, you can use an HTTP POST request and set value as the request body:

curl -X POST -d '$VALUE' \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

In the example above, $VALUE sent in request body is appended to the command as REST_URL/set/foo/$VALUE.

Note that POST request body is appended as the last parameter of a Redis command. If there are other parameters in Redis command after the value, you should send them as request query parameters:

curl -X POST -d '$VALUE' \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

Above command is equivalent to REST_URL/set/foo/$VALUE/EX/100.

POST Command in Body

Alternatively, you can send the whole command in the request body as a single JSON array. Array's first element must be the command name and command parameters should be appended next to each other in the same order as Redis protocol.


For example, Redis command SET foo bar EX 100 can be sent inside the request body as:

curl -X POST -d '["SET", "foo", "bar", "EX", 100]' \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

HTTP Codes

  • 200 OK: When request is accepted and successfully executed.

  • 400 Bad Request: When there's a syntax error, an invalid/unsupported command is sent or command execution fails.

  • 401 Unauthorized: When authentication fails; auth token is missing or invalid.

  • 405 Method Not Allowed: When an unsupported HTTP method is used. Only HEAD, GET, POST and PUT methods are allowed.


REST API returns a JSON response. When command execution is successful, response JSON will have a single result field and its value will contain the Redis response. It can be either;

  • a null value
  • an integer
  • a string
  • an array value:
{"result":["value1", null, "value2"]}

If command is rejected or fails, response JSON will have a single error field with a string value explaining the failure:

{"error":"WRONGPASS invalid password"}

{"error":"ERR wrong number of arguments for 'get' command"}


Upstash REST API supports command pipelining to send multiple commands in batch, instead of sending each command one by one and waiting for response. When pipeline API is used, several commands are sent using a single HTTP request, and a single JSON array response is returned. Each item in the response array corresponds to the command in the same order within the pipeline.

API endpoint for command pipelining is /pipeline. Pipelined commands should be send as a two dimensional JSON array in the request body, each row containing name of the command and its arguments.

Request syntax:

curl -X POST \
-H "Authorization: Bearer $TOKEN" \
-d '
["CMD_A", "arg0", "arg1", ..., "argN"],
["CMD_B", "arg0", "arg1", ..., "argM"],

Response syntax:

[{"result":"RESPONSE_A"},{"result":"RESPONSE_B"},{"error":"ERR ..."}, ...]

Execution of the pipeline is not atomic. Even though each command in the pipeline will be executed in order, commands sent by other clients can interleave with the pipeline.

For example you can write the curl command below to send following Redis commands using pipeline:

SET key1 valuex
SETEX key2 13 valuez
INCR key1
ZADD myset 11 item1 22 item2
curl -X POST \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934" \
-d '
["SET", "key1", "valuex"],
["SETEX", "key2", 13, "valuez"],
["INCR", "key1"],
["ZADD", "myset", 11, "item1", 22, "item2"]

And pipeline response will be:

[{"result":"OK"},{"result":"OK"},{"error":"ERR value is not an integer or out of range"},{"result":2}]

You can use pipelining when;

  • You need more throughput, since pipelining saves from multiple round-trip times. (But beware that latency of each command in the pipeline will be equal to the total latency of the whole pipeline.)
  • Your commands are independent of each other, response of a former command is not needed to submit a subsequent command.

Security and Authentication

You need to add a header to your API requests as Authorization: Bearer $TOKEN or set the token as a url parameter _token=$TOKEN.

curl -X POST \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"


curl -X POST

Upstash by default provides two separate access tokens per database: "Standard" and "Read Only".

  • Standard token has full privilege over the database, can execute any command.

  • Read Only token permits access to the read commands only. Some powerful read commands (e.g. SCAN, KEYS) are also restricted with read only token. It makes sense to use Read Only token when you access Upstash Redis from web and mobile clients where the token is exposed to public.

You can get/copy the tokens by clicking copy button next to UPSTASH_REDIS_REST_TOKEN in REST API section of the console. For the Read Only token, just enable the "Read-Only Token" switch.


Do not expose your Standard token publicly. Standard token has full privilege over the database. You can expose the Read Only token as it has access to read commands only. You can revoke both Standard and Read Only tokens by resetting password of your database.

REST Token for ACL Users

In addition to the tokens provided by default, you can create REST tokens for the users created via ACL SETUSER command. Upstash provides a custom ACL subcommand to generate REST tokens: ACL RESTTOKEN. It expects two arguments; username and user's password. And returns the REST token for the user as a string response.

ACL RESTTOKEN <username> <password>
Generate a REST token for the specified username & password.
Token will have the same permissions with the user.

You can execute ACL RESTTOKEN command via redis-cli:

redis-cli> ACL RESTTOKEN default 35fedg8xyu907d84af29222ert

Or via CLI on the Upstash console:

If the user doesn't exist or password doesn't match then an error will be returned.

redis-cli> ACL RESTTOKEN upstash fakepass
(error) ERR Wrong password or user "upstash" does not exist

Optimizing Performance (for advanced users)

In our internal tests comparing the REST API and native Redis API, we see the latency overhead of REST is less than 1 millisecond. But you can still improve latency connecting to the database port directly. The only disadvantage of this approach is that some environments (e.g. CloudFlare Workers) do not allow clients to access ports other than standard ones (80, 443).

You can use the same url with two changes.

  • Append the database port to the url.
  • If TLS is disabled, use http instead of https.

Optimized Redis URL (TLS enabled):

curl \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

Optimized Redis URL (TLS disabled):

curl \
-H "Authorization: Bearer 2553feg6a2d9842h2a0gcdb5f8efe9934"

Redis Protocol vs REST API


  • If you want to access to Upstash database from an environment like CloudFlare Workers, WebAssembly, Fastly Compute@Edge then you can not use Redis protocol as it is based on TCP. You can use REST API in those environments.

  • REST API is request (HTTP) based where Redis protocol is connection based. If you are running serverless functions (AWS Lambda etc), you may need to manage the Redis client's connections. REST API does not have such an issue.

  • Redis protocol requires Redis clients. On the other hand, REST API is accessible with any HTTP client.

Redis Protocol Pros

  • If you have a legacy code based on Redis clients, Redis protocol will help you to use Upstash without a code change.

  • Using Redis protocol, you can benefit from the rich Redis ecosystem. For example, you can directly use your Upstash database as session cache for your express application.


REST API has lower latency than GraphQL API. With REST API, you directly access to the database. With GraphQL API, there is a proxy layer which accepts the connections and translate GraphQL queries to the Redis protocol.


If you do not have a specific GraphQL use case, we recommend REST API instead of GraphQL API. We plan to deprecate the GraphQL API in future releases.

Cost and Pricing

Upstash pricing is based on per command/request. So the same pricing listed in our pricing applies to your REST calls too.

Metrics and Monitoring

In the current version, we do not expose any metrics specific to API calls in the console. But the metrics of the database backing the API should give a good summary about the performance of your APIs.

REST - Redis API Compatibility

FeatureREST Support?Notes
ListBlocking commands (BLPOP - BRPOP - BRPOPLPUSH) are not supported.
SortedSetBlocking commands (BZPOPMAX - BZPOPMIN) are not supported.
Connection⚠️Only PING and ECHO are supported.
Pub/Sub⚠️Only PUBLISH and PUBSUB are supported.