Skip to main content
Using the Upstash Developer API, you can create and manage Upstash products and resources programmatically. Everything you can do in the console can be automated. The Upstash CLI and the Upstash MCP server use the same API key. To use the Developer API, you need to create an API key in the console.
The Developer API is only available to native Upstash accounts. Accounts created via third-party platforms like Vercel or Fly.io are not supported.

Create an API key

  1. Log in to the console, click your profile icon at the top right corner and select Settings.
  1. Switch to the Developer API tab and click the Create API Key button.
  1. Enter a name for your key, pick its permissions and expiration, then submit. You cannot use the same name for multiple keys.
A Read/Write key can use every API endpoint. A Read Only key can list and inspect your resources but cannot change them, which makes it a good fit for monitoring scripts and AI agents. Read-only keys are marked with a Read Only tag in the key list. Keys can expire after 7, 30 or 90 days, on a custom date, or never. Choose an expiring key when you can. The console warns you when a key expires within a week, and an expired key stops working until you replace it with a new one.
You need to copy or download your API key. Upstash does not store or show your API key again for security reasons. So if you lose your API key, it becomes useless; you need to create a new one.
You can create multiple keys. It is recommended to use different keys in different applications. By default one user can create up to 37 API keys. If you need more than that, please send us an email at support@upstash.com

Team API keys

An API key belongs to the account it was created in. If you switch the console to a team and create a key there, the key belongs to that team and operates on the team’s resources. Authentication works the same way: pass your own account email as the username, not the team id. Every member of the team can use the same team key, each with their own email.
Members with the Readonly team role can only perform read operations through the API, even when using a Read/Write team key.

Using your API key

The API uses HTTP Basic authentication: pass your account email as the username and the API key as the password. See Authentication for details.
curl https://api.upstash.com/v2/redis/databases -u EMAIL:API_KEY
The same credentials work with the Upstash CLI, which manages your resources from the terminal or CI/CD pipelines, and with the Upstash MCP server, which lets AI agents manage and debug your resources. When the MCP server starts with a read-only key, it disables every tool that would modify state.

Deleting an API key

When an API key is exposed (e.g. accidentally shared in a public repository) or not being used anymore, you should delete it. You can delete API keys on the same Personal Settings > Developer API page.