API Reference

The Fastly API is a RESTful API that provides access to all the features available through the Fastly web interface. The API is organized into collections of endpoints that allow manipulation of distinct types of object related to Fastly services and accounts.

IMPORTANT: The API requires TLS 1.2. Because of the PCI Security Standards Council mandate, TLS versions 1.0 and 1.1 are no longer supported.

Authentication

Most (but not all) API endpoints require authentication with an appropriately scoped API token, which may be created via the API or in the Fastly web interface. Requirements for individual endpoints are shown on each endpoint page. To authenticate a request, generate an API token, and then include it in your request as a Fastly-Key HTTP header:

Fastly-Key: YOUR_FASTLY_TOKEN

If you are using curl to make requests, you can append a header with -H 'Fastly-Key: YOUR_FASTLY_TOKEN'.

WARNING: If you created a Fastly account before May 15th, 2017, you may have used legacy "API keys" to authenticate API requests. This account-level credential was migrated to a personal API token with a global scope and access to all of your services. Because all tokens need to be owned by a user, this credential was assigned to a newly created, synthetic user with the name Global API Token. All endpoints that support the legacy keys also support API tokens.

Clients

Client libraries are available in a number of languages. The following clients are built and maintained by Fastly:

Go
perl (also see CPAN)
python
Ruby (also see Rubygems)
Terraform

In addition to the official clients, our awesome community has also created clients and integrations for other languages.

WARNING: Fastly makes no warranty on third-party software. We assume no responsibility for errors or omissions in the third-party software or documentation available. Using such software is done entirely at your own discretion and risk.

Tool	Technology	Author	Description
fastly-configure	Ruby	GDS	A utility to configure the Fastly CDN from version-controllable VCL and YAML files
fastly-promises	Node.js	Philipp Schulte	Promise based Node.js client
fastly on npm	Node.js	Jeremiah from FitBit	Callback-based Node.js client which is currently the `fastly` package on npm

Rate limiting

Authenticated requests are subject to a limit of 1,000 non-read requests per hour. Read requests, such as GET and HEAD requests, are not limited. Surrogate key and URL purge requests are also not limited, but purge-all requests count against the per-hour rate limit. If you go over the rate limit, you will receive a 429 Too Many Requests HTTP response.

Rate limit information is provided in response headers, as shown below. The Fastly-RateLimit-Remaining header provides the number of API requests remaining in the current rate limit window. The Fastly-RateLimit-Reset provides the time at which the current rate limit window resets, as a Unix timestamp.

Fastly-RateLimit-Remaining: 999
Fastly-RateLimit-Reset: 1452032384

User contributed notes

We welcome comments that add use cases, ideas, tips, and caveats. All comments will be moderated before publication. To post support questions, visit our support center and we'll find you the help you need.