The Fastly API is a RESTful API that supports all features available through the Fastly user interface. Use the libraries below to guide the development of your sites and applications.

Account Configuration Purging Historical Stats Remote Logging


Interactive clients for the Fastly API are available in a variety of languages. Check our Clients page for more information on each.


You authenticate to the Fastly API in one of two ways: via API key or via username and password.

API key

Include the API key from your account page as a Fastly-Key header. For example:

GET /some/path
Fastly-Key: d3cafb4dde4dbeef
Content-Accept: application/json

Username and password

First post to the login endpoint with the parameters user and password. For example:

POST /login
Content-Type: application/x-www-form-urlencoded

This will return a cookie. Stash it somewhere and use it in subsequent requests.

Rate limiting

You can make up to 1,000 non-read requests per hour. Read requests, such as GET and HEAD requests, are not limited. Surrogate-key and URL purge requests are also not limited, but purge-all requests count against the per hour rate limit. If you go over the rate limit, you will receive a 429 Too Many Requests HTTP response.

Response headers

Fastly provides rate limit information in the response header, as shown in the example below. The Fastly-RateLimit-Remaining header provides the number of API requests remaining in the current rate limit window. The Fastly-RateLimit-Reset provides the time at which the current rate limit window resets in UTC epoch seconds.

Request Example
POST /some/path
Response Example
Fastly-RateLimit-Remaining: 999
Fastly-RateLimit-Reset: 1452032384