Application Programming Interface (API)

The Fastly Application Programming Interface (API) allows you to integrate your applications and services with the Fastly platform.

Our API is presented using a REST model. It uses standard HTTP response codes and verbs to allow you to programmatically control all the same features that are available through the Fastly web interface. Our web interface is a client of our public API.


The Fastly API provides a variety of endpoints that we document in our API reference documentation. The endpoint documentation for each API call shows the method, path, authentication type, resource, and parameters that must be combined with the base URL to form a request.

Client libraries

To make coding against the Fastly API easier, we maintain a list of client libraries in a variety of languages. Our client list provides more information about each of the client libraries in our list, including third-party tools and integrations in other languages created by the Fastly community.

Base URL and endpoints

With one exception, all API calls referenced in our documentation start with a base URL:

The base URL for the real-time analytics API is:


Nearly all API requests require authentication using an API token. You can limit the capabilities of those tokens using a scope. Our authentication page provides more information about the API tokens you must use to authenticate. Our guide to Using API tokens provides more information about managing these tokens via the web interface depending on the role your organization has assigned to your account.


Fastly accounts created before May 15th, 2017 may have used one or more API keys to authenticate API requests. See our note on legacy API keys for more information.


Fastly uses standardized HTTP response codes to indicate the success or failure of an API request. Codes in the 2xx range indicate success and confirm a request worked as expected. Codes in the 4xx range indicate an error and provide both an error code and a brief explanation.

Rate limiting

Unless otherwise stated in the API reference documentation for individual endpoints, API access is limited to 1,000 non-read requests per hour, per user account. If more than one API token is associated with one user, all that user's tokens share the same limit. Information about rate limit consumption and remaining credit is available in an HTTP response header, examples of which can also be found in our API reference documentation.

TLS version requirement

The Fastly API requires TLS 1.2. Because of the PCI Security Standards Council mandate (PDF previously archived at, TLS versions 1.0 and 1.1 are no longer supported for accessing Fastly's API.

Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact