Get started with the REST API
Describes how Redis Cloud REST API uses keys to authenticate and authorize access.
To use the Redis Cloud REST API, you need to:
- Enable the API
- Create an account key
- Create a user key
- Collect endpoint details
To use the keys to authenticate and authorize your request, include the keys with the request headers:
Key name | HTTP header name | Description |
---|---|---|
Account key | x-api-key |
Account-level key assigned to all users of an account |
User key | x-api-secret-key |
Personal key associated with a specific user and possibly limited to certain IP ranges |
Enable the API
The API is disabled on all accounts by default. You must enable the API before you can use it.
Account key
The account key identifies your specific account when you perform an API request. This is the account responsible for your subscription.
You create the account key once when enabling API access.
If you need to change or delete your account key, please contact support.
User key
The user key is a personal key that belongs to a specific user having the owner role. User keys are assigned owners when they're created. Keys cannot be assigned to users that aren't owners. Keys can belong to only one owner; however, an owner may have multiple keys.
You can view keys or copy their values only during the creation process.
Individual owners can generate multiple user keys for themselves, for separate apps, or for other owners, viewers, or log viewers within the same account.
Use key names to uniquely associate specific API requests to individual users or apps.
Doing so lets you audit API requests using the system log, which tracks the key used to authenticate each request.
Authentication using API keys
Every API request must use the account key and a user key to authenticate.
The keys are provided as HTTP request headers, shown earlier.
Authenticate a request
An API request successfully authenticates when:
-
The account and user keys are valid and properly defined in the HTTP request headers.
-
The user key is associated with the same account as the account key.
-
The request originates from a valid source IP address, as defined in a CIDR allow list associated with the user key.
This requirement applies when you've defined a CIDR allow list for the secret key.
More info
To learn more, see: