To use the Redis Enterprise Cloud REST API, you need to:

  • Enable the API
  • Create an account key
  • Create a secret key
The Redis Cloud REST API is available only with Flexible or Annual subscriptions. It is not supported for Fixed or Free subscriptions.

To use the keys to authenticate and authorize your request, include the keys with the request headers:

Key name HTTP Header name Description
Account key x-api-key Account-level key assigned to all users of an account
Secret key x-api-secret-key Personal key associated with a specific user and possibly limited to certain IP ranges

Enable the API

The API is disabled on all accounts by default. You must first enable the API before you can use it.

Account key

The account key identifies your specific account when you perform an API request.

An account key is an account-level secret. Do not share this key with anyone not authorized to use the account.

You create the account key once when enabling API access.

If you need to change or delete your account key, please contact support.

Secret key

The secret key is a personal key that belongs to a specific user having the owner role.

The secret key is a personal secret. Do not share this key.

A user can generate multiple secret keys for themselves or for any other users defined as owners within the same account.

Every secret key has a name. You can use this name to identify which user made a specific API request.

For example, when you audit create, update, and delete requests in the system log, you can easily see which secret key was used for each request.

Authentication using API keys

You must authenticate using the account key and secret key on every API request.

You provide these keys as HTTP request headers.

Authenticate a request

An API request will successfully authenticate if the following conditions are met:

  1. Both the account key and secret key are valid and properly defined in the HTTP request headers.
  2. The secret key is associated with the same account as the account key.
  3. The request originates from a valid source IP. This requirement holds when you have defined sourced IP limitations for your secret key.

More info

To learn more, see: