Create your Redis instance

For the rate limit to work, we need to create an Upstash Redis and get its credentials. To create an Upstash Redis, you can follow the Upstash Redis “Get Started” guide.

Add Ratelimit to Your Project

Once we have a Redis instance, next step is adding the rate limit to your project in its most basic form.

Install Ratelimit

First, we need to install @upstash/ratelimit:

npm install @upstash/ratelimit

Add Ratelimit to Your Endpoint

Next step is to add Ratelimit to your endpoint. In the example below, you can see how to initialize a Ratelimit and use it:

import { Ratelimit } from "@upstash/ratelimit"; // for deno: see above
import { Redis } from "@upstash/redis";

// Create a new ratelimiter, that allows 10 requests per 10 seconds
const ratelimit = new Ratelimit({
  redis: Redis.fromEnv(),
  limiter: Ratelimit.slidingWindow(10, "10 s"),
  analytics: true,
   * Optional prefix for the keys used in redis. This is useful if you want to share a redis
   * instance with other applications and want to avoid key collisions. The default prefix is
   * "@upstash/ratelimit"
  prefix: "@upstash/ratelimit",

// Use a constant string to limit all requests with a single ratelimit
// Or use a userID, apiKey or ip address for individual limits.
const identifier = "api";
const { success } = await ratelimit.limit(identifier);

if (!success) {
  return "Unable to process at this time";
return "Here you go!";

In this example, we initialize a Ratelimit with an Upstash Redis. The Uptash Redis instance is created from the environment variables and passed to the Ratelimit instance. Then, we check the access rate using the ratelimit.limit(identifier) method. If the success field is true, we allow the expensive calculation to go through.

For more examples, see the Examples.

Set Environment Variables

Final step is to update the environment variables so that the Ratelimit can communicate with the Upstash Redis. UPSTASH_REDIS_REST_URL and UPSTASH_REDIS_REST_TOKEN environment variables must be set in order for the Redis.fromEnv() command to work. You can get the values of these environment variables from the Upstash Console by navigating to the page of the Redis instance you created.

An alternative of using the Redis.fromEnv() method is to pass the variables yourself. This can be useful if you save these environment variables with a different name:

new Redis({
  url: 'https://****',
  token: '********',

Here is how you can set the environment variables in different cases:

Go to the “Settings” tab in your project. In the menu to the left, click “Environment Variables”. Add UPSTASH_REDIS_REST_URL and UPSTASH_REDIS_REST_TOKEN environment variables and their values.

Customizing the Ratelimit Algorithm

There are several algorithms we can use for rate limiting. Explore the different rate-limiting algorithms available; how they work, their advantages and disadvantages in the Algorithms page. You can learn about the cost in terms of the number of commands, by referring to the Costs page.


In our example, we only used the limit method. There are other methods we can use in the Ratelimit. These are:

  • blockUntilReady: Process a request only when the rate-limiting algorithm allows it.
  • resetUsedTokens: Reset the rate limiter state for some identifier.
  • getRemaining: Get the remaining tokens/requests left for some identifier.

To learn more about these methods, refer to the Methods page.


To configure the your Ratelimit according to your needs, you can make use of several features:

For more information about the features, see the Features page.