All serverless function providers have a maximum execution time for each function. Usually you can extend this time by paying more, but it’s still limited. QStash provides a way to go around this problem by using callbacks.

What is a callback?

A callback allows you to call a long running function without having to wait for its response. Instead of waiting for the request to finish, you can add a callback url to your published message and when the request finishes, we will call your callback URL with the response.

  1. You publish a message to QStash using the /v2/publish endpoint
  2. QStash will enqueue the message and deliver it to the destination
  3. QStash waits for the response from the destination
  4. When the response is ready, QStash calls your callback URL with the response

Callbacks publish a new message with the response to the callback URL. Messages created by callbacks are charged as any other message.

How do I use Callbacks?

You can add a callback url in the Upstash-Callback header when publishing a message. The value must be a valid URL.

  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer <QSTASH_TOKEN>' \
  -H 'Upstash-Callback: <CALLBACK_URL>' \
  -d '{ "hello": "world" }'

The callback body sent to you will be a JSON object with the following fields:

  "status": 200,
  "sourceMessasgeId": "msg_xxx", // The ID of the message that triggered the callback
  "headers": {
    "key": "value"
  "body": "base64 encoded response body",
  "retried": 1 // How many times we retried to deliver the original message

In Next.js you could use the following code to handle the callback:

// pages/api/callback.js

import { verifySignature } from "@upstash/qstash/dist/nextjs";

function handler(req, res) {
  // responses from qstash are base64-encoded
  const decoded = atob(req.body.body);

  return res.status(200).end();

export default verifySignature(handler);

export const config = {
  api: {
    bodyParser: false,

We may truncate the response body if it exceeds your plan limits. You can check your Max Message Size in the console.

Make sure you verify the authenticity of the callback request made to your API by verifying the signature.