API Reference

Workers

Scripts

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Upload Worker Module

PUT/accounts/{account_id}/workers/scripts/{script_name}

Upload a worker module. You can find more about the multipart metadata on our docs: https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Workers Scripts Write

Path ParametersExpand Collapse

account_id: string

Identifier.

maxLength32

script_name: string

Name of the script, used in URLs and route configuration.

Query ParametersExpand Collapse

bindings_inherit: optional "strict"

When set to “strict”, the upload will fail if any inherit type bindings cannot be resolved against the previous version of the Worker. Without this, unresolvable inherit bindings are silently dropped.

Body ParametersForm DataExpand Collapse

metadata: object { annotations, assets, bindings, 15 more }

JSON-encoded metadata about the uploaded parts and Worker configuration.

annotations: optional object { "workers/message", "workers/tag" }

Annotations for the version created by this upload.

"workers/message": optional string

Human-readable message about the version. Truncated to 1000 bytes if longer.

maxLength1000

"workers/tag": optional string

User-provided identifier for the version. Maximum 100 bytes.

maxLength100

assets: optional object { config, jwt }

Configuration for assets within a Worker.

config: optional object { _headers, _redirects, html_handling, 3 more }

Configuration for assets within a Worker.

_headers: optional string

The contents of a _headers file (used to attach custom headers on asset responses).

_redirects: optional string

The contents of a _redirects file (used to apply redirects or proxy paths ahead of asset serving).

html_handling: optional "auto-trailing-slash" or "force-trailing-slash" or "drop-trailing-slash" or "none"

Determines the redirects and rewrites of requests for HTML content.

One of the following:

"auto-trailing-slash"

"force-trailing-slash"

"drop-trailing-slash"

"none"

not_found_handling: optional "none" or "404-page" or "single-page-application"

Determines the response when a request does not match a static asset, and there is no Worker script.

One of the following:

"none"

"404-page"

"single-page-application"

run_worker_first: optional array of string or boolean

Contains a list path rules to control routing to either the Worker or assets. Glob (*) and negative (!) rules are supported. Rules must start with either ’/’ or ’!/’. At least one non-negative rule must be provided, and negative rules have higher precedence than non-negative rules.

One of the following:

array of string

Contains a list path rules to control routing to either the Worker or assets. Glob (*) and negative (!) rules are supported. Rules must start with either ’/’ or ’!/’. At least one non-negative rule must be provided, and negative rules have higher precedence than non-negative rules.

boolean

Enables routing to always invoke the Worker script ahead of all requests. When true, this is equivalent to ["/*"] in the string array version of this field.

Deprecatedserve_directly: optional boolean

When true and the incoming request matches an asset, that will be served instead of invoking the Worker script. When false, requests will always invoke the Worker script.

jwt: optional string

Token provided upon successful upload of all files from a registered manifest.

bindings: optional array of object { name, type } or object { instance_name, name, type, namespace } or object { name, namespace, type } or 32 more

List of bindings attached to a Worker. You can find more about bindings on our docs: https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/#bindings.

One of the following:

AI object { name, type }

name: string

A JavaScript variable name for the binding.

type: "ai"

The kind of resource that the binding provides.

AISearch object { instance_name, name, type, namespace }

instance_name: string

The user-chosen instance name. Must exist at deploy time. The worker can search, chat, update, and manage items/jobs on this instance.

name: string

A JavaScript variable name for the binding.

type: "ai_search"

The kind of resource that the binding provides.

namespace: optional string

The namespace the instance belongs to. Defaults to “default” if omitted. Customers who don’t use namespaces can simply omit this field.

AISearchNamespace object { name, namespace, type }

name: string

A JavaScript variable name for the binding.

namespace: string

The user-chosen namespace name. Must exist before deploy — Wrangler handles auto-creation on deploy failure (R2 bucket pattern). The “default” namespace is auto-created by config-api for new accounts. Grants full access (CRUD + search + chat) to all instances within the namespace.

type: "ai_search_namespace"

The kind of resource that the binding provides.

AnalyticsEngine object { dataset, name, type }

dataset: string

The name of the dataset to bind to.

name: string

A JavaScript variable name for the binding.

type: "analytics_engine"

The kind of resource that the binding provides.

Assets object { name, type }

name: string

A JavaScript variable name for the binding.

type: "assets"

The kind of resource that the binding provides.

Browser object { name, type }

name: string

A JavaScript variable name for the binding.

type: "browser"

The kind of resource that the binding provides.

D1 object { database_id, name, type, id }

database_id: string

Identifier of the D1 database to bind to.

name: string

A JavaScript variable name for the binding.

type: "d1"

The kind of resource that the binding provides.

Deprecatedid: optional string

This property has been renamed to database_id.

Identifier of the D1 database to bind to.

DataBlob object { name, part, type }

name: string

A JavaScript variable name for the binding.

part: string

The name of the file containing the data content. Only accepted for service worker syntax Workers.

Deprecatedtype: "data_blob"

The kind of resource that the binding provides.

DispatchNamespace object { name, namespace, type, outbound }

name: string

A JavaScript variable name for the binding.

namespace: string

The name of the dispatch namespace.

type: "dispatch_namespace"

The kind of resource that the binding provides.

outbound: optional object { params, worker }

Outbound worker.

params: optional array of object { name }

Pass information from the Dispatch Worker to the Outbound Worker through the parameters.

name: string

Name of the parameter.

worker: optional object { entrypoint, environment, service }

Outbound worker.

entrypoint: optional string

Entrypoint to invoke on the outbound worker.

environment: optional string

Environment of the outbound worker.

service: optional string

Name of the outbound worker.

DurableObjectNamespace object { name, type, class_name, 4 more }

name: string

A JavaScript variable name for the binding.

type: "durable_object_namespace"

The kind of resource that the binding provides.

class_name: optional string

The exported class name of the Durable Object.

dispatch_namespace: optional string

The dispatch namespace the Durable Object script belongs to.

environment: optional string

The environment of the script_name to bind to.

namespace_id: optional string

Namespace identifier tag.

maxLength32

script_name: optional string

The script where the Durable Object is defined, if it is external to this Worker.

Hyperdrive object { id, name, type }

id: string

Identifier of the Hyperdrive connection to bind to.

name: string

A JavaScript variable name for the binding.

type: "hyperdrive"

The kind of resource that the binding provides.

Inherit object { name, type, old_name, version_id }

name: string

The name of the inherited binding.

type: "inherit"

The kind of resource that the binding provides.

old_name: optional string

The old name of the inherited binding. If set, the binding will be renamed from old_name to name in the new version. If not set, the binding will keep the same name between versions.

version_id: optional string

Identifier for the version to inherit the binding from, which can be the version ID or the literal “latest” to inherit from the latest version. Defaults to inheriting the binding from the latest version.

Images object { name, type }

name: string

A JavaScript variable name for the binding.

type: "images"

The kind of resource that the binding provides.

Json object { json, name, type }

json: unknown

JSON data to use.

name: string

A JavaScript variable name for the binding.

type: "json"

The kind of resource that the binding provides.

KVNamespace object { name, namespace_id, type }

name: string

A JavaScript variable name for the binding.

namespace_id: string

Namespace identifier tag.

maxLength32

type: "kv_namespace"

The kind of resource that the binding provides.

Media object { name, type }

name: string

A JavaScript variable name for the binding.

type: "media"

The kind of resource that the binding provides.

MTLSCertificate object { certificate_id, name, type }

certificate_id: string

Identifier of the certificate to bind to.

name: string

A JavaScript variable name for the binding.

type: "mtls_certificate"

The kind of resource that the binding provides.

PlainText object { name, text, type }

name: string

A JavaScript variable name for the binding.

text: string

The text value to use.

type: "plain_text"

The kind of resource that the binding provides.

Pipelines object { name, pipeline, type }

name: string

A JavaScript variable name for the binding.

pipeline: string

Name of the Pipeline to bind to.

type: "pipelines"

The kind of resource that the binding provides.

Queue object { name, queue_name, type }

name: string

A JavaScript variable name for the binding.

queue_name: string

Name of the Queue to bind to.

type: "queue"

The kind of resource that the binding provides.

Ratelimit object { name, namespace_id, simple, type }

name: string

A JavaScript variable name for the binding.

namespace_id: string

Identifier of the rate limit namespace to bind to.

simple: object { limit, period, mitigation_timeout }

The rate limit configuration.

limit: number

The limit (requests per period).

period: number

The period in seconds.

mitigation_timeout: optional number

Duration in seconds to apply the mitigation action after the rate limit is exceeded. Valid values are 0 (disabled), 10, or multiples of 60 up to 86400. Must be greater than or equal to the period when non-zero.

type: "ratelimit"

The kind of resource that the binding provides.

R2Bucket object { bucket_name, name, type, jurisdiction }

bucket_name: string

R2 bucket to bind to.

name: string

A JavaScript variable name for the binding.

type: "r2_bucket"

The kind of resource that the binding provides.

jurisdiction: optional "eu" or "fedramp" or "fedramp-high"

The jurisdiction of the R2 bucket.

One of the following:

"eu"

"fedramp"

"fedramp-high"

SecretText object { name, text, type }

name: string

A JavaScript variable name for the binding.

text: string

The secret value to use.

type: "secret_text"

The kind of resource that the binding provides.

SendEmail object { name, type, allowed_destination_addresses, 2 more }

name: string

A JavaScript variable name for the binding.