Volatile is a free key-value pair API that everyone can use.

Pick a key, add a value. What if that key already exists? Congrats, you’ve just updated its value. Uh, didn’t that key belong to someone else? No, because that’s not how things work here. No tokens, no ownership—just data. This is Volatile. It’s fast and it’s flexible. Use it for anything. Use it for good.


Sometimes you just need to put something somewhere and then fetch it later. And sometimes you need to change it without asking for anyone’s permission or keeping track of a token. Volatile is a database that anyone can edit. On the internet. That makes it both super convenient and incredibly...volatile.


Create a key-value pair write

Usage POST key=key&val=val
GET /?key=key&val=val
Example https://volatile.wtf/?key=foo&val=bar
Response 1 HTTP/1.1 201 Created
2 key=val

Get the value for a key read

Usage POST key=key
GET /?key=key
Example https://volatile.wtf/?key=foo
Response 1 HTTP/1.1 200 OK
2 val

Get a key’s creation date read

Usage POST key=key&created
GET /?key=key&created
Example https://volatile.wtf/?key=foo&created
Response 1 HTTP/1.1 200 OK
2 Unix timestamp

Get a key’s modification date read

Usage POST key=key&modified
GET /?key=key&modified
Example https://volatile.wtf/?key=foo&modified
Response 1 HTTP/1.1 200 OK
2 Unix timestamp


You can send your request in JSON if you’d like. If you do, you’ll get some JSON back in return.

Sample request:

curl -d '{"key":"foo", "val":"bar"}' -H "Content-Type: application/json" -X POST https://volatile.wtf

Sample response:

    "key": "foo",
    "val": "bar",
    "result": "201 Created"

Character Encoding

Both key and val are stored as UTF-8 encoded characters. Send whatever you want, but that’s how things are stored.

Character Limits

Both key and val cannot exceed 255 characters. If you submit a request where either entity exceeds that limit, your request will fail. You’ll receive an HTTP 413 Request Entity Too Large response along with a plain text message explaining the failure.

HTTP Methods

You can use POST or GET as you see fit. If your request has both a key and a val, the val will be stored for that key. If you send a key alone, then you’ll get the key’s value in response. I don’t really care which method you use or why. Enjoy the flexibility. It’s none of my business.

Rate Limiting

Rate limits are enforced, and are tied to the IP address making the request.

For any request where rate limiting applies, these headers will be sent in your response:

  1. X-Rate-Limit-Interval, the interval for that type of request (in seconds)
  2. X-Rate-Limit-Limit, the maximum number of requests permitted during the interval
  3. X-Rate-Limit-Remaining, the number of requests that are available to you
  4. X-Rate-Limit-Reset, the number of seconds until the interval resets

When you run out of remaining requests, you’ll receive an HTTP 419 Too Many Requests response and your requests will be ignored. You’ll also receive the X-Rate-Limit-Wait header that tells you the number of seconds until you can make another successful request. Please wait that amount of time before trying again. If you continue to try to make requests before they are available, you’re a jerk.

Retrieval Shortcut

You can use this fun shortcut to access the value of any key: https://volatile.wtf/key. If the key exists, you’ll get a response with the value. If it doesn’t exist, you get HTTP 404 Not Found but I’m sure you’ll be able to pick up the pieces and move on with your life.


Your service doesn’t technically conform with RFC 2616; how can you live with yourself?

Some people are using this in more constrained technical contexts where they can GET but not POST. In accommodating those edge cases I understand that I’m not following the spec precisely, but I don’t really care. See also: this service’s name.

Is my information safe?

Probably not, but that depends on your definition of “safe”. Anything you store here could be accessed or overwritten by anyone else at any time.

Why would anyone want to use this?

I can't answer for anyone else, but I can tell you why I use it. It’s fast and it’s simple. It’s great for times when you just need to store small things and don’t want the overhead of a database. A key with sufficient entropy is unlikely to be discovered.

Is this secure? Can it be exploited?

Yes, it’s secure. No, I don’t think it can be exploited, but people are creative.

How do I know this service won’t disappear overnight?

I’m using this for personal projects and I need it. So for purely selfish reasons, you can expect it to stick around. But nothing lasts forever.

Can I get relaxed rate limiting for a specific project?

Maybe. Email volatile@neatnik.net with details about what you’re cooking and we’ll see.


This service is provided on an as-is basis. We disclaim all warranties. Everyone reserves the right to do everything because that’s the entire point of the service. Change is constant. Death is part of life. Here be dragons. Abandon all hope.


Volatile is made with by Neatnik. Send questions, bug reports, security disclosures, etc. to volatile@neatnik.net.