ErrorNotes

Fix Redis NOAUTH Authentication required Error

beginner๐Ÿ”ด Redis2026-03-18| Redis 4+ on Linux, macOS, Windows โ€” any Redis client (redis-cli, redis-py, ioredis, node_redis)

Error Message

NOAUTH Authentication required
#redis#auth#password#requirepass

The Error

NOAUTH Authentication required

This hits you the moment you run any Redis command on an instance that has a password set โ€” but you haven't authenticated yet. Classic example: open redis-cli, type SET key value, and Redis rejects it immediately.

Why This Happens

Set requirepass in redis.conf and Redis locks down everything. Every client must run AUTH <password> before Redis accepts any other command. That includes PING โ€” no exceptions.

Common triggers:

  • Connected via redis-cli without the -a flag or a post-connect AUTH
  • App config is missing the password, or has a stale one after a rotation
  • Someone added requirepass to redis.conf and restarted Redis without updating the app
  • Managed Redis (Redis Cloud, AWS ElastiCache, Upstash) โ€” auth is mandatory on all of these

Fix 1: Authenticate in redis-cli

Option A โ€” Pass the password at connect time

redis-cli -h 127.0.0.1 -p 6379 -a yourpassword

Option B โ€” Authenticate after connecting

redis-cli -h 127.0.0.1 -p 6379
127.0.0.1:6379> AUTH yourpassword
OK
127.0.0.1:6379> PING
PONG

Once AUTH returns OK, all subsequent commands in that session go through. You only authenticate once per connection.

Fix 2: Fix the Application Connection

App throwing NOAUTH? The Redis client isn't sending credentials. Add the password to your connection config:

Python (redis-py)

import redis

r = redis.Redis(
    host='127.0.0.1',
    port=6379,
    password='yourpassword',
    decode_responses=True
)
r.ping()  # Returns True if auth worked

Node.js (ioredis)

const Redis = require('ioredis');

const redis = new Redis({
  host: '127.0.0.1',
  port: 6379,
  password: 'yourpassword',
});

redis.ping().then(result => console.log(result)); // PONG

Node.js (node_redis v4)

import { createClient } from 'redis';

const client = createClient({
  url: 'redis://:yourpassword@127.0.0.1:6379'
});
await client.connect();

Using a connection URL (recommended)

# .env
REDIS_URL=redis://:yourpassword@127.0.0.1:6379

Most Redis clients accept a full URL with the password embedded. Two benefits: secrets stay out of source code, and rotating passwords only requires updating one environment variable.

Fix 3: Remove the Password (Dev Only)

Local dev box, don't need auth? Disable it at runtime without touching any files:

# Disable auth on a running instance (need current password first)
redis-cli -a currentpassword CONFIG SET requirepass ""

# Or check what's currently set
redis-cli -a currentpassword CONFIG GET requirepass

Prefer editing the file directly? Open /etc/redis/redis.conf and comment out the line:

# requirepass yourpassword

Then restart:

sudo systemctl restart redis
# or on older systems
sudo service redis-server restart

Never do this on a production or internet-facing server.

Fix 4: You Don't Know the Current Password

Password set by someone else? Check the config file โ€” it's almost always there in plain text:

grep requirepass /etc/redis/redis.conf
# or scan all conf files
sudo grep requirepass /etc/redis/*.conf

Still nothing? Check if the password was passed at startup instead:

ps aux | grep redis-server
# Look for --requirepass in the output

If you can't recover it at all, you'll need server access to restart Redis with a new config.

Verify the Fix

redis-cli -a yourpassword PING
# Expected: PONG

redis-cli -a yourpassword SET testkey "hello"
# Expected: OK

redis-cli -a yourpassword GET testkey
# Expected: "hello"

# Clean up
redis-cli -a yourpassword DEL testkey

PONG on PING plus working SET/GET โ€” you're through.

Tips

Use a long, random password

Redis can process hundreds of thousands of operations per second โ€” AUTH requests included. A short password is a real risk on any internet-exposed instance. Generate a 32+ character alphanumeric string; I use ToolCraft's Password Generator for this. Alphanumeric only: special characters cause shell-escaping headaches when passing the password to redis-cli.

Inject the password via environment variable

# docker-compose.yml
services:
  redis:
    image: redis:7-alpine
    command: redis-server --requirepass ${REDIS_PASSWORD}
    environment:
      - REDIS_PASSWORD=${REDIS_PASSWORD}

Redis 6+ ACL system

requirepass still works on Redis 6+, but the ACL system is worth switching to if multiple services share one instance. Per-user passwords, fine-grained command permissions โ€” much more control:

# Create a dedicated app user
ACL SETUSER appuser on >yourpassword ~* &* +@all

# Connect as that user
AUTH appuser yourpassword

Managed Redis connection strings

Redis Cloud, Upstash, and ElastiCache all provide a ready-made connection URL from their dashboard โ€” the password is already embedded. Copy it directly:

redis://:password@your-host.example.com:6379
# TLS (Upstash, Redis Cloud)
rediss://:password@your-host.example.com:6380

Related Error Notes

Fix Redis 'READONLY You can't write against a read only replica' Error

READONLY You can't write against a read only replica.

Fix Redis 'ERR value is not a valid float' When Using INCRBYFLOAT

ERR value is not a valid float

Fix Redis 'ERR value is not an integer or out of range' on INCR and DECR Commands

ERR value is not an integer or out of range