Just use codeAI loves code
Write actions, a database schema, and auth as TypeScript files in a typebase/ folder inside your app. Your frontend calls them like local functions.
import { action } from '../../_generated/server';import { z } from 'zod'; export const getMany = action .output(z.array(z.object({ id: z.number(), value: z.string(), }))) .handler(async ({ db }) => { return db.query.todos.findMany(); });import { client } from '@/lib/typebase/client'; export default async function Page() { const todos = await client.queries.todos.getMany(); // ^? { id: number; value: string }[] return todos.map((t) => ( <li key={t.id}>{t.value}</li> ));}The problem
with RLS
RLS is implicit and lives in a SQL dialect your editor doesn’t typecheck. One UPDATE policy gives write access to every column, including the ones you add tomorrow. The overly permissive clause an agent slipped in at 2am sails through review, because no compiler is going to flag it.
With Typebase, authorization is explicit. Your action declares the columns it accepts and your auth check runs in code before any of them reach the database. Add a column, the compiler tells you who can write to it. The same code your agent writes is the code your compiler checks.
trueauth.role() = 'authenticated'user_id = auth.uid()user_id = auth.uid()auth.role() = 'authenticated' lets every signed-in user update every column of every row.
Ships with first-class guides for
Enough database. Enough API. Enough auth.
Typebase is built on three libraries you already trust (Drizzle ORM, oRPC, and better-auth) wired together so you stop writing glue and start writing the app.
Actions as files.
actions/queries/todos.ts becomes client.queries.todos.*. Types flow from your handler’s .input() and .output() straight to your client.
Your schema, typed from the column up.
Tables live in db/schema.ts as Drizzle definitions. npx typebase-io-cli db push syncs them to Postgres. Column types flow through db.query.*, your handlers, and into your client.
Auth is one file.
Drop in auth.ts, run npx typebase-io-cli auth generate, and better-auth handles sessions, email/password, and OAuth. Protected actions are a one-line middleware.
One command, pick your cloud.
npx typebase-io-cli deploy builds for Vercel, Cloudflare Workers, or Deno Deploy. Managed Postgres through Neon. No proprietary hosting meta-platform.
Framework-shaped clients.
Idiomatic wiring for Server Components, SvelteKit load functions, Nuxt plugins, and Expo SecureStore. We meet each framework where it lives.
Built for AI.
Conventions are file-based and types flow end-to-end. Coding agents get a tight loop: drop a file in actions/, the typecheck catches mistakes immediately, and there’s no hidden DSL or registration step to learn.
Industry-shaking testimonials*
* None of these people exist. We checked. Twice. Legal is chill.
“I deleted 40,000 lines of REST plumbing last quarter. My tech lead cried. I think they were happy tears. I have stopped asking.”
“Before Typebase I had three acronyms in my pipeline: REST, gRPC, and WHY. Now I have one: fn(). I have never been happier and my Oura ring agrees.”
“I’ve told four separate therapists about Typebase. Two stopped taking me as a client. The other two are now shipping an app with it.”
“My co-founder asked where the auth lives. I said “a file called auth.ts.” He hasn’t spoken to me since. I assume he’s impressed.”
“We replaced 14 microservices with one folder. The DevOps team threw me a party. The party was a meeting. The meeting was about layoffs.”
“10/10 would make my backend a folder again.”
Do you have a real, non-fabricated quote? We will happily replace one of these humans with you.
Give your agent a backend it can read.
It takes about ninety seconds. Most of that is npm install.
$ npm i typebase-io && npm i -D typebase-io-cli