# Kolaybase > Kolaybase is a production-grade, self-hosted backend-as-a-service (BaaS) that gives every project its own PostgreSQL database, authentication realm, object storage, and auto-generated REST API. Kolaybase is a developer backend platform. Each project is provisioned with a dedicated PostgreSQL 16 database, a Keycloak authentication realm, S3-compatible object storage (MinIO), and a PostgREST-style REST API. It ships a JavaScript/TypeScript SDK (kolaybase-js) and a CLI (kb) for managing projects, running migrations, and generating types. It is multi-tenant, runs anywhere via Docker, and is suited to teams who want Supabase-style productivity on infrastructure they control. ## Key facts - **Category:** Backend-as-a-Service (BaaS) for developers - **Database:** One dedicated PostgreSQL 16 database per project - **Authentication:** Keycloak realm per project (email/password + OAuth) - **Storage:** S3-compatible object storage (MinIO) - **API:** Auto-generated REST API, PostgREST-compatible queries - **Clients:** kolaybase-js SDK and the kb CLI - **Hosting:** Self-hosted via Docker Compose, or managed cloud - **Pricing:** Free tier available; paid plans scale limits ## Documentation Reference for building on Kolaybase. - [Documentation home](https://kolaybase.com/docs): Start here - [REST API reference](https://kolaybase.com/docs/api): Endpoints, auth, and query syntax - [JavaScript/TypeScript SDK](https://kolaybase.com/docs/sdk): kolaybase-js client - [CLI reference](https://kolaybase.com/docs/cli): The kb command-line tool ## Blog Engineering notes, guides, and explainers about PostgreSQL backends, REST APIs, auth, and self-hosting. - [Blog index](https://kolaybase.com/blog): All posts, newest first - [Self-Hosting Your Backend with Docker: What to Know](https://kolaybase.com/blog/self-hosting-backend-with-docker): Why and how teams self-host their backend with Docker Compose — data residency, cost control, and no vendor lock-in — plus the trade-offs to plan for. - [How to Choose a Backend for Your AI App](https://kolaybase.com/blog/choosing-a-backend-for-your-ai-app): AI apps still need a normal backend: users, conversation history, document storage, and usage limits. Here's how to choose one that won't slow you down. - [PostgreSQL Row-Level Security: A Practical Guide](https://kolaybase.com/blog/postgresql-row-level-security-guide): Learn how PostgreSQL row-level security (RLS) works, when to use it, and how to write policies that enforce multi-tenant and per-user access at the database layer. - [Build vs. Buy: Should You Build Your Own Backend in 2026?](https://kolaybase.com/blog/build-vs-buy-backend): A practical framework for deciding whether to build a custom backend or use a backend-as-a-service. Covers cost, time-to-market, control, and the hidden maintenance tax. - [REST vs. GraphQL for Your Backend in 2026](https://kolaybase.com/blog/rest-vs-graphql-backend-2026): A pragmatic comparison of REST and GraphQL for application backends — caching, tooling, learning curve, and when an auto-generated REST API is the simpler win. - [Database Multi-Tenancy Patterns: Shared Schema vs. Database per Tenant](https://kolaybase.com/blog/multi-tenancy-database-patterns): Compare the main multi-tenancy patterns — shared schema with row-level security vs. a database per tenant — and how to choose for your SaaS on PostgreSQL. - [How to Build a REST API on PostgreSQL Without Writing Boilerplate](https://kolaybase.com/blog/rest-api-on-postgresql-without-boilerplate): Stop hand-writing CRUD controllers. Learn how an auto-generated, PostgREST-style REST API turns your PostgreSQL schema into a production endpoint instantly. - [Getting Started with Kolaybase: A PostgreSQL Backend in Minutes](https://kolaybase.com/blog/getting-started-with-kolaybase): Spin up a hosted PostgreSQL database, authentication, storage, and an auto-generated REST API with Kolaybase. A step-by-step guide from zero to first query. ## Comparisons Honest, side-by-side comparisons of Kolaybase with other backend platforms. - [All comparisons](https://kolaybase.com/compare): Index of every comparison - [Kolaybase vs. Supabase](https://kolaybase.com/compare/kolaybase-vs-supabase): A detailed, honest comparison of Kolaybase and Supabase: hosting model, database isolation, REST API, auth, pricing, and lock-in. Find the right PostgreSQL backend for your stack. - [Kolaybase vs. Firebase](https://kolaybase.com/compare/kolaybase-vs-firebase): Compare Kolaybase and Firebase across data model, queries, relational integrity, pricing predictability, and vendor lock-in. Choose the right backend for your app. - [Kolaybase vs. Neon](https://kolaybase.com/compare/kolaybase-vs-neon): Compare Kolaybase and Neon: Neon is serverless PostgreSQL with branching; Kolaybase is a full backend with auth, storage, and an auto REST API on top of Postgres. - [Kolaybase vs. Appwrite](https://kolaybase.com/compare/kolaybase-vs-appwrite): Compare Kolaybase and Appwrite: both are open, self-hostable backends with auth, storage, and databases. Kolaybase is PostgreSQL-native with direct SQL; Appwrite abstracts the database. - [Kolaybase vs. PocketBase](https://kolaybase.com/compare/kolaybase-vs-pocketbase): Compare Kolaybase and PocketBase: PocketBase is a single Go binary on SQLite; Kolaybase is a PostgreSQL backend with a dedicated database per project. Pick the right scale. - [Kolaybase vs. Nhost](https://kolaybase.com/compare/kolaybase-vs-nhost): Compare Kolaybase and Nhost: both are open backends on PostgreSQL with auth and storage. Nhost is GraphQL-first via Hasura; Kolaybase offers a PostgREST-style REST API. - [Kolaybase vs. Render](https://kolaybase.com/compare/kolaybase-vs-render): Compare Kolaybase and Render: Render hosts apps and managed Postgres; Kolaybase gives you a ready backend — auth, storage, and an auto REST API — without writing the server. - [Kolaybase vs. AWS Amplify](https://kolaybase.com/compare/kolaybase-vs-aws-amplify): Compare Kolaybase and AWS Amplify: Amplify ties your backend to AWS services like Cognito and DynamoDB; Kolaybase is standard PostgreSQL, self-hostable, with no vendor lock-in. - [Kolaybase vs. Convex](https://kolaybase.com/compare/kolaybase-vs-convex): Compare Kolaybase and Convex: Convex is a reactive, TypeScript-first backend with its own database; Kolaybase is standard PostgreSQL with a REST API, auth, and storage. - [Kolaybase vs. Hasura](https://kolaybase.com/compare/kolaybase-vs-hasura): Compare Kolaybase and Hasura: Hasura generates a GraphQL API over your PostgreSQL; Kolaybase is a full backend with a REST API plus built-in auth and storage. - [Kolaybase vs. Directus](https://kolaybase.com/compare/kolaybase-vs-directus): Compare Kolaybase and Directus: Directus wraps a SQL database with an admin app and APIs as a headless CMS/data platform; Kolaybase is an app backend with per-project Postgres, auth, and REST. - [Kolaybase vs. Strapi](https://kolaybase.com/compare/kolaybase-vs-strapi): Compare Kolaybase and Strapi: Strapi is a Node.js headless CMS for content types and editorial workflows; Kolaybase is a PostgreSQL backend with direct SQL, auth, and a REST API. - [Kolaybase vs. Xata](https://kolaybase.com/compare/kolaybase-vs-xata): Compare Kolaybase and Xata: Xata is a serverless data platform on PostgreSQL with branching and search; Kolaybase is a full backend with auth, storage, and a REST API. ## Use cases What teams build on Kolaybase — by application type. - [All use cases](https://kolaybase.com/use-cases): Index of every use case - [The Backend for SaaS Applications — PostgreSQL, Auth & REST API](https://kolaybase.com/use-cases/saas-applications): Build multi-tenant SaaS faster with Kolaybase: per-project PostgreSQL, row-level security, authentication, and an auto-generated REST API. Ship features, not plumbing. - [A Backend for Mobile Apps — Instant REST API, Auth & Storage](https://kolaybase.com/use-cases/mobile-apps): Power your iOS, Android, or React Native app with Kolaybase: hosted PostgreSQL, authentication, file storage, and a REST API the SDK talks to directly. No server code to maintain. - [A Backend for E-commerce — Products, Orders, and Auth on PostgreSQL](https://kolaybase.com/use-cases/ecommerce): Build an online store backend with Kolaybase: relational products and orders in PostgreSQL, transactional integrity, customer auth, and a REST API for your storefront. - [A Backend for Internal Tools — Instant API Over Your Data](https://kolaybase.com/use-cases/internal-tools): Power dashboards, admin panels, and internal tools with Kolaybase: a real PostgreSQL database, an instant REST API, auth, and role-based access without building a backend. - [A Backend for AI Applications — Postgres, Auth, and Storage for LLM Apps](https://kolaybase.com/use-cases/ai-applications): Build AI and LLM applications on Kolaybase: store users, conversations, and documents in PostgreSQL, manage auth and file uploads, and serve it all through a REST API. - [A Backend for Chat & Messaging Apps on PostgreSQL](https://kolaybase.com/use-cases/realtime-chat): Build messaging and chat apps with Kolaybase: store conversations and messages in PostgreSQL, authenticate users, and serve message history through a fast REST API. - [A Backend for Analytics Dashboards — SQL Power on PostgreSQL](https://kolaybase.com/use-cases/analytics-dashboards): Build analytics dashboards on Kolaybase: aggregate data with full PostgreSQL SQL, expose metrics through a REST API, and control access with roles and row-level security. ## Integrations Framework-specific guides for using kolaybase-js with the JavaScript/TypeScript ecosystem. - [All integrations](https://kolaybase.com/integrations): Index of every integration - [Kolaybase + Next.js: PostgreSQL Backend for Your App](https://kolaybase.com/integrations/nextjs): Use Kolaybase with Next.js for a PostgreSQL backend, auth, storage, and a REST API. Works in Server Components, Route Handlers, and the client with the kolaybase-js SDK. - [Kolaybase + React: A Backend for Your React App](https://kolaybase.com/integrations/react): Connect a React app to Kolaybase for PostgreSQL data, authentication, and storage via the kolaybase-js SDK — no custom backend required. - [Kolaybase + Vue: PostgreSQL Backend for Vue Apps](https://kolaybase.com/integrations/vue): Use Kolaybase with Vue 3 for a PostgreSQL backend, auth, and storage. The kolaybase-js SDK works cleanly with the Composition API. - [Kolaybase + SvelteKit: Backend for Svelte Apps](https://kolaybase.com/integrations/sveltekit): Use Kolaybase with SvelteKit for PostgreSQL data, auth, and storage. The kolaybase-js SDK works in load functions, endpoints, and components. - [Kolaybase + React Native: Backend for Mobile Apps](https://kolaybase.com/integrations/react-native): Build iOS and Android apps on Kolaybase with React Native. The kolaybase-js SDK provides PostgreSQL data, auth, and storage over a REST API. - [Kolaybase + Node.js: Backend Data Access from the Server](https://kolaybase.com/integrations/nodejs): Use Kolaybase from Node.js for PostgreSQL queries, auth, and storage. Ideal for server-side logic, background jobs, and scripts with the kolaybase-js SDK. - [Kolaybase + Astro: A Backend for Content and Apps](https://kolaybase.com/integrations/astro): Use Kolaybase with Astro to power dynamic data, auth, and storage. The kolaybase-js SDK works in Astro components and server endpoints. - [Kolaybase + Remix: PostgreSQL Backend with Loaders and Actions](https://kolaybase.com/integrations/remix): Use Kolaybase with Remix for PostgreSQL data, auth, and storage. The kolaybase-js SDK fits Remix loaders and actions for server-side data access. - [Kolaybase + Nuxt: PostgreSQL Backend for Nuxt Apps](https://kolaybase.com/integrations/nuxt): Use Kolaybase with Nuxt 3 for a PostgreSQL backend, auth, and storage. The kolaybase-js SDK works in composables, server routes, and plugins. - [Kolaybase + Angular: A Backend for Angular Apps](https://kolaybase.com/integrations/angular): Connect an Angular app to Kolaybase for PostgreSQL data, auth, and storage via the kolaybase-js SDK, wrapped in an injectable service. - [Kolaybase + SolidJS: Backend for Solid Apps](https://kolaybase.com/integrations/solidjs): Use Kolaybase with SolidJS for PostgreSQL data, auth, and storage. The kolaybase-js SDK pairs cleanly with Solid resources and signals. - [Kolaybase + Express: Backend Data Access in Node.js APIs](https://kolaybase.com/integrations/express): Use Kolaybase from an Express server for PostgreSQL queries, auth, and storage. Ideal for custom APIs, webhooks, and trusted server-side logic. ## Learn — backend & PostgreSQL glossary Self-contained definitions for backend, PostgreSQL, and API concepts. Safe to quote one line. - [Glossary index](https://kolaybase.com/learn): All terms, alphabetical - [Backend-as-a-Service (BaaS)](https://kolaybase.com/learn/backend-as-a-service): A backend-as-a-service (BaaS) is a platform that provides ready-made backend building blocks — database, authentication, storage, and an API — so developers don't have to build and operate them from scratch. - [REST API](https://kolaybase.com/learn/rest-api): A REST API is a web interface that exposes resources over HTTP using standard methods (GET, POST, PUT, DELETE) and JSON, making data easy to read, cache, and integrate. - [PostgREST](https://kolaybase.com/learn/postgrest): PostgREST is an approach (and tool) that turns a PostgreSQL database directly into a RESTful API, generating endpoints from your schema and enforcing access with database permissions. - [Row-Level Security (RLS)](https://kolaybase.com/learn/row-level-security): Row-level security (RLS) is a PostgreSQL feature that restricts which rows a user can read or modify using policies enforced by the database on every query. - [Object Storage](https://kolaybase.com/learn/object-storage): Object storage is a system for storing files (images, documents, backups) as objects with metadata, typically accessed over an S3-compatible API and served via signed URLs. - [Multi-Tenancy](https://kolaybase.com/learn/multi-tenancy): Multi-tenancy is an architecture where a single application serves multiple isolated customers (tenants), keeping each tenant's data separate and secure. - [JSON Web Token (JWT)](https://kolaybase.com/learn/jwt): A JSON Web Token (JWT) is a compact, signed token that securely carries claims (like a user's identity) between a client and server, commonly used for stateless authentication. - [OAuth](https://kolaybase.com/learn/oauth): OAuth is an open standard for delegated authorization that lets users grant an application limited access to their accounts (e.g. 'Sign in with Google') without sharing passwords. - [CRUD](https://kolaybase.com/learn/crud): CRUD stands for Create, Read, Update, and Delete — the four basic operations for persistent data that most application APIs and database interactions are built around. - [Connection Pooling](https://kolaybase.com/learn/connection-pooling): Connection pooling reuses a set of open database connections across many requests, avoiding the cost of opening a new connection each time and protecting the database from overload. - [Serverless Database](https://kolaybase.com/learn/serverless-database): A serverless database scales compute automatically and can scale to zero when idle, billing for actual usage instead of a fixed always-on server. - [Database Migration](https://kolaybase.com/learn/database-migration): A database migration is a versioned, repeatable change to a database schema (such as adding a table or column) that lets teams evolve the schema safely over time. - [Database Schema](https://kolaybase.com/learn/database-schema): A database schema is the structure of a database — its tables, columns, types, relationships, and constraints — that defines how data is organized and validated. - [Database Index](https://kolaybase.com/learn/database-index): A database index is a data structure that speeds up reads by letting the database find rows without scanning the whole table, at the cost of extra storage and slower writes. - [ACID Transactions](https://kolaybase.com/learn/acid-transactions): ACID transactions guarantee that a group of database operations is Atomic, Consistent, Isolated, and Durable — so related changes either all succeed or all fail together. - [API Key](https://kolaybase.com/learn/api-key): An API key is a secret token that identifies and authorizes a client when calling an API, controlling access and often rate limits and permissions. - [Webhook](https://kolaybase.com/learn/webhook): A webhook is an HTTP callback that a service sends to a URL you provide when an event happens, letting systems react to changes in real time without polling. - [GraphQL](https://kolaybase.com/learn/graphql): GraphQL is a query language and runtime for APIs that lets clients request exactly the fields they need from a single endpoint, returning predictable, typed responses. - [CORS (Cross-Origin Resource Sharing)](https://kolaybase.com/learn/cors): CORS is a browser security mechanism that controls whether a web page on one origin may call an API on a different origin, using HTTP headers to grant access. - [Rate Limiting](https://kolaybase.com/learn/rate-limiting): Rate limiting restricts how many requests a client can make to an API in a given time window, protecting the backend from abuse, overload, and runaway costs. - [Full-Text Search](https://kolaybase.com/learn/full-text-search): Full-text search finds documents matching natural-language queries by indexing words and their variants, ranking results by relevance rather than exact matching. - [Foreign Key](https://kolaybase.com/learn/foreign-key): A foreign key is a column (or set of columns) that references the primary key of another table, enforcing referential integrity between related rows. - [Primary Key](https://kolaybase.com/learn/primary-key): A primary key is a column (or set of columns) that uniquely identifies each row in a table, enforced by the database to be unique and non-null. - [ORM (Object-Relational Mapping)](https://kolaybase.com/learn/orm): An ORM (object-relational mapping) is a library that maps database tables to objects in your programming language, letting you query and persist data without writing raw SQL. - [Pagination](https://kolaybase.com/learn/pagination): Pagination splits a large result set into smaller pages, returning a slice at a time so APIs and UIs stay fast and memory-efficient. - [SQL Injection](https://kolaybase.com/learn/sql-injection): SQL injection is a security vulnerability where untrusted input is inserted into a SQL query, letting an attacker read or modify data they shouldn't. - [Database View](https://kolaybase.com/learn/database-view): A database view is a saved query that behaves like a virtual table, letting you encapsulate complex logic and expose a simplified, reusable interface to data. - [Stored Procedure](https://kolaybase.com/learn/stored-procedure): A stored procedure (or function) is logic stored and executed inside the database, letting you run complex operations close to the data in a single call. - [Database Replication](https://kolaybase.com/learn/database-replication): Database replication copies data from a primary database to one or more replicas, improving availability, read scalability, and disaster recovery. - [Upsert](https://kolaybase.com/learn/upsert): An upsert inserts a row, or updates it if a row with the same key already exists — a single operation that means 'insert or update'. - [Soft Delete](https://kolaybase.com/learn/soft-delete): A soft delete marks a row as deleted (e.g. with a deleted_at timestamp) instead of removing it, so data can be recovered, audited, or filtered out. - [UUID (Universally Unique Identifier)](https://kolaybase.com/learn/uuid): A UUID is a 128-bit identifier designed to be globally unique without a central authority, often used as a primary key in distributed systems. ## Product - [Kolaybase home](https://kolaybase.com/): Overview and features - [Pricing](https://kolaybase.com/#pricing): Plans and limits ## Notes - Kolaybase is a backend-as-a-service (BaaS) platform; compare it to Supabase, Firebase, Appwrite, and PocketBase. - Full content for AI engines is available at /llms-full.txt.