Guide
Serverless and edge access
Edge and serverless runtimes like Vercel Edge Functions, Cloudflare Workers, and Deno Deploy cannot open raw TCP sockets, so a normal connection string will not work there. Layerbase gives you three HTTP paths that do: the HTTP query API for every engine, an Upstash-compatible REST endpoint for Redis and Valkey, and a PlanetScale serverless driver for MySQL and MariaDB.
The HTTP query API (every engine)
Every database accepts queries over HTTP at POST /v1/databases/:id/query. You authenticate with a Bearer API key, send a JSON body, and get JSON back. This is the simplest path from an edge function because it needs nothing but fetch. The exact URL for your database is in the HTTP API snippet under the Connect dialog's Snippets tab, so copy it from there rather than hand-building the host.
SQL-mode engines take a query string. REST-mode engines (Qdrant, Meilisearch, CouchDB, Weaviate) take an http object with a method and path instead. TigerBeetle uses a binary protocol and is not reachable over this API.
curl -s https://<your-cloud-host>/v1/databases/<id>/query \
-H "Authorization: Bearer YOUR_DB_API_KEY" \
-H "Content-Type: application/json" \
-d '{"query": "SELECT 1"}'const res = await fetch(
'https://<your-cloud-host>/v1/databases/<id>/query',
{
method: 'POST',
headers: {
Authorization: 'Bearer YOUR_DB_API_KEY',
'Content-Type': 'application/json',
},
body: JSON.stringify({ query: 'SELECT * FROM users LIMIT 10' }),
},
)
const data = await res.json()A successful SQL query returns columns and rows:
{
"columns": ["id", "email"],
"rows": [
[1, "ada@example.com"],
[2, "grace@example.com"]
],
"rowCount": 2
}For a REST-mode engine, send the request as an http object and the engine's own JSON comes back on the http field:
{ "http": { "method": "GET", "path": "/collections" } }API keys
The query API needs a Bearer key. Keys are prefixed sk_, and the full secret is shown exactly once when you create or rotate it. Layerbase stores only a hash, so copy it into your secret store right away. There is no way to see it again.
There are two kinds. A per-database key lives on the database's Connect dialog under the API key tab. It is not minted automatically: click Generate API key when you want HTTP access, so a fresh database page carries no secret you could leak on screen. An account key (called a personal API key) lives at /cloud/settings and works across all your databases plus the rest of the cloud API.
Both keys support Rotate (issue a new secret) and Revoke (disable the key). Revoking takes effect immediately: anything still using that secret gets a 401. Rotation differs by key type: rotating a per-database key lets the old secret keep working for 24 hours before it starts returning 401, while rotating an account key revokes the old secret immediately. Keys show a last-used time so you can spot stale ones.
Redis and Valkey over REST (Upstash-compatible)
Redis and Valkey databases also expose an Upstash-compatible REST endpoint. The Connect dialog shows a REST URL and a REST Token when this is available. Use them with the @upstash/redis client (or @vercel/kv, which takes the same url and token), both of which run in edge runtimes.
import { Redis } from '@upstash/redis'
const redis = new Redis({
url: 'YOUR_REST_URL',
token: 'YOUR_REST_TOKEN',
})
await redis.set('key', 'value')
const value = await redis.get('key')You can also hit it directly with a Bearer POST, sending the command as a JSON array:
curl -X POST YOUR_REST_URL \
-H "Authorization: Bearer YOUR_REST_TOKEN" \
-d '["GET", "mykey"]'MySQL and MariaDB serverless driver (PlanetScale)
MySQL and MariaDB databases expose a PlanetScale-compatible serverless HTTP endpoint. The Connect dialog shows a PS URL, PS Username, and PS Password. Use them with @planetscale/database or the Drizzle planetscale-serverless adapter, both built for edge functions.
import { connect } from '@planetscale/database'
const conn = connect({
host: 'YOUR_PS_URL'.replace('https://', ''),
username: 'YOUR_PS_USERNAME',
password: 'YOUR_PS_PASSWORD',
})
const result = await conn.execute('SELECT * FROM users')import { drizzle } from 'drizzle-orm/planetscale-serverless'
import { connect } from '@planetscale/database'
const connection = connect({
host: 'YOUR_PS_URL'.replace('https://', ''),
username: 'YOUR_PS_USERNAME',
password: 'YOUR_PS_PASSWORD',
})
const db = drizzle(connection)Postgres from Deno and Supabase Edge Functions
Postgres does not have an HTTP variant, but Deno and Supabase Edge Functions can open a TLS socket, so you connect with a normal Postgres driver over the pooled connection string. If your database requires a client certificate, use the @layerbase/deno-mtls adapter against the direct-TLS port so the certificate is actually presented. See the client-certificates guide for the full setup.
Keep tokens server-side
The API keys, REST tokens, and PS credentials are all write-capable: anyone holding one can read and modify your data. Store them as server or function secrets and never ship them to a browser bundle. If a token leaks, rotate or revoke it from the Connect dialog or /cloud/settings.