Installation
Install the SDK with your package manager. Runtime requirement is Node.js 18+ (native fetch), with TypeScript 5+ for full type exports.
bash
npm install get-db9
yarn add get-db9
pnpm add get-db9
bun add get-db9| Requirement | Minimum | Notes |
|---|---|---|
| Node.js | 18.0.0+ | Uses native fetch and modern ESM/CJS output. |
| TypeScript | 5.0+ | Required for complete type export support. |
| Credentials | ~/.db9/credentials | Default token storage shared with db9 CLI. |
Quick Start
instantDatabase() automatically creates or reuses a database named default. Requires a valid token in the credential store (for example from db9 login, db9 claim, or db9 login --api-key).
typescript
import { instantDatabase } from 'get-db9';
const db = await instantDatabase({
name: 'myapp',
seed: 'CREATE TABLE users (id SERIAL PRIMARY KEY, email TEXT)'
});
console.log(db.databaseId);
console.log(db.connectionString);
console.log(db.adminUser, db.adminPassword);
console.log(db.state, db.createdAt);Result shape returned from instantDatabase():
typescript
interface InstantDatabaseResult {
databaseId: string;
connectionString: string;
adminUser: string;
adminPassword: string;
state: string;
createdAt: string;
}instantDatabase(options?)
High-level API that wraps createDb9Client(), checks for an existing database by name, creates one if missing, and optionally executes seed SQL.
signature
function instantDatabase(
options?: InstantDatabaseOptions
): Promise<InstantDatabaseResult>;| Option | Type | Description |
|---|---|---|
name | string | Database name. Default: 'default'. |
baseUrl | string | Override API endpoint. |
fetch | FetchFn | Custom fetch implementation. |
credentialStore | CredentialStore | Token load/save strategy. |
seed | string | SQL text executed via client.databases.sql(). |
seedFile | string | SQL file content executed via client.databases.sqlFile(). |
timeout | number | Request timeout in milliseconds. |
maxRetries | number | Retry count for failed requests (capped at 3). |
retryDelay | number | Delay between retries in milliseconds. |
example
const db = await instantDatabase({
name: 'analytics',
seedFile: `
CREATE TABLE events (
id BIGSERIAL PRIMARY KEY,
user_id TEXT NOT NULL,
created_at TIMESTAMP DEFAULT NOW()
);
`
});createDb9Client(options?)
Low-level typed client exposing grouped APIs: auth, tokens, and databases. If no token is provided, it lazily loads from the credential store.
signature
function createDb9Client(options?: Db9ClientOptions): Db9Client;| Option | Type | Description |
|---|---|---|
baseUrl | string | Default: https://dev.db9.ai/api. |
token | string | Optional bearer token; skips credential store lookup. |
fetch | FetchFn | Inject custom HTTP implementation. |
credentialStore | CredentialStore | Load/save token state. |
timeout | number | Request timeout in milliseconds. |
maxRetries | number | Retry count for failed requests (capped at 3). |
retryDelay | number | Delay between retries in milliseconds. |
- Create public client (no Authorization header).
- Lazy-load token from credential store on first protected call.
- If token missing, prompt user to run
db9 login(or bootstrap viadb9 db create) or setDB9_API_KEY. - Create auth client with
Authorization: Bearer <token>.
example
import { createDb9Client, MemoryCredentialStore } from 'get-db9';
const client = createDb9Client({
baseUrl: 'https://dev.db9.ai/api',
credentialStore: new MemoryCredentialStore()
});Authentication (client.auth)
Three auth entry modes: anonymous trial (auto-created on first db9 db create), Auth0 SSO (browser-based), and API key (for CI/CD and agents). Anonymous sessions can be upgraded with db9 claim.
recommended
# Zero-setup trial (auto creates anonymous account + token)
db9 db create --name quickstart
# Upgrade anonymous account to verified SSO identity
db9 claim
db9 claim --id-token <AUTH0_ID_TOKEN>
# Human operator login (prints verification URL + code, then opens browser)
db9 login
# API key login (CI/CD, agents)
db9 login --api-key <KEY>
# Mint an agent token once, then store in secret manager
db9 token create --name my-agent --expires-in-days 365
# Agent runtime
export DB9_API_KEY=<token>me(): Promise<CustomerResponse>— Get current user profile
flow
First-time user
|
| db9 db create (no credentials found)
v
Anonymous account + bearer token
|
| db9 claim (Auth0 id_token required)
v
Verified customer account
|
| db9 token create --name my-agent
v
Agent API token (recommended for automation)
Alternative
|
| db9 login
| Auth0 SSO (browser)
| Exchange verified identity for db9 bearer token
v
Customer bearer token- If no credentials are present,
db9 db createautomatically creates an anonymous account (default limit: 5 active databases). - Run
db9 claimto bind that account to a verified Auth0 identity; this removes anonymous-only limits. - Use
db9 loginwhen you want to start directly with SSO; it prints the verification URL and code in console, and also attempts to open a browser. - Agent workloads should use named API tokens from
client.tokens.create()ordb9 token create, then inject viaDB9_API_KEY.
Token Management (client.tokens)
Create, inspect, and revoke customer API tokens for CI/CD and programmatic access.
create(req: CreateTokenRequest): Promise<CreateTokenResponse>— Create named token with optional expirylist(): Promise<TokenResponse[]>revoke(tokenId: string): Promise<MessageResponse>
typescript
// Create a named API token
const newToken = await client.tokens.create({
name: 'ci-deploy',
expires_in_days: 90
});
console.log(newToken.token); // Use this for CI/CD
// List all tokens
const tokens = await client.tokens.list();
for (const token of tokens) {
console.log(token.id, token.name, token.created_at, token.expires_at);
}
// Revoke a token
await client.tokens.revoke(tokens[0].id);Database Management (client.databases)
Core lifecycle APIs: create, enumerate, inspect, delete, reset admin password, and read observability snapshots.
create(req: CreateDatabaseRequest): Promise<DatabaseResponse>list(): Promise<DatabaseResponse[]>get(databaseId: string): Promise<DatabaseResponse>delete(databaseId: string): Promise<MessageResponse>resetPassword(databaseId: string): Promise<CustomerPasswordResetResponse>observability(databaseId: string): Promise<TenantObservabilityResponse>
typescript
const db = await client.databases.create({
name: 'billing',
region: 'us-west',
admin_password: 'StrongAdminPass1'
});
const all = await client.databases.list();
const current = await client.databases.get(db.id);
const rotated = await client.databases.resetPassword(db.id);
const metrics = await client.databases.observability(db.id);
await client.databases.delete(db.id);SQL Execution
Execute SQL strings or SQL file content through the customer API. Both methods return SqlResult.
sql(databaseId: string, query: string): Promise<SqlResult>sqlFile(databaseId: string, fileContent: string): Promise<SqlResult>
typescript
const result = await client.databases.sql(
databaseId,
'SELECT id, email FROM users ORDER BY id LIMIT 10'
);
console.log(result.columns);
console.log(result.rows);
console.log(result.row_count, result.command, result.error);
const fromFile = await client.databases.sqlFile(databaseId, `
CREATE TABLE audit_log (id BIGSERIAL PRIMARY KEY, event TEXT);
INSERT INTO audit_log(event) VALUES ('created');
`);SqlResult Field | Type | Description |
|---|---|---|
columns | ColumnInfo[] | Column metadata for result rows. |
rows | unknown[][] | Result values matrix. |
row_count | number | Rows affected/returned. |
command | string | Executed command label (SELECT, INSERT, etc.). |
error | string | SqlErrorDetail | Structured error with message, code, detail, hint, and position. |
Schema & Dump
Introspect schema objects or export SQL dump payloads.
schema(databaseId: string): Promise<SchemaResponse>dump(databaseId: string, req?: DumpRequest): Promise<DumpResponse>
typescript
const schema = await client.databases.schema(databaseId);
for (const table of schema.tables) {
console.log(table.schema, table.name);
}
const ddlOnly = await client.databases.dump(databaseId, { ddl_only: true });
console.log(ddlOnly.object_count);
console.log(ddlOnly.sql);Migrations
Apply SQL migrations with checksums and inspect migration history metadata.
applyMigration(databaseId: string, req: MigrationApplyRequest): Promise<MigrationApplyResponse>listMigrations(databaseId: string): Promise<MigrationMetadata[]>
typescript
await client.databases.applyMigration(databaseId, {
name: '20260218_add_users',
sql: 'CREATE TABLE users (id SERIAL PRIMARY KEY, email TEXT NOT NULL);',
checksum: 'f0b9c43b'
});
const applied = await client.databases.listMigrations(databaseId);
for (const migration of applied) {
console.log(migration.name, migration.applied_at, migration.checksum);
}Branching
Create database branches from an existing database using a new branch name.
branch(databaseId: string, req: BranchRequest): Promise<DatabaseResponse>
typescript
const featureDb = await client.databases.branch(databaseId, {
name: 'feature-auth'
});
console.log(featureDb.id, featureDb.name, featureDb.connection_string);Database Users (client.databases.users)
Manage Postgres users inside a customer database.
list(databaseId: string): Promise<UserResponse[]>create(databaseId: string, req: CreateUserRequest): Promise<MessageResponse>delete(databaseId: string, username: string): Promise<MessageResponse>
typescript
await client.databases.users.create(databaseId, {
username: 'app_user',
password: 'AppUserPass!'
});
const users = await client.databases.users.list(databaseId);
users.forEach((u) => {
console.log(u.name, u.can_login, u.can_create_db, u.is_superuser);
});
await client.databases.users.delete(databaseId, 'app_user');Credential Storage
Credential stores implement a shared async interface used by client auto-auth.
FileCredentialStore(path?)- TOML file store at~/.db9/credentials.MemoryCredentialStore- volatile in-memory store for tests/serverless.defaultCredentialStore()- factory that returnsnew FileCredentialStore().
typescript
import {
createDb9Client,
FileCredentialStore,
MemoryCredentialStore,
defaultCredentialStore
} from 'get-db9';
const fileStore = new FileCredentialStore();
const customStore = new FileCredentialStore('/tmp/db9-credentials.toml');
const memStore = new MemoryCredentialStore();
const store = defaultCredentialStore();
const client = createDb9Client({ credentialStore: fileStore });Error Handling
API failures throw Db9Error subclasses based on HTTP status code.
Db9Error- base class withstatusCode,message, and optionalresponse.Db9AuthError- status401.Db9NotFoundError- status404.Db9ConflictError- status409.
typescript
import {
Db9Error,
Db9AuthError,
Db9NotFoundError,
Db9ConflictError
} from 'get-db9';
try {
await client.databases.get('missing-id');
} catch (error) {
if (error instanceof Db9NotFoundError) {
console.error('Database not found');
} else if (error instanceof Db9AuthError) {
console.error('Authentication required');
} else if (error instanceof Db9ConflictError) {
console.error('Conflict while processing request');
} else if (error instanceof Db9Error) {
console.error(`db9 API error ${error.statusCode}: ${error.message}`);
} else {
throw error;
}
}Filesystem (client.fs)
Cloud filesystem operations for reading, writing, and managing files attached to each database. Built for RAG pipelines, document ingestion, and agent workflows.
list(dbId, path, options?): Promise<Fs9FileEntry[]>— List directory contentsread(dbId, path): Promise<string>— Read file content as textwrite(dbId, path, content): Promise<void>— Write text content to a filestat(dbId, path): Promise<Fs9FileEntry>— Get file metadatamkdir(dbId, path): Promise<void>— Create a directory (recursive)remove(dbId, path): Promise<void>— Delete a file or directoryreadBinary(dbId, path): Promise<ArrayBuffer>— Read file as binaryexists(dbId, path): Promise<boolean>— Check if file existsevents(dbId, opts?): Promise<Fs9EventEntry[]>— Get filesystem event log
typescript
import { createDb9Client } from 'get-db9/client';
const client = createDb9Client();
const dbId = 'my-database-id';
// Create directory and write a file
await client.fs.mkdir(dbId, '/data');
await client.fs.write(dbId, '/data/hello.txt', 'Hello from db9!');
// Read file content
const content = await client.fs.read(dbId, '/data/hello.txt');
// List directory
const files = await client.fs.list(dbId, '/data/');
for (const file of files) {
console.log(file.path, file.file_type, file.size);
}
// Stat a file
const info = await client.fs.stat(dbId, '/data/hello.txt');
console.log(info.file_type, info.size, info.mtime);
// Check existence
const exists = await client.fs.exists(dbId, '/data/hello.txt');
console.log('File exists:', exists);
// Get events
const events = await client.fs.events(dbId, { limit: 10, path: '/data' });
for (const event of events) {
console.log(event.type, event.path, event.timestamp);
}
// Cleanup
await client.fs.remove(dbId, '/data/hello.txt');
await client.fs.remove(dbId, '/data');Fs9FileEntry
| Field | Type | Description |
|---|---|---|
path | string | Full file path. |
size | number | File size in bytes. |
file_type | 'regular' | 'directory' | 'symlink' | Entry type. |
mode | number | Unix file mode. |
uid | number | Owner user ID. |
gid | number | Owner group ID. |
atime | number | Last access (Unix timestamp). |
mtime | number | Last modified (Unix timestamp). |
ctime | number | Status change (Unix timestamp). |
etag | string | Content hash for caching. |
Fs9ListOptions
| Option | Type | Description |
|---|---|---|
recursive | boolean | List entries recursively (default: false). |
TypeScript Types Reference (All Public Interfaces)
The package re-exports all interfaces from ./types in addition to InstantDatabaseOptions, InstantDatabaseResult, Db9ClientOptions, and credential/http types.
Common
Endpoint, MessageResponse, HealthResponse, ColumnInfo, SqlResult, SqlErrorDetail, TenantState
Customer Requests
CreateDatabaseRequest, SqlExecuteRequest, DumpRequest, MigrationApplyRequest, BranchRequest, CreateUserRequest, CreateTokenRequest
Customer Responses
CustomerResponse, DatabaseResponse, CustomerPasswordResetResponse, TokenResponse, CreateTokenResponse, DumpResponse, SchemaResponse, TableMetadata, ColumnMetadata, ViewMetadata, MigrationApplyResponse, MigrationMetadata, UserResponse, TenantObservabilityResponse, ObservabilitySummary, QuerySample
Filesystem
Fs9FileEntry, Fs9ListOptions, Fs9EventEntry, Fs9EventOptions
Credential & HTTP
Credentials, CredentialStore, FetchFn, HttpClient, HttpClientOptions, InstantDatabaseOptions, InstantDatabaseResult, Db9ClientOptions, Db9Client, Endpoint
exports
export function instantDatabase(options?: InstantDatabaseOptions): Promise<InstantDatabaseResult>;
export { createDb9Client } from './client';
export type { Db9ClientOptions, Db9Client } from './client';
export { Db9Error, Db9AuthError, Db9NotFoundError, Db9ConflictError } from './errors';
export { FileCredentialStore, MemoryCredentialStore, defaultCredentialStore } from './credentials';
export type * from './types';