PostgREST is a web server created by Joe Nelson that effectively turns any PostgreSQL database into an API. This tool manages client authentication through JSON Web Tokens (JWTs). It also securely embeds a database role name in the JWT and uses that database role for all connections. The latest PostgREST release is version 7.0.1, and one of its earliest versions was PostgREST 0.2.6 from February 18, 2015.Â
PostgREST is built on three core concepts:Â
- JSON encoding
- Authentication by JWTsÂ
- Resource embedding
Taking advantage of the very fast PostgreSQL JSON encoder for a large number of responses, PostgREST is also a very fast RESTful API. At first, when PostgREST connects to a database, it connects using an authenticator role that only has login capability. Then, whenever an authenticated request is sent to PostgREST that contains a JWT token, the token will be decoded using the secret key to set up a database role for the request. Using the &select= parameter, PostgREST can also query the related tables for us through defined foreign keys that have been declared inside the PostgreSQL database.
PostgREST's philosophy is that it aims to do one thing well: add an HTTP interface to any PostgreSQL database.Â