Eight capabilities. Built for AI agent and vibe coding workflows.
Every TaruviBase application ships with the same production-grade backend infrastructure on day one — provisioned, secured, observable, and ready to host real enterprise SaaS. AI agents handle the front end and use the TaruviBase MCP layer to build and interact with the backend.
Define the data model. We handle everything underneath.
Schemas with relationships, hierarchy traversal, and full-text search. Twenty-plus filter operators and version-controlled migrations let your data model evolve safely as the product grows.
- Visual schema builder + declarative migrations
- Foreign keys, joins, hierarchy traversal
- Full-text search and 20+ filter operators
- Per-tenant isolation enforced at the platform layer
Four auth strategies + a centralized policy engine.
Four authentication strategies supported out of the box. Policy-driven authorization defined once and enforced automatically across the entire backend — no authorization logic scattered through your code.
- Four auth strategies out of the box — JWT, OAuth, SAML, API keys
- Centralized declarative policies — define once
- RBAC for straightforward permissions, ABAC for context-driven scenarios
- Audit trail on every check, automatic and queryable
Python on-demand, scheduled, and event-triggered.
Serverless without a server. Run code on demand, on schedule, or in response to a database event — and proxy webhooks to the third-party tools your team already uses, including Zapier, n8n, and Make.
- Python on-demand functions with HTTPS endpoints
- Cron-style scheduled jobs
- Database event triggers — react to data changes
- Webhook proxy to Zapier, n8n, Make and any third-party tool
A native MCP server, on every backend.
Cursor, Claude, Copilot, Windsurf, and your own agents connect directly to the backend, query data, understand schema, and take action — with policies enforced at the platform layer, not in code the AI has to remember to write. Safe at speed.
- Native MCP endpoint per app — zero config
- Semantic schema with field-level descriptions
- Tool calls scoped by user and tenant
- All AI access shows up in audit logs
Bucket-based, policy-aware, secure by default.
Public and private access policies, MIME type controls, and authentication-layer integration for secure uploads and downloads. Audit-logged like everything else.
- Buckets per app and per tenant
- MIME allow-lists, virus scanning, signed URLs
- ABAC on every read and write
- Direct browser uploads with scoped tokens
REST endpoints, generated automatically. Plus typed clients.
The auto-generated API reflects your schemas, your policies, and your relationships. JavaScript/TypeScript and Python SDKs with full type information ship out of the box.
- REST endpoints for every schema, with filters and joins
- JS/TS SDK with full type generation
- Python SDK with async + sync clients
- OpenAPI spec exposed at /spec
Read-only, parameterized templates. Safe by construction.
Build reporting and dashboards without exposing direct database access. Templates are versioned, reviewed, and parameter-validated before they run.
- Parameterized read-only query templates
- Schema-validated parameters
- Per-tenant scope on every query
- Cached materializations for hot reports
Encrypted secrets and event-driven workflows.
Encrypted configuration at app and site levels, JSON-schema validated. Subscribe serverless functions to system events — react to data changes, user actions, or scheduled triggers without polling.
- App-level and site-level encrypted secrets
- JSON schema validation per secret
- Event subscriptions for data, auth, and storage events
- Replayable event log with at-least-once delivery
A live demo, in 30 minutes.
Walk through your data model with one of our engineers. We'll show you exactly how schemas, policies, and the MCP layer fit together — on your use case.