Hit the ground running

for your database

Stop spending months developing backend APIs for your apps.
With subZero, you’ll have the API for your MVP ready today
and you can get back to building your product.


Easy as 1, 2, 3

Define your schema

Use the full power of PostgreSQL to define your schema. Views, functions, triggers, language extensions, everything works. »

create table project (
  id    serial primary key,
  name  text not null,
  managerId int,
  check (length(name)>2)

Set access permissions

Leverage the time-tested Role-Based Access Control of your database to define granular and flexible permissions in a clear way. »

grant select on project to managers;

create policy manager_project_policy
for select on project to managers 
using (request.user_id()=managerId);


Ask for what you want

Use the auto-generated GraphQL & REST api to build apps faster than you thought possible, with any frontend technology or framework.

{ projects(
    where: {
      name: {like: "*subzero*"}
  ) { id name }


Fast and Lightweight.

On a system composed of an AWS t2.micro instance running subZero, connected to a RDS db.t2.micro database, we were seeing more than 500 requests per second, with latencies in the range of 5 ms — 20 ms on a three table join.
To put that in perspective, you get 1.3 Billion requests/month on $20 hardware.
  • Much faster than hand-rolled GraphQL schema using DataLoader
  • Multi Core out of the box
  • Designed to support high-throughput and have a light footprint.
  • Query tree of any depth are compiled into a single SQL statement


With great power comes great flexibility.

You get a powerful auto-generated API out of the box based only on your database schema that will cover most of your frontend needs while giving you the freedom to customize it with your own code.
  • Flexible GraphQL & REST API
  • Powerful Filter, Relations and Aggregate API
  • Auto-generated documentation
  • Full power of Postgres, Timescale, PostGIS
  • Customisable with SQL, pgSQL, Java, Lua, R, JavaScript at the db level
  • Customisable with Lua at the proxy level (JS coming soon)
  • Trigger serverless functions or web hooks on database changes


Secure by default.

Spin up your database, (make the mistake and) connect the stack to it using an privileged database user and ... disaster that's right, still safe. By virtue of construction, a whole class of attacks and misconfigurations are just not possible. You have to explicitly grant permission for things to be accessible to the api.
  • Uses unprivileged account to connect to the database
  • Parameterised and typechecked database queries everywhere
  • Flexibile and granular permissions system
  • Connection Pooling


A secret superpower.

We build upon the power of open source PostgREST and pack an additional set of killer features.
Prepared statements, aggregate and window functions support, smart views. »
  • Faster queries through prepared statements
  • Analytical requests with group by, aggregate and window functions
  • Data transformations with support for function calls in select parameter
  • Block full-table operations with statically defined conditions in views

People have said nice things about us.

François-G. Ribreau
It's so fast to develop, it feels like cheating!
Simone Scarduzio
I really enjoyed the fact that all of a sudden I was writing microservices in SQL DDL (and v8 javascript functions). I dodged so much boilerplate. The next thing I knew, we pulled out a full rewrite of a Spring+MySQL legacy app in 6 months. Literally 10x faster, and code was super concise. The old one took 3 years and a team of 4 people to develop.
Raphael Scheible
subZero is amazing! It completely unchains postgreSQL. Instead of writing tons of middleware code, I can focus on the database and rabbitMQ workers.

Deploy it anywhere

Fully Managed Service

subZero automates every part of setup, running and scaling of PostgREST+ in AWS. Let your team focus on what they do best - building your product. Leave PostgREST+ management and monitoring to the experts.


If you have compliance or privacy requirements, prefer a specific cloud provider or you want to run it internally on bare-metal, you can take it with you ... not questions asked :). You can purchase a license and download our binary & container distributions or even get the source code.