Database
Every project with Frontend Cloud enabled gets its own SQL (SQLite) database. You query it over HTTP by sending SQL statements to the /api/v1/query endpoint — there’s no connection string to manage.
While you build, the AI assistant can run these queries for you: ask it to create tables, insert records, or read data, and it executes SQL directly against this database. Your deployed app uses the same endpoint at runtime.
Endpoint
Section titled “Endpoint”POST https://cloud.frontend.co/api/v1/queryAuthenticate with your project API key and send a JSON body:
| Field | Type | Description |
|---|---|---|
sql | string | The SQL statement to execute |
params | array | Optional values bound to ? placeholders in sql |
The response has the shape:
{ "success": true, "result": [ { "results": [{ "id": 1, "name": "Alice Johnson" }], "success": true, "meta": { "rows_read": 1, "rows_written": 0, "duration": 0.3 } } ]}result is an array with one entry per executed statement. Each entry’s results holds the returned rows, and meta carries row counts and timing from the database engine.
Examples
Section titled “Examples”Create a table
Section titled “Create a table”curl -X POST "https://cloud.frontend.co/api/v1/query" \ -H "x-api-key: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "sql": "CREATE TABLE contacts (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, email TEXT, created_at TEXT DEFAULT CURRENT_TIMESTAMP)" }'Insert with parameters
Section titled “Insert with parameters”Use ? placeholders and pass values in params to safely bind user input:
curl -X POST "https://cloud.frontend.co/api/v1/query" \ -H "x-api-key: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "sql": "INSERT INTO contacts (name, email) VALUES (?, ?)", "params": ["Alice Johnson", "alice.johnson@example.com"] }'Query rows
Section titled “Query rows”curl -X POST "https://cloud.frontend.co/api/v1/query" \ -H "x-api-key: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "sql": "SELECT * FROM contacts" }'From your app (TypeScript)
Section titled “From your app (TypeScript)”async function query(sql: string, params: unknown[] = []) { const res = await fetch('https://cloud.frontend.co/api/v1/query', { method: 'POST', headers: { 'Content-Type': 'application/json', 'x-api-key': process.env.FRONTEND_API_KEY!, }, body: JSON.stringify({ sql, params }), });
const data = await res.json(); if (!data.success) throw new Error(data.error); return data.result[0].results;}
// Usageconst contacts = await query('SELECT * FROM contacts WHERE email = ?', [ 'alice.johnson@example.com',]);Parameterized queries
Section titled “Parameterized queries”Always pass user-supplied values through params rather than concatenating them into the sql string. Values are bound to the ? placeholders in order, which keeps queries safe from SQL injection.
Note: parameters can only be used with a single statement. If you send multiple SQL statements in one request,
paramsmust be empty.
Errors
Section titled “Errors”| Status | Meaning |
|---|---|
401 | Missing or invalid API key |
403 | Frontend Cloud is not enabled for the project |
400 | Missing sql, or an invalid JSON body |
500 | The query failed — see error in the response |