API Creator · DB to API

ZERO MICROSERVICE

Create powerful REST APIs instantly from your database without any coding.

Write a SELECT, an INSERT, or call a stored procedure. Apinizer publishes it as a REST endpoint with parameter binding, type coercion, audit, and the same security policies as the rest of your gateway.

Request a demo Read the docs

DatabasesOracle · PostgreSQL · MySQL · MSSQL · DB2 · Sybase · Hive · Impala · Trino · MongoDB
OperationsSELECT · INSERT · UPDATE · DELETE · PROCEDURE · BATCH
PoolHikariCP · vault-encrypted credentials

Inside the Manager

Every DB-to-API endpoint, one console.

Browse, edit, and govern every database-backed endpoint from the same Manager UI — across datasources, operations, and teams. The screen below is a real Apinizer DB-to-API editor.

Apinizer Manager — DB to API editor with datasource, operation, parameter binding, and pipeline controls — Apinizer Manager · DB to API editor · production screenshot

Capabilities · deep dive

Seven angles on the same idea: SQL is already an API.

From the driver list to the policy stack, DB to API is a complete path from a database to a production-grade endpoint — without writing a microservice, scheduling a pod, or owning a CI/CD pipeline.

01 · 10 FIRST-CLASS DATABASES

Bring your database. Apinizer brings the driver.

Ten databases ship with the platform — drivers, pool tuning, cursor unwrapping, and OUT-parameter handling are all built in. Add any other JDBC database by dropping its driver jar in.

Oracle, PostgreSQL, MySQL, SQL Server, IBM DB2, SAP Sybase
Apache Hive, Apache Impala, Trino — for warehouse and lake reads
MongoDB via the official driver (find-style queries)
JDBC-compatible? Drop the jar in, set credentials, you are done

JDBC
MongoDB
HikariCP
Vault secrets

Grid of supported database drivers — Oracle, PostgreSQL, MySQL, SQL Server, IBM DB2, SAP Sybase, Apache Hive, Apache Impala, Trino, MongoDB.

02 · DATASOURCE WIZARD

Connect once. Reuse everywhere.

Pick a driver, paste the JDBC URL, store credentials in the platform vault. Apinizer test-pings the database, sizes the connection pool, and surfaces it to every endpoint that needs it.

JDBC URL or hostname / port / database fields
Credentials encrypted via Apinizer's secret vault — never in code
HikariCP pool with min / max / idle tuning per datasource
Optional read-replica routing for read endpoints

test connection
pool tuning
read replica

Database connection wizard with driver picker, JDBC URL field, vault-backed credentials, and Hikari pool configuration.

03 · SQL → ENDPOINT

Write the query. Apinizer wires the route.

Type the SQL you would type in a client. Use named parameters like :customerId or :from. Map each parameter to a path segment, query string, header, or body field. Save — the endpoint is live.

Named parameters (:name) — never string-concatenated, always prepared
Per-parameter source: PATH · QUERY · HEADER · BODY
Type-aware binding: STRING, INT, LONG, DOUBLE, BOOLEAN, DATE, DATETIME, CLOB
JSON or XML response — toggle, never write a serializer

SELECT
INSERT
UPDATE
DELETE
TRUNCATE

Same lane for AI

DB-to-API endpoints are first-class proxies — an AI agent can hit them through MCP just like any other API surface, with the same auth and audit.

SQL endpoint editor showing a SELECT query bound to GET /customers/{id}/orders with named parameters and JSON response.

04 · STORED PROCEDURES

Multiple result sets and OUT parameters — in one JSON.

Procedures with REF_CURSOR results and OUT parameters return as a single, predictable JSON body. Apinizer handles the driver-specific cursor codes for Oracle, DB2, PostgreSQL, MySQL, SQL Server, and Sybase so your callers do not have to.

IN, OUT, INOUT direction per parameter
REF_CURSOR results unwrapped to JSON arrays
Multiple result sets walked via getMoreResults
Per-method query timeout (defaults to 30 seconds)

REF_CURSOR
OUT params
Oracle
DB2
Postgres
MSSQL

Stored procedure endpoint mock-up showing OUT parameters and a REF_CURSOR result set returned together as JSON.

05 · BATCH & TRANSACTIONS

One JSON array in. One executeBatch on the wire.

Bulk-loading orders, ledger entries, telemetry rows? Drop a JSON array on /endpoint/bulk and Apinizer turns it into a single executeBatch — with row count, error reporting, and the same query timeout you set on every other call.

BATCH_INSERT reads $.data[] from the request body
Returns row count and elapsed time in a structured response
executeBatch on the JDBC driver — not row-by-row inserts
Same parameter binding, type coercion, and audit as single-row calls

BATCH_INSERT
executeBatch
$.data[]

Batch insert endpoint reading a JSON array of orders and dispatching them as a single executeBatch with timing and row count.

06 · RESPONSE SHAPING

Strip nulls. Hide empty rows. Force big integers as strings.

Database results rarely match the JSON your callers want. Apinizer ships a response shaper so you don't write a thin service just to clean up nulls or coerce dates to ISO 8601. Toggle, save, ship.

Ignore NULL fields — drops keys whose value is null
Ignore empty rows — skips rows where every column is null
Numbers as strings — avoids JS precision loss for IDs > 2^53
Dates serialised as ISO 8601 in UTC — no caller-side parsing surprises

JSON
XML
ISO 8601
no precision loss

Response shaping toggles — ignore null, ignore empty rows, numbers as strings, output format JSON or XML.

07 · SAME GATEWAY PIPELINE

A SQL endpoint is a first-class proxy.

DB-to-API endpoints are not second-class. They go through the same Worker, the same auth methods, the same throttling, the same cache, and the same Elasticsearch analytics as your hand-written services. Zero extra wiring.

OAuth 2.0 / JWT / API key / mTLS — all supported on DB endpoints
Throttling, quotas, IP allow-lists, header-based rate limits
Cache TTL or coordinated invalidation through Apinizer Cache
Every call audit-logged and indexed in Elasticsearch

OAuth
throttle
cache
audit
Elasticsearch

DB endpoint travelling through the gateway pipeline — auth, throttle, cache, SQL, response — with side fan-out to audit, analytics, Prometheus, APIops.

In the box

What's included

The capabilities below are part of the standard install — no add-on SKUs and no separate licenses.

Databases & operations

Oracle, PostgreSQL, MySQL, SQL Server, IBM DB2, SAP Sybase, Apache Hive, Apache Impala, Trino, MongoDB
SELECT, INSERT, UPDATE, DELETE, PROCEDURE, TRUNCATE, BATCH_INSERT (JDBC drivers)
MongoDB find-style queries with {{paramName}} placeholders
Drop in any other JDBC driver jar to add a database

Parameters & shaping

Named parameters (:name) bound from PATH / QUERY / HEADER / BODY
Per-parameter direction (IN / OUT / INOUT) and type
REF_CURSOR results and OUT parameters in one JSON response
Per-endpoint query timeout (default 30 s) — protects the database
Response shaping: ignore null, ignore empty, numbers as strings, ISO 8601 dates

Pipeline integration

Same auth surface as gateway proxies (OAuth 2.0, JWT, API key, mTLS, Basic)
Throttling, quotas, IP allow-lists, scope-based access
Cache TTL with coordinated invalidation across replicas
Audit log + Elasticsearch analytics + Prometheus metrics
APIops manifests so DB endpoints ship through CI/CD like any other proxy

Resources

Keep going

DB-to-API docs

Connection setup, parameter binding, stored procedures, batch operations.

Read the docs

Cursor & OUT parameter guide

Driver-specific notes for Oracle, DB2, PostgreSQL, MySQL, SQL Server, Sybase.

See the guide

Mock API

Test the call shape before the real query is wired.

See Mock API

Architecture

How DB-to-API endpoints sit on Worker and pass the policy stack.

See the suite

Stop writing translation services

Some endpoints are just a SELECT. Stop building services for them.

See DB-to-API on a real database in a 30-minute walkthrough — including stored procedures, batch loads, and the policy pipeline.