# DB to API > Write a SELECT, an INSERT, or call a stored procedure. Apinizer publishes it as a REST endpoint with parameter binding, type coercion, audit, and the same security policies as the rest of your gateway. *API Creator · DB to API* ## Create powerful REST APIs instantly from your database without any coding. [Request a demo](https://calendly.com/apinizer/15min) · [Read the docs](https://apinizer.com/developers/docs) **Highlights** - **Databases** — Oracle · PostgreSQL · MySQL · MSSQL · DB2 · Sybase · Hive · Impala · Trino · MongoDB - **Operations** — SELECT · INSERT · UPDATE · DELETE · PROCEDURE · BATCH - **Pool** — HikariCP · vault-encrypted credentials --- ## Capabilities ### 01 · Bring your database. Apinizer brings the driver. Ten databases ship with the platform — drivers, pool tuning, cursor unwrapping, and OUT-parameter handling are all built in. Add any other JDBC database by dropping its driver jar in. - Oracle, PostgreSQL, MySQL, SQL Server, IBM DB2, SAP Sybase - Apache Hive, Apache Impala, Trino — for warehouse and lake reads - MongoDB via the official driver (find-style queries) - JDBC-compatible? Drop the jar in, set credentials, you are done **Concepts:** `JDBC` · `MongoDB` · `HikariCP` · `Vault secrets` ### 02 · Connect once. Reuse everywhere. Pick a driver, paste the JDBC URL, store credentials in the platform vault. Apinizer test-pings the database, sizes the connection pool, and surfaces it to every endpoint that needs it. - JDBC URL or hostname / port / database fields - Credentials encrypted via Apinizer's secret vault — never in code - HikariCP pool with min / max / idle tuning per datasource - Optional read-replica routing for read endpoints **Concepts:** `test connection` · `pool tuning` · `read replica` ### 03 · Write the query. Apinizer wires the route. Type the SQL you would type in a client. Use named parameters like :customerId or :from. Map each parameter to a path segment, query string, header, or body field. Save — the endpoint is live. - Named parameters (:name) — never string-concatenated, always prepared - Per-parameter source: PATH · QUERY · HEADER · BODY - Type-aware binding: STRING, INT, LONG, DOUBLE, BOOLEAN, DATE, DATETIME, CLOB - JSON or XML response — toggle, never write a serializer **Concepts:** `SELECT` · `INSERT` · `UPDATE` · `DELETE` · `TRUNCATE` > DB-to-API endpoints are first-class proxies — an AI agent can hit them through MCP just like any other API surface, with the same auth and audit. ### 04 · Multiple result sets and OUT parameters — in one JSON. Procedures with REF_CURSOR results and OUT parameters return as a single, predictable JSON body. Apinizer handles the driver-specific cursor codes for Oracle, DB2, PostgreSQL, MySQL, SQL Server, and Sybase so your callers do not have to. - IN, OUT, INOUT direction per parameter - REF_CURSOR results unwrapped to JSON arrays - Multiple result sets walked via getMoreResults - Per-method query timeout (defaults to 30 seconds) **Concepts:** `REF_CURSOR` · `OUT params` · `Oracle` · `DB2` · `Postgres` · `MSSQL` ### 05 · One JSON array in. One executeBatch on the wire. Bulk-loading orders, ledger entries, telemetry rows? Drop a JSON array on /endpoint/bulk and Apinizer turns it into a single executeBatch — with row count, error reporting, and the same query timeout you set on every other call. - BATCH_INSERT reads $.data[] from the request body - Returns row count and elapsed time in a structured response - executeBatch on the JDBC driver — not row-by-row inserts - Same parameter binding, type coercion, and audit as single-row calls **Concepts:** `BATCH_INSERT` · `executeBatch` · `$.data[]` ### 06 · Strip nulls. Hide empty rows. Force big integers as strings. Database results rarely match the JSON your callers want. Apinizer ships a response shaper so you don't write a thin service just to clean up nulls or coerce dates to ISO 8601. Toggle, save, ship. - Ignore NULL fields — drops keys whose value is null - Ignore empty rows — skips rows where every column is null - Numbers as strings — avoids JS precision loss for IDs > 2^53 - Dates serialised as ISO 8601 in UTC — no caller-side parsing surprises **Concepts:** `JSON` · `XML` · `ISO 8601` · `no precision loss` ### 07 · A SQL endpoint is a first-class proxy. DB-to-API endpoints are not second-class. They go through the same Worker, the same auth methods, the same throttling, the same cache, and the same Elasticsearch analytics as your hand-written services. Zero extra wiring. - OAuth 2.0 / JWT / API key / mTLS — all supported on DB endpoints - Throttling, quotas, IP allow-lists, header-based rate limits - Cache TTL or coordinated invalidation through Apinizer Cache - Every call audit-logged and indexed in Elasticsearch **Concepts:** `OAuth` · `throttle` · `cache` · `audit` · `Elasticsearch` --- ## Use cases ### Expose database data without a microservice Turn the table that backs a legacy system into a modern REST endpoint. No new service to run, no pod to schedule. - Stored procedure as endpoint with cursor results - Read replica routing for read-heavy paths - Per-endpoint quotas and cache TTL - Same audit trail as hand-written services ### Hand the warehouse to product teams without copying it Hive, Impala, Trino — front the warehouse with a tight, parameterised endpoint instead of giving every team query access. - Scope each query to a parameter the caller must supply - Throttle per consumer to protect the cluster - Cache repeat reads with a coordinated invalidation - Audit who pulled what, when, and why ### Accept high-volume writes without a custom ingest service Logistics, telemetry, ledger entries — accept JSON arrays and dispatch them as a single executeBatch. - BATCH_INSERT with row-count response - Per-method query timeout to protect the database - OAuth-scoped writers, IP allow-lists, mTLS - Drop in dead-letter handling via response policies --- ## What ships in the box ### Databases & operations - Oracle, PostgreSQL, MySQL, SQL Server, IBM DB2, SAP Sybase, Apache Hive, Apache Impala, Trino, MongoDB - SELECT, INSERT, UPDATE, DELETE, PROCEDURE, TRUNCATE, BATCH_INSERT (JDBC drivers) - MongoDB find-style queries with {{paramName}} placeholders - Drop in any other JDBC driver jar to add a database ### Parameters & shaping - Named parameters (:name) bound from PATH / QUERY / HEADER / BODY - Per-parameter direction (IN / OUT / INOUT) and type - REF_CURSOR results and OUT parameters in one JSON response - Per-endpoint query timeout (default 30 s) — protects the database - Response shaping: ignore null, ignore empty, numbers as strings, ISO 8601 dates ### Pipeline integration - Same auth surface as gateway proxies (OAuth 2.0, JWT, API key, mTLS, Basic) - Throttling, quotas, IP allow-lists, scope-based access - Cache TTL with coordinated invalidation across replicas - Audit log + Elasticsearch analytics + Prometheus metrics - APIops manifests so DB endpoints ship through CI/CD like any other proxy --- ## Resources - [DB-to-API docs](https://apinizer.com/developers/docs) — Connection setup, parameter binding, stored procedures, batch operations. - [Cursor & OUT parameter guide](https://apinizer.com/developers/docs/db-to-api/procedures) — Driver-specific notes for Oracle, DB2, PostgreSQL, MySQL, SQL Server, Sybase. - [Mock API](https://apinizer.com/products/mock-api) — Test the call shape before the real query is wired. - [Architecture](https://apinizer.com/products) — How DB-to-API endpoints sit on Worker and pass the policy stack. --- ## Next step *Stop writing translation services* **Some endpoints are just a SELECT. Stop building services for them.** See DB-to-API on a real database in a 30-minute walkthrough — including stored procedures, batch loads, and the policy pipeline. [Book a Demo](https://calendly.com/apinizer/15min) · [Read the docs](https://apinizer.com/developers/docs) --- ## Links - Products: https://apinizer.com/products - AI Gateway: https://apinizer.com/products/ai-gateway - Solutions: https://apinizer.com/solutions - Pricing: https://apinizer.com/pricing - Developers: https://apinizer.com/developers - Documentation: https://docs.apinizer.com/index-en - Blog: https://apinizer.com/blog - Contact: https://apinizer.com/company/contact © 2026 Apinizer. All rights reserved.