JWTs for API Endpoints now in public beta!

Tinybird has launched JWTs for API Endpoints into public beta, allowing developers to call Tinybird APIs directly from browsers without needing additional middleware or backend components. This feature facilitates front-end applications in accessing real-time analytics data directly, enhancing performance by reducing latency and eliminating the need for proxies, which previously required extra code and infrastructure. JWTs are integrated into existing app authentication flows, allowing secure and direct API calls from the client-side by using a shared secret for JWT signing. Initially, JWTs support read-only scopes and fixed parameters, enabling row-level security and flexible per-token parameters in multi-tenant applications. Future enhancements might include expanding write scopes, implementing caching, rate limiting, and supporting custom domains, based on user feedback and needs. Users can begin using JWTs in Tinybird Workspaces for free, with comprehensive documentation and community support available to assist in the transition.