Cube (Semantic Layer)
Universal semantic layer for data applications. Cube sits between your data warehouse and BI tools/applications, providing a consistent metrics definition layer. Define business metrics (revenue, DAU, conversion rate) in JavaScript/TypeScript once, and expose them via REST API, GraphQL, or SQL to any consuming tool. Cube handles caching, pre-aggregations, access control, and multi-tenancy. Also includes Cube Cloud for managed deployment.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Apache 2.0 open source. SOC2 for Cube Cloud. JWT-based row-level security is a security strength. Multi-tenant isolation via security context. No direct warehouse credentials exposed to clients.
⚡ Reliability
Best When
You need consistent metric definitions across multiple BI tools and custom analytics applications, with caching, access control, and multi-tenancy built in.
Avoid When
You need ad-hoc exploration, don't have a data warehouse, or your analytics needs are simple — Metabase or direct SQL are simpler.
Use Cases
- • Define business metrics (revenue, DAU, LTV) in code once and expose them to multiple BI tools and applications via Cube's universal API
- • Give AI agents access to business metrics via Cube's REST or GraphQL API without exposing raw warehouse SQL
- • Build embedded analytics in your SaaS product using Cube as the metrics API layer with row-level security per tenant
- • Accelerate warehouse queries using Cube's pre-aggregations that materialize common metric queries for sub-second response times
- • Create a governed metrics layer that ensures all teams and tools use consistent metric definitions from a single source of truth
Not For
- • Ad-hoc SQL exploration — Cube is for pre-defined metrics, not flexible SQL; use Redash or Metabase for free-form query
- • Real-time streaming metrics — Cube aggregates over batch data; use Apache Flink or Materialize for streaming metrics
- • Teams without a data warehouse — Cube requires a supported data source (BigQuery, Snowflake, Redshift, etc.)
Interface
Authentication
JWT-based authentication with custom claims for row-level security. API secret for server-to-server. Security context in JWT enables per-user data filtering. Multi-tenant auth via JWT claims passed from your auth system.
Pricing
Core Cube is Apache 2.0 open source. Cube Cloud adds managed deployment, monitoring, and support. Most production deployments use Cube Cloud. Self-hosting is fully supported and widely used.
Agent Metadata
Known Gotchas
- ⚠ Cube's schema (cube.js files) uses a JavaScript DSL that's powerful but has a learning curve — agents generating dynamic schemas must understand Cube's join, measure, and dimension concepts
- ⚠ Pre-aggregations significantly improve performance but require planning — agents relying on fast queries should define pre-aggregations for their query patterns explicitly
- ⚠ Security context (JWT claims) must be set up correctly for multi-tenant deployments — missing security context exposes all tenant data; test auth thoroughly
- ⚠ Cube's REST API uses a JSON query format different from SQL — agents must use Cube's query builders or the @cubejs-client SDK rather than raw SQL queries
- ⚠ Refreshing pre-aggregations is async and can take minutes for large datasets — agents expecting immediate data after warehouse updates must account for pre-aggregation rebuild time
- ⚠ Cube Data Model v3 (using model/cubes directory) differs from v1/v2 (schema directory) — documentation examples may be for different versions; check which version you're running
Alternatives
Full Evaluation Report
Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Cube (Semantic Layer).
Scores are editorial opinions as of 2026-03-06.