Hasura Cloud API

Managed GraphQL engine that instantly generates a GraphQL and REST API from a PostgreSQL schema with subscriptions and row-level security via session variables.

Evaluated Mar 06, 2026 (0d ago) vcurrent

Homepage ↗ Other graphql postgresql subscriptions rest row-level-security managed

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

100

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Row-level security via JWT session variables is a strong model. Admin secret should be rotated regularly and never exposed to agent runtimes. Hasura Cloud enforces TLS on all connections.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

An agent needs instant, schema-driven read/write access to a relational PostgreSQL database with fine-grained authorization and real-time subscriptions.

Avoid When

The workload is purely analytical or the agent requires complex multi-step transactions that exceed GraphQL mutation capabilities.

Use Cases

• Query and mutate PostgreSQL data through a strongly-typed GraphQL API without writing resolvers
• Subscribe to real-time data changes for event-driven agent workflows
• Enforce row-level security so agents can only access data scoped to their identity
• Expose REST endpoints from named GraphQL queries for agents that prefer REST
• Federate multiple data sources (PostgreSQL, REST, GraphQL) into a single unified API

Not For

• Agents that need complex stored-procedure logic or heavy server-side computation
• Use cases requiring a non-PostgreSQL primary store (e.g., pure MongoDB or Cassandra)
• Teams that want a fully self-hosted solution with zero vendor dependency

Interface

REST API

Yes

GraphQL

Yes

gRPC

MCP Server

SDK

Yes

Webhooks

Yes

Authentication

Methods: bearer_token api_key

OAuth: No Scopes: Yes

Uses JWT bearer tokens for end-user authorization; session variables inside the JWT control row-level permissions. A separate admin secret (x-hasura-admin-secret header) is used for privileged operations. Role-based access control is defined in the Hasura console.

Pricing

Model: freemium

Free tier: Yes

Requires CC: No

Free tier does not require a credit card. Overages on the free tier are blocked rather than charged.

Agent Metadata

Pagination

cursor

Idempotent

Partial

Retry Guidance

Documented

Known Gotchas

⚠ Session variables in JWT must be set by the auth service before the agent calls Hasura; missing variables silently fall back to the anonymous role, which may return empty data rather than an error.
⚠ Subscription websocket connections require the graphql-ws protocol; agents using older subscriptions-transport-ws may fail silently.
⚠ The admin secret bypasses all row-level security; agents should never use the admin secret in production workflows.
⚠ Introspection is disabled for non-admin roles by default in Hasura Cloud, so agents cannot auto-discover the schema without explicit enablement.
⚠ REST endpoint responses do not include a GraphQL errors field; HTTP 200 is always returned even for partial failures, requiring agents to inspect the response body for errors.

Alternatives

postgrest-api supabase-api fauna-db-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Hasura Cloud API.

$99

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.