Liveblocks API

Liveblocks is a real-time collaboration infrastructure platform that provides pre-built primitives for adding collaborative features to web applications: live cursors, user presence indicators, shared document state (via CRDT/Yjs integration), comments and threads, and notifications. The REST API provides server-side management of rooms (collaboration sessions), storage (persistent shared state), users (presence and access), webhooks, and inbox notifications. The client-side JavaScript SDK handles WebSocket connections and real-time sync; the REST API is used for authentication, room management, and server-triggered operations.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Other liveblocks realtime collaboration presence cursors yjs crdt websocket
⚙ Agent Friendliness
58
/ 100
Can an agent use this?
🔒 Security
87
/ 100
Is it safe for agents?
⚡ Reliability
79
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
85
Error Messages
76
Auth Simplicity
80
Rate Limits
60

🔒 Security

TLS Enforcement
100
Auth Strength
85
Scope Granularity
82
Dep. Hygiene
80
Secret Handling
88

Strong separation between public key (safe for client-side) and secret key (server-only) prevents accidental credential exposure. Room-level access token scoping enables fine-grained authorization. Secret key must be kept server-side; Liveblocks docs clearly emphasize this. No token rotation API available — key rotation requires manual secret key regeneration in dashboard.

⚡ Reliability

Uptime/SLA
82
Version Stability
80
Breaking Changes
78
Error Recovery
75
AF Security Reliability

Best When

You're building a web app that needs real-time collaborative editing, presence, or shared state and want to avoid building WebSocket infrastructure, conflict resolution, or CRDT logic from scratch.

Avoid When

You need persistent structured data storage, non-JavaScript client support, high-throughput event streaming, or full control over the real-time infrastructure without a managed service.

Use Cases

  • Implementing Google Docs-style multiplayer editing in web apps with live cursors and presence avatars
  • Managing access control for collaboration rooms — granting users access tokens with specific permissions per room
  • Querying room storage state server-side for backup, migration, or server-initiated updates to shared documents
  • Building notification systems for @mentions, comment threads, and collaboration events using the inbox API
  • Retrieving active room participants and presence data for analytics or moderation purposes

Not For

  • Server-to-server real-time communication — Liveblocks is designed for browser clients with server-side auth and management support only
  • Persistent databases or structured data storage — Liveblocks storage is ephemeral collaboration state, not a replacement for a production database
  • Mobile apps without JavaScript — primary SDKs are JavaScript/TypeScript; React Native support exists but is limited
  • High-throughput event streaming at scale — Liveblocks is designed for collaborative document sessions, not pub/sub message buses or IoT telemetry

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
No
SDK
Yes
Webhooks
Yes

Authentication

Methods: api_key bearer_token
OAuth: No Scopes: Yes

Two auth patterns: (1) Secret key (sk_...) used server-side for REST API management calls via Authorization header. (2) Access tokens generated server-side using the secret key and passed to browser clients — tokens are scoped per user and per room with read/write/full permissions. Public key (pk_...) is used in client SDK initialization and is safe to expose. Secret keys must never be exposed client-side. Room-level permission scoping enables least-privilege access per user per session.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

MAU-based pricing model — an MAU is any user who connects to a Liveblocks room in a calendar month. The free tier is generous for development and small-scale deployment. Costs scale with user count rather than data volume or requests. No credit card required for free tier.

Agent Metadata

Pagination
cursor
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • The REST API is a management plane only — actual real-time collaboration data flows through WebSocket connections using the JavaScript SDK; agents cannot participate in live collaboration sessions directly via REST.
  • Access token generation is required server-side before any client can join a room — agents building auth flows must implement the token endpoint pattern, not pass secret keys to clients.
  • Room storage read via REST API returns CRDT state that may need deserialization — Liveblocks storage types (LiveObject, LiveList, LiveMap) have specific JSON representations that differ from plain JSON objects.
  • Webhook events are delivered with at-least-once semantics and can arrive out of order — agents consuming webhooks for presence or storage events must handle duplicates and use event timestamps for ordering.
  • The 'storageUpdated' webhook fires on any storage change but does not include the diff — agents needing to track specific field changes must call the storage read API to fetch current state after each webhook.
  • Room IDs are agent-controlled strings but must be URL-safe — agents generating room IDs programmatically must sanitize special characters or use UUID format.
  • Presence data is ephemeral and tied to active WebSocket connections — REST API presence queries only reflect currently connected users; disconnected users' last-known presence is not persisted.

Alternatives

ably-api pusher-api supabase-realtime-api partykit-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Liveblocks API.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5173
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered