Databases overview

A Comwit Cloud database is a Turso/libSQL database powered by Louhi, Comwit’s database server plane. You create and manage it through the product API (or the comwit CLI and the web console), and your app connects to it as a plain libSQL endpoint reachable at https://db.cloud.comwit.io.

If you have used SQLite, a libSQL database will feel familiar: it speaks SQLite SQL, but it runs as a network service you connect to with a URL and a token instead of a local file.

Two endpoints, two jobs

It helps to keep two hosts straight from the start, because they do very different things.

Host	Purpose
https://api.cloud.comwit.io	The product API — create, list, rotate tokens, suspend/resume, view usage, delete. All lifecycle and management.
https://db.cloud.comwit.io	The data endpoint — where your app sends SQL. This is the libSQL connection your application uses.

The data host is data only

db.cloud.comwit.io is a data endpoint only. Management, docs, and debug paths are blocked on the public listener — every lifecycle operation (create, list, rotate, suspend, resume, usage, delete) goes through the product API at api.cloud.comwit.io, never the data host.

Concretely, the public Louhi listener blocks tenant-management, OpenAPI, debug, and metrics paths. Only the per-database SQL paths are public, and those are always token protected. So you cannot manage databases by poking at db.cloud.comwit.io — you talk to the product API for that.

How a database is addressed

When you create a database, the product API returns a connection URL of this shape:

https://db.cloud.comwit.io/v1/<tenant_id>

That URL plus a database token is everything your app needs to open a libSQL connection. See Create and connect for the full create-then-connect flow.

Tokens at a glance

Comwit Cloud uses two kinds of database tokens, and the difference matters:

• A database token (also called a connection token) is the long-lived credential your application uses to connect. It is returned once at create time — Comwit never stores raw tenant tokens, so copy it straight into your secret store. If you lose it, rotate to get a new one (which invalidates the old one).
• A query token is a short-lived token the web console’s SQL editor uses so a browser session never holds the durable connection token. The console mints these for you — the underlying query-token route is operator-only, so a cwt_ user token cannot mint query tokens directly. See Run SQL.

Note

These are user-facing tenant tokens, distinct from the internal bearer token the platform uses for its own service-to-service calls. Your tokens are what the create and rotate flows hand back to you.

What you can do with a database

Once a database exists, the product API lets you:

• Connect your app with the data URL and a database token.
• Run SQL from the web console (or via a query token) — see Run SQL.
• Rotate the connection token, suspend and resume the database, check usage, and eventually delete it — see Manage databases.

Where to go next

• Create and connect — create your first database and wire it into an app.
• Run SQL — query your data from the console or with a short-lived query token.
• Manage databases — list, rotate tokens, suspend/resume, view usage, and delete.

Tip

New to the platform? Start with What is Comwit Cloud and the Quickstart, then come back here once the CLI is installed.