Turso uses JWT (JSON Web Token) based authorization to control access to your databases. You can create tokens with different scopes and fine-grained permissions to restrict what operations each client can perform.
There are two ways to issue JWT tokens for database access:
Both approaches support fine-grained permissions to control access at the table and action level.
All tokens are passed as the authToken when creating a database client:
import { createClient } from "@tursodatabase/serverless";
const db = createClient({
url: "<your-database-url>",
authToken: "<your-token>",
});
You can get your database URL with turso db show <database-name> --url.
