Appwrite
Open-source backend platform with Auth, Databases, Storage, Functions, Messaging, Realtime, and Sites — deploy via Docker or use Appwrite Cloud.
Appwrite is an open-source, all-in-one backend development platform designed to help teams build web, mobile, and AI applications without stitching together fragmented infrastructure. It bundles authentication, structured databases, file storage, serverless functions, multi-channel messaging, realtime subscriptions, and integrated web hosting into a single cohesive platform that you can deploy with a single Docker command.
The platform exposes all its capabilities through REST, WebSocket, and GraphQL APIs, and ships official client and server SDKs for more than a dozen languages and frameworks — including JavaScript, Flutter, React Native, Swift, Kotlin, Python, PHP, and .NET. Every primitive Appwrite provides is designed around security by default, with per-resource permission models, end-to-end encryption for storage, multi-factor authentication, and fine-grained scopes for API keys.
Appwrite’s microservices architecture uses background worker queues to isolate heavy workloads (function execution, certificate issuance, database migrations, file processing) from the request path, keeping API response times low. Traefik acts as the edge reverse proxy, Redis handles caching and the job queue, and MariaDB serves as the primary document store — all orchestrated through Docker Compose for straightforward self-hosting on any Linux server.
In addition to self-hosting, Appwrite is available as a fully managed cloud service at cloud.appwrite.io. The cloud offering removes the operational burden of running the platform while preserving the same API surface, making it possible to start on the managed tier and migrate to self-hosted infrastructure — or vice versa — without changing application code.
What You Get
- Appwrite Auth — Full authentication system with email/password, magic links, SMS OTP, OAuth2 (30+ providers), anonymous sessions, and multi-factor authentication with TOTP support
- Appwrite Databases — Document-style structured storage backed by MariaDB, with collections, indexing, querying, pagination, and relationship support for modeling complex data
- Appwrite Storage — Encrypted file upload and download with per-bucket permissions, image transformations (resize, crop, format conversion), and antivirus scanning via ClamAV
- Appwrite Functions — Serverless compute platform supporting 15 language runtimes (Node.js, Python, PHP, Deno, Dart, Ruby, .NET, Go, Bun, and more), triggered by events or cron schedules
- Appwrite Messaging — Multi-channel notification system for sending transactional and marketing messages via email (SMTP, Mailgun, Sendgrid, Resend), SMS (Twilio, Vonage, TextMagic), and push (APNS, FCM)
- Appwrite Sites — Integrated static and SSR web hosting with Git provider integration, branch deployments, preview URLs, custom domains, and support for Next.js standalone and TanStack Start
- Realtime subscriptions — WebSocket-based event streaming so clients receive live updates on database changes, file uploads, user events, and function executions without polling
- Multi-protocol API — REST, GraphQL, and WebSocket endpoints with official client SDKs for Web, Flutter, React Native, Apple, and Android, plus server SDKs for nine languages
Common Use Cases
- Mobile app backend — Flutter or React Native developers replace Firebase with Appwrite to gain auth, database, storage, and push notifications under a self-hosted or cloud-managed backend
- SaaS product prototype — Indie developers ship multi-tenant web apps quickly by letting Appwrite handle auth, database per project, file uploads, and transactional email without custom backend code
- AI application infrastructure — Teams building LLM-powered tools use Appwrite Functions to run inference triggers and Appwrite Databases to persist conversation history and user profiles
- Internal tools with data sovereignty — Companies with compliance requirements self-host Appwrite on their own infrastructure so user data never leaves their VPC while still using a modern BaaS API
- Git-integrated web hosting — Front-end teams use Appwrite Sites to deploy Next.js or SvelteKit applications with branch previews, custom domains, and automatic SSL, backed by the same Appwrite services
- Event-driven automation — Engineering teams wire Appwrite Functions to database events and webhooks to trigger notifications, sync records to external systems, or run background processing jobs
Under The Hood
Architecture Appwrite adopts a microservices architecture orchestrated entirely through Docker Compose, where each functional domain — HTTP API, realtime WebSocket server, background workers for functions, certificates, deletes, builds, messaging, and migrations — runs as a separate container. The entry point is a Traefik reverse proxy that routes traffic to the PHP HTTP server running on Swoole, giving the synchronous PHP codebase true async I/O and connection concurrency. Heavy operations are never handled in the request path; instead they are dispatched as messages onto a Redis-backed queue, consumed by dedicated worker processes that can be scaled independently. The internal Utopia PHP framework provides the dependency injection container, routing, and platform module registration, keeping each product domain (Account, Databases, Storage, Functions, Sites, Messaging, VCS, Migrations) as a self-contained module registered at bootstrap time.
Tech Stack The backend is written in PHP 8.3 running under Swoole for coroutine-based async concurrency. MariaDB serves as the primary datastore, accessed through the utopia-php/database ORM abstraction that also supports MongoDB and PostgreSQL adapters. Redis handles both in-memory caching and the job queue via utopia-php/queue. File storage is pluggable through the utopia-php/storage library, supporting local disk, S3, Digital Ocean Spaces, Wasabi, and Backblaze B2. Traefik 3 acts as the edge proxy and handles automatic TLS certificate provisioning via Let’s Encrypt. The serverless functions executor is an isolated sidecar container communicating over HTTP to run user code in language-specific Docker runtime images. PHPStan at level 6 provides static analysis, Laravel Pint enforces PSR-12 code style, and PHPUnit drives both unit and end-to-end test suites. GitHub Actions CI runs lint, static analysis, and test pipelines on every pull request.
Code Quality The codebase demonstrates comprehensive testing coverage spanning PHPUnit unit tests across all core modules (Auth, Database, Functions, Messaging, GraphQL, Docker, Event) and an extensive end-to-end test suite that exercises every API service (Account, Databases, Storage, Functions, Messaging, GraphQL, Migrations, Presences, VCS) through real HTTP calls against a running server. PHPStan static analysis and Laravel Pint formatting are enforced in CI alongside CodeQL security scanning and nightly test runs. The architecture enforces clear separation between the HTTP layer, business logic in platform modules, and infrastructure adapters, making the codebase navigable for contributors. Error handling is explicit throughout, with typed exceptions and structured log entries via utopia-php/logger. One notable complexity is the breadth of the platform — 20+ platform modules, 15 serverless runtimes, and numerous third-party messaging integrations introduce substantial surface area to maintain.
What Makes It Unique Appwrite’s most distinctive characteristic is the combination of full-stack breadth with genuine self-hostability: it is one of very few open-source BaaS platforms that bundles authentication, structured databases, file storage, serverless functions, messaging, realtime, and web application hosting into a single deployment unit that can be installed with one Docker command. The addition of Appwrite Sites with Git-integrated deployments and branch previews — backed by the same auth and database primitives — closes the last gap that previously forced teams to combine a BaaS with a separate hosting platform. The VCS module enabling Git integration for both Sites and Functions deployments, and the migration tooling for moving between Appwrite versions and importing data from Firebase and Supabase, reflect mature product thinking aimed at reducing lock-in concerns that typically accompany self-hosted BaaS adoption.
Self-Hosting
Appwrite is released under the BSD 3-Clause License, a permissive open-source license. This means you can use Appwrite commercially, modify the source code, and distribute it in proprietary products without any obligation to open-source your own code. The only requirements are preserving the copyright notice and license text in redistribution. There is no copyleft, no GPL-style viral clause, and no separate commercial license required for self-hosting — the same codebase runs on both the open-source self-hosted installation and Appwrite Cloud.
Running Appwrite yourself requires Docker and Docker Compose on a Linux server with sufficient CPU, memory, and disk. The default deployment spins up roughly 20 containers — the core API, realtime server, console UI, multiple background workers, Traefik, MariaDB, Redis, and optionally MongoDB and PostgreSQL adapters. A single-server install is feasible for development or moderate production workloads, but scaling horizontally requires container orchestration such as Kubernetes or Docker Swarm. You are responsible for database backups, certificate renewal monitoring, worker scaling under load, Docker image updates, and running the built-in migration tool when upgrading between major versions. The operational surface is real and non-trivial for teams without container infrastructure experience.
Appwrite Cloud offers the managed alternative with no infrastructure to operate — Appwrite handles uptime, scaling, backups, TLS, and version upgrades. The Cloud tier is currently in public beta and free to use without a credit card. Compared to self-hosting, you give up control over data residency and infrastructure customization, but you gain SLA-backed availability, automatic scaling, managed certificate handling, and direct support from the Appwrite team. Organizations with data sovereignty requirements or compliance mandates that prohibit third-party cloud storage of user data are the clearest candidates for self-hosting; teams that want to move fast and avoid DevOps overhead are better served by starting on Cloud.