PocketBase is a self-contained, open-source backend designed for developers who need a lightweight, real-time database with authentication and file storage—without the complexity of microservices or external dependencies. It’s ideal for indie hackers, startups, and full-stack developers building prototypes, internal tools, or small-scale applications. Built in Go, it embeds SQLite for data persistence and supports real-time subscriptions via WebSockets, with a REST-ish API and admin UI out of the box.
PocketBase can be used as a standalone executable or as a Go library. Developers can extend it with JavaScript via its embedded VM or with native Go code using its core API. It supports cross-platform builds (Linux, macOS, Windows, ARM64) and generates a pb_data directory for persistent storage and pb_migrations for version-controlled schema changes. Deployment is as simple as running a single binary.
What You Get
- Embedded SQLite with Realtime Subscriptions - Uses SQLite as its database with built-in WebSocket-based real-time updates, allowing clients to subscribe to changes in collections without polling.
- Built-in Authentication System - Provides user registration, login, password reset, email verification, and role-based access control with built-in admin and user roles.
- Admin Dashboard UI - A fully functional web-based admin panel accessible at /_/ that allows non-developers to manage records, users, and files through a visual interface.
- REST-ish API Endpoints - Auto-generated API routes under /api/ for CRUD operations on collections, with support for filtering, sorting, pagination, and file uploads via standard HTTP methods.
- File Storage System - Built-in file uploads and management with automatic storage in pb_data/files/ and public access via /api/files/ endpoints.
- JavaScript Extension Engine - Allows custom logic via embedded JavaScript (V8) for hooks, migrations, and API extensions without recompiling the Go binary.
- Go Library Integration - Can be imported as a Go module to build custom backend applications with full control over routing, middleware, and business logic using core.ServeEvent and core.RequestEvent.
Common Use Cases
- Building a prototype SaaS app - A founder uses PocketBase to quickly launch a MVP with user auth, file uploads, and real-time data updates—all in one binary—without managing PostgreSQL or Firebase.
- Developing an internal team tool - A startup engineer deploys PocketBase to create a shared dashboard for tracking project tasks, with real-time updates and file attachments for documents.
- Creating a content management system for small clients - A freelance developer uses PocketBase’s admin UI and REST API to build a simple CMS for a local business, with no need for a separate backend server.
- Extending a frontend app with real-time data - A React developer integrates the PocketBase JS SDK to enable live updates in a chat app or collaborative editor without setting up a separate backend service.
Under The Hood
Architecture
- Clear separation of concerns through a layered design, with core interfaces abstracting business logic from HTTP transport layers
- Dependency injection via constructor-based patterns ensures loose coupling between CLI commands and core services
- Plugin-like extensibility for field types and collections enables dynamic behavior without modifying core code
- Modular data access layer using a robust ORM with query builders and database primitives that support SQLite optimizations while preserving portability
- Realtime and cron subsystems are injected as first-class dependencies, enabling an event-driven architecture decoupled from HTTP handlers
- Extensive use of Go interfaces and composition patterns to promote testability, mocking, and extension without inheritance
Tech Stack
- Go-based backend leveraging the standard library HTTP server without external web frameworks
- Embedded SQLite with a built-in migration system managed via database/sql and sqlite3 driver
- Comprehensive static analysis tooling including linters for code quality and consistency
- Cross-platform binary builds via Goreleaser with CGO disabled, producing standalone executables
- Makefile-driven workflow with integrated test coverage, JS type generation, and plugin-based tooling
- No reliance on Node.js, Docker, or cloud infrastructure—designed as a self-contained, single-binary application
Code Quality
- Extensive test suite covering unit, integration, and end-to-end scenarios with domain-based organization and table-driven tests
- Strong type safety through well-defined interfaces and structured data models with explicit validation hooks
- Robust error handling with contextual validation errors and structured responses instead of panics
- Consistent Go idioms in naming, method prefixes, and layer separation across core, API, and plugin code
- Comprehensive edge case testing with precise assertions on HTTP behavior, side effects, and state transitions
- Effective dependency injection and interface-based design enabling isolated component testing and mockable dependencies
What Makes It Unique
- Native WebSocket-based real-time subscriptions without external services or third-party dependencies
- Dynamic collection schemas with extensible field types that auto-configure validation and UI behavior
- Superuser collection with immutable constraints and automatic account cleanup via hooks
- Unified embedded file system abstraction supporting both local and S3 storage with a single API
- Client-side filter syntax engine enabling complex permission rules directly in the UI
- Transaction-aware hooks ensuring data consistency across related operations, such as preventing deletion of the last superuser