Configuration
All Realtime settings are configured in the realtime block of edgebase.config.ts.
Full Example
import { defineConfig } from '@edgebase/shared';
export default defineConfig({
realtime: {
// Auth timeout: how long to wait for auth message after WebSocket connect
authTimeoutMs: 5000,
// Batch threshold: min changes per transaction to trigger batch_changes
batchThreshold: 10,
// Presence TTL: time before idle presence entries are removed
presenceTTL: 60000,
// Channel access rules with wildcard patterns
namespaces: {
'presence:*': {
access: {
subscribe(auth) { return auth !== null },
},
},
'broadcast:public-*': {
access: {
subscribe() { return true },
publish(auth) { return auth !== null },
},
},
'broadcast:game-*': {
access: {
subscribe(auth) { return auth !== null },
publish(auth) { return auth !== null },
},
},
},
},
});
Configuration Reference
authTimeoutMs
| Type | number |
| Default | 5000 (5 seconds) |
| Description | Maximum time in milliseconds to wait for an auth message after WebSocket connection. If no auth message is received within this window, the connection is closed with AUTH_TIMEOUT. |
batchThreshold
| Type | number |
| Default | 10 |
| Description | Minimum number of changes in a single transaction to trigger batch_changes message delivery. Below this threshold, changes are sent as individual events. |
presenceTTL
| Type | number |
| Default | 60000 (60 seconds) |
| Description | Time in milliseconds before an idle presence entry is automatically removed. The server tracks client ping messages (sent every 30s by the SDK) and removes entries that haven't pinged within this window, broadcasting presence_leave with reason: 'timeout'. Should be ≥ 2× the ping interval. |
namespaces
| Type | Record<string, RealtimeNamespaceConfig> |
| Default | {} (no rules — authenticated users only for all channels) |
| Description | Channel access rules with wildcard pattern matching. Keys are channel name patterns (e.g., 'presence:*', 'broadcast:game-*'). See Access Rules for details. |
Each namespace config contains:
interface RealtimeNamespaceConfig {
access?: {
/** Who can subscribe to this channel */
subscribe?: (auth: AuthContext | null, channelId: string) => boolean;
/** Who can publish (broadcast) to this channel */
publish?: (auth: AuthContext | null, channelId: string) => boolean;
};
}
Publish rules are not enforced at runtime
publish rules are defined in configuration but are not currently evaluated at runtime. Only subscribe rules are enforced when a client connects. If you need to restrict who can publish to a channel, implement server-side validation in your application logic.
Limits
| Limit | Value | Configurable | Notes |
|---|---|---|---|
| Auth timeout | 5,000ms | authTimeoutMs | Connection closed on timeout |
| Batch threshold | 10 changes | batchThreshold | Per transaction |
| Presence TTL | 60,000ms | presenceTTL | 2× client ping interval (30s) |
| Presence state size | 1 KB | No | Per user per channel. Server + SDK both validate |
| AND filter conditions | 5 max | No | Per subscription |
| OR filter conditions | 5 max | No | Per subscription |
| Pending connections per IP | 5 max | No | Worker-level DDoS defense |
| Pending connection TTL | 10 seconds | No | Auto-cleanup, no manual reset needed |
Future Plans
- Example applications — Interactive demos for common use cases (chat, cursors, dashboards)
- Framework guides — Step-by-step tutorials for Next.js, Flutter, React Native, and more