diff --git a/api/lib/local_ipc.ts b/api/lib/local_ipc.ts
index a456393..45e6ab3 100644
--- a/api/lib/local_ipc.ts
+++ b/api/lib/local_ipc.ts
@@ -84,8 +84,8 @@ const commands: Record<
           projectId,
           logsEnabled: true,
           databaseEnabled: true,
-          sqlEndpoint: sqlEndpoint || `http://${url}/api/sql`,
-          sqlToken: 'local',
+          endpoint: sqlEndpoint || `http://${url}/api/sql`,
+          accessToken: 'local',
           tokenSalt: 'local',
         })
       } else {
@@ -94,8 +94,8 @@ const commands: Record<
           url,
           logsEnabled: true,
           databaseEnabled: true,
-          sqlEndpoint: sqlEndpoint || `http://${url}/api/sql`,
-          sqlToken: 'local',
+          endpoint: sqlEndpoint || `http://${url}/api/sql`,
+          accessToken: 'local',
           tokenSalt: 'local',
         })
       }
diff --git a/api/routes.ts b/api/routes.ts
index 74c874a..bce7266 100644
--- a/api/routes.ts
+++ b/api/routes.ts
@@ -175,8 +175,8 @@ const deploymentOutput = OBJ({
   url: STR('The URL of the deployment'),
   logsEnabled: BOOL('Whether logging is enabled'),
   databaseEnabled: BOOL('Whether the database is enabled'),
-  sqlEndpoint: optional(STR('The SQL endpoint')),
-  sqlToken: optional(STR('The SQL token')),
+  endpoint: optional(STR('The SQL endpoint')),
+  accessToken: optional(STR('The SQL token')),
   createdAt: optional(NUM('The creation date of the deployment')),
   updatedAt: optional(NUM('The last update date of the deployment')),
   token: optional(STR('The deployment token')),
@@ -709,11 +709,11 @@ const defs = {
   'GET/api/deployment/query': route({
     authorize: withUserSession,
     fn: async (ctx, { deployment, sql }) => {
-      const { sqlEndpoint, sqlToken } = await withDeploymentTableAccess(
+      const { endpoint, accessToken } = await withDeploymentTableAccess(
         ctx,
         deployment,
       )
-      if (!sqlEndpoint || !sqlToken) {
+      if (!endpoint || !accessToken) {
         throw new respond.BadRequestError({
           message: 'SQL endpoint or token not configured for deployment',
         })
@@ -722,8 +722,8 @@ const defs = {
       try {
         const startTime = performance.now()
         const data = await runSQL<Record<string, unknown>[]>(
-          sqlEndpoint,
-          sqlToken,
+          endpoint,
+          accessToken,
           sql,
         )
         const duration = (performance.now() - startTime) / 1000
@@ -761,20 +761,20 @@ const defs = {
   'GET/api/deployment/metrics-sql': route({
     authorize: withUserSession,
     fn: async (ctx, { deployment }) => {
-      const { sqlEndpoint, sqlToken } = await withDeploymentTableAccess(
+      const { endpoint, accessToken } = await withDeploymentTableAccess(
         ctx,
         deployment,
       )
-      if (!sqlEndpoint || !sqlToken) {
+      if (!endpoint || !accessToken) {
         throw new respond.BadRequestError({
           message: 'SQL endpoint or token not configured for deployment',
         })
       }
 
       try {
-        return await fetch(`${sqlEndpoint}/metrics`, {
+        return await fetch(`${endpoint}/sql/metrics`, {
           method: 'GET',
-          headers: { Authorization: `Bearer ${sqlToken}` },
+          headers: { Authorization: `Bearer ${accessToken}` },
         })
       } catch (err) {
         throw new respond.InternalServerErrorError({
@@ -799,10 +799,7 @@ const defs = {
         url: dep.url,
       })
       try {
-        const urlStr = dep.url.startsWith('http')
-          ? dep.url
-          : `${isLocal ? 'http' : 'https'}://${dep.url}`
-        return await fetchJson(`${urlStr}/api/doc`, {
+        return await fetchJson(`${dep.endpoint}/doc`, {
           method: 'GET',
         })
       } catch (err) {
diff --git a/api/schema.ts b/api/schema.ts
index be34902..4ccd606 100644
--- a/api/schema.ts
+++ b/api/schema.ts
@@ -58,8 +58,8 @@ export const DeploymentDef = OBJ({
   url: STR('The URL of the deployment'),
   logsEnabled: BOOL('Are logs enabled for this deployment?'),
   databaseEnabled: BOOL('Is the database enabled for this deployment?'),
-  sqlEndpoint: optional(STR('The SQL execution endpoint for the database')),
-  sqlToken: optional(STR('The security token for the SQL endpoint')),
+  endpoint: optional(STR('The SQL execution endpoint for the database')),
+  accessToken: optional(STR('The security token for the SQL endpoint')),
 }, 'The deployment schema definition')
 export type Deployment = Asserted<typeof DeploymentDef>
 
diff --git a/api/sql.ts b/api/sql.ts
index 704bfc8..fd459a9 100644
--- a/api/sql.ts
+++ b/api/sql.ts
@@ -41,7 +41,7 @@ export async function runSQL<T>(
   params?: unknown,
 ): Promise<T> {
   try {
-    return await fetchJson<T>(`${endpoint}/execute`, {
+    return await fetchJson<T>(`${endpoint}/sql/execute`, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
@@ -137,10 +137,10 @@ type TableInfo = {
 export async function refreshOneSchema(
   dep: ReturnType<typeof DeploymentsCollection.get>,
 ) {
-  if (!dep || !dep.databaseEnabled || !dep.sqlEndpoint || !dep.sqlToken) return
+  if (!dep || !dep.databaseEnabled || !dep.endpoint || !dep.accessToken) return
   try {
-    const dialect = await detectDialect(dep.sqlEndpoint, dep.sqlToken)
-    const rows = await fetchSchema(dep.sqlEndpoint, dep.sqlToken, dialect)
+    const dialect = await detectDialect(dep.endpoint, dep.accessToken)
+    const rows = await fetchSchema(dep.endpoint, dep.accessToken, dialect)
     if (!rows || !rows.length) return
     const tableMap = new Map<string, TableInfo>()
     for (const r of rows) {
@@ -302,8 +302,8 @@ export const fetchTablesData = async (
   params: FetchTablesParams,
   columnsMap: Map<string, ColumnInfo>,
 ) => {
-  const { sqlEndpoint, sqlToken } = params.deployment
-  if (!sqlToken || !sqlEndpoint) {
+  const { endpoint, accessToken } = params.deployment
+  if (!endpoint || !accessToken) {
     throw new respond.BadRequestError({
       message: 'Missing SQL endpoint or token for this deployment',
     })
@@ -345,8 +345,8 @@ export const fetchTablesData = async (
   const countQuery =
     `SELECT COUNT(*) as count FROM ${params.table} ${whereClause}`
   const rows = await runSQL<Record<string, unknown>[]>(
-    sqlEndpoint,
-    sqlToken,
+    endpoint,
+    accessToken,
     query,
   )
 
@@ -362,7 +362,7 @@ export const fetchTablesData = async (
   return {
     rows: transformedRows,
     totalRows: limit > 0
-      ? ((await runSQL<{ count: number }[]>(sqlEndpoint, sqlToken, countQuery))[
+      ? ((await runSQL<{ count: number }[]>(endpoint, accessToken, countQuery))[
         0
       ].count) as number
       : rows.length,
@@ -374,8 +374,8 @@ export const insertTableData = async (
   table: string,
   data: Record<string, unknown>,
 ) => {
-  const { sqlEndpoint, sqlToken } = deployment
-  if (!sqlToken || !sqlEndpoint) {
+  const { endpoint, accessToken } = deployment
+  if (!endpoint || !accessToken) {
     log.error('insert-table-data-missing-config', {
       deployment: deployment.url,
       table,
@@ -401,7 +401,7 @@ export const insertTableData = async (
   const query = `INSERT INTO ${table} (${columns.join(', ')}) VALUES (${
     values.join(', ')
   })`
-  const rows = await runSQL(sqlEndpoint, sqlToken, query)
+  const rows = await runSQL(endpoint, accessToken, query)
 
   // Apply read transformer pipeline
   return await applyReadTransformers(
@@ -419,9 +419,9 @@ export const updateTableData = async (
   pk: { key: string; value: unknown },
   data: Record<string, unknown>,
 ) => {
-  const { sqlEndpoint, sqlToken } = deployment
+  const { endpoint, accessToken } = deployment
 
-  if (!sqlToken || !sqlEndpoint) {
+  if (!endpoint || !accessToken) {
     log.error('update-table-data-missing-config', {
       deployment: deployment.url,
       table,
@@ -457,7 +457,7 @@ export const updateTableData = async (
     sets.join(', ')
   } WHERE ${pk.key} = ${pkVal}`
 
-  const rows = await runSQL(sqlEndpoint, sqlToken, query)
+  const rows = await runSQL(endpoint, accessToken, query)
 
   // Apply read transformer pipeline
   return await applyReadTransformers(
diff --git a/deno.lock b/deno.lock
index 79b4376..887fbc9 100644
--- a/deno.lock
+++ b/deno.lock
@@ -1209,6 +1209,9 @@
       "integrity": "sha512-B58NGBEoc8Y9MWWCQGl/gq9xBCe4IiKM0a2x7GZdQKOW5Exr8S1W24J6OgM1njK8xCRGvAJIL/MxXHf6SkmQKQ=="
     }
   },
+  "remote": {
+    "https://gistcdn.githack.com/kigiri/21df06d173fcdced5281b86ba6ac1382/raw/crypto.js": "e85976e655898538dbade9d87b05ca0a6bb167b3128cd4098622000a582f5f6d"
+  },
   "workspace": {
     "dependencies": [
       "jsr:@01edu/api-client@~0.2.6",
diff --git a/tasks/seed.ts b/tasks/seed.ts
index fa3a275..d82c845 100644
--- a/tasks/seed.ts
+++ b/tasks/seed.ts
@@ -57,8 +57,8 @@ async function seed() {
       projectId: project.slug,
       databaseEnabled: false,
       logsEnabled: true,
-      sqlEndpoint: undefined,
-      sqlToken: undefined,
+      endpoint: undefined,
+      accessToken: undefined,
       url,
       tokenSalt: crypto.randomUUID(),
     })
diff --git a/web/pages/SettingsPage.tsx b/web/pages/SettingsPage.tsx
index 2b208ba..5527b6b 100644
--- a/web/pages/SettingsPage.tsx
+++ b/web/pages/SettingsPage.tsx
@@ -356,8 +356,8 @@ const handleSubmit = async (e: TargetedEvent<HTMLFormElement>) => {
       projectId,
       logsEnabled: false,
       databaseEnabled: false,
-      sqlEndpoint: null,
-      sqlToken: null,
+      endpoint: null,
+      accessToken: null,
     })
     deployments.fetch({ project: projectId })
     navigate({
@@ -573,8 +573,8 @@ const handleDeploymentSubmit = async (e: TargetedEvent<HTMLFormElement>) => {
       projectId: project.data!.slug,
       logsEnabled,
       databaseEnabled,
-      sqlEndpoint: (fd.get('sql-endpoint') as string) || undefined,
-      sqlToken: (fd.get('sql-token') as string) || undefined,
+      endpoint: (fd.get('endpoint') as string) || undefined,
+      accessToken: (fd.get('token') as string) || undefined,
     })
     getDeployment.fetch({ url: dep.url })
     navigate({
@@ -652,25 +652,25 @@ const DeploymentsSettingsPage = () => {
                 <LogsTokenSection deploymentUrl={dep.url} />
               </Accordion>
               <Accordion
-                label='Database Enabled'
+                label='Deployment Access'
                 name='databaseEnabled'
                 value={dep.databaseEnabled}
                 editKey='deployment'
                 urlKey='db'
               >
                 <div class='space-y-2'>
-                  <Label text='SQL Endpoint' desc='database connection URL' />
+                  <Label text='Endpoint' desc='service connection URL' />
                   <Input
-                    name='sql-endpoint'
-                    value={dep.sqlEndpoint || ''}
+                    name='endpoint'
+                    value={dep.endpoint || ''}
                     editKey='deployment'
                     placeholder='https://...'
                     mono
                   />
-                  <Label text='SQL Token' desc='auth token for database' />
+                  <Label text='Access Token' desc='auth token' />
                   <Input
-                    name='sql-token'
-                    value={dep.sqlToken || ''}
+                    name='token'
+                    value={dep.accessToken || ''}
                     editKey='deployment'
                     secret
                     visKey='sql-vis'