Sleetza
Sleetza8mo ago

How to run RLS with Supabase?

Hey guys, I made a web app with Flutterflow, Supabase and Buildship. I have RLS enabled and made policies to only allow authorized users to select, insert end update rows. My plan was to use the service_key role api key in my Buildship Supabase nodes to bypass RLS. But that does not work. I found this on github; https://github.com/orgs/supabase/discussions/15860 What packages is Buildship using by default? Its not in the docs. Can it be that it uses auth-helpers/ssr? If so, how would you recommend I grant my backend acces to Supabase DB with RLS enabled?
GitHub
Performing administration tasks on the server side with the service...
By default, the auth-helpers/ssr do not permit the use of the service_role secret. This restriction is in place to prevent the accidental exposure of your service_role secret to the public. Since t...
Solution:
I changed the nodes to 'with token' equivalents, now they work.
Jump to solution
8 Replies
Solution
Sleetza
Sleetza8mo ago
I changed the nodes to 'with token' equivalents, now they work.
vadym
vadym8mo ago
@Sleetza I'm having the same use case, and can't figure it out. If you want to use service_role Supabase key, what do you as API key and as a Token in BuildShip node?
Sleetza
SleetzaOP8mo ago
In your Supabase api section there is a seperate api key for the service role. I use the token that I grab from my FF frontend via api (bearer token)
vadym
vadym8mo ago
Can you please share a screenshot where do you get this Bearer token? And I wonder, shouldn’t it have expiration period (something like a few hours or days?) @Sleetza , sorry if I look to pushy. I’m really looking forward to find solution for my issue, and will appreciate your input a lot 🙏
Gaurav Chadha
Gaurav Chadha8mo ago
Integrate Supabase DB with BuildShip – BuildShip
A unified resource to start building your backend with low-code. Dive into triggers, nodes, and step-by-step guidance to jumpstart your workflow creation.
vadym
vadym8mo ago
@Gaurav Chadha , unfortunately in this article there is no information how to get Bearer Token, if the Buildhip is triggered from Supabase And If am using node without Token, then I cannot overcome RLS
Sleetza
SleetzaOP8mo ago
Maybe try the Supabase discord
Janis
Janis6mo ago
Did you ever find a solution for this?