Skip to content

Use role from user JWT #307

New issue
New issue
Open
Open
Use role from user JWT#307
Labels
enhancementNew feature or request
@calj

Description

@calj
calj
opened on Jul 26, 2022

Feature request

Use the user role to apply a specific RLS policy to requests.

Problem

We would like to extend supabase-studio and give a finer access control to different users based on their role using PostgreSQL RLS feature.

For the moment supabase-studio is using a single API key to access meta with a full access to the database.

Describe the solution you'd like

We would need to use the user role from his session JWT to apply the correct RLS policy.
This mechanism exists in PostREST service.

Describe alternatives you've considered

Our current alternative is to use PostgREST and RLS for non-admin roles and use supabase-studio core functionalities only to the platform admin, which is very limiting.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions