DEV Community

Cover image for How to create API keys in Supabase for roles other than "anon" and "service"?
acetrondi
acetrondi

Posted on • Edited on

4

How to create API keys in Supabase for roles other than "anon" and "service"?

If you're reading this post, you may already be familiar with Supabase. However, for those who are new, let me provide a brief introduction.

Supabase is an alternative to Firebase that utilizes PostgreSQL as its database and offers various features, including authentication, real-time capabilities, and storage.

To get started with Supabase, follow these steps:

  1. Obtain the JWT key from the Supabase dashboard or through this link.
    Obtain Jwt token/secret from supabase dashboard

    Never disclose your Jwt secret/token in public

  2. Create a role in your SQL editor:

CREATE ROLE your_role;
GRANT your_role TO authenticator;
-- grant role privileges here 
Enter fullscreen mode Exit fullscreen mode

3.Visit jwt.io and populate the payload field with the following information:

Enter data in payload field

    {
      "iss": "supabase",
      "ref": "project ref id",
      "role": "your_role",
      "exp": 2001128702
    }
Enter fullscreen mode Exit fullscreen mode

Replace ref with your project reference ID from Dashboard

4.In the "Verify Signature" field, enter the JWT Token/Secret obtained in step 1.

Note: Default algorithm for JWT token is "HS256"

//Header
{
  "alg": "HS256",
  "typ": "JWT"
}
Enter fullscreen mode Exit fullscreen mode

Enter your Jwt token in Verify Signature

5.The "Encoded/Token" field will display the newly generated token. Copy this token and include it in your REST API or client code and requests as Authorization: Bearer new_generated_token. This token will have all the privileges you gave to your_role role from sql editor in supabase dashboard.

Fetch/Copy newly generated token from the Encoded field

Note: Please exercise caution when assigning sensitive data as this role will have the privileges you grant it.

Peace!

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Bump.sh

Hate writing docs?

Hate undocumented APIs even more?

Bump.sh generates an always up-to-date API reference site for REST and Event-Driven Architectures.

Plug it in your CI. It fetches your OpenAPI and AsyncAPI (GraphQL pending) spec files, and even generates a diff. Gather all of your API docs in a single source of truth.

Try it for free