Supabase kicked off Launch Week 12 in August with a Postgres+AI drop that went viral followed by other exciting announcements throughout the week. Here’s all the juicy highlights you don’t want to miss:

Day 1 - postgres.new: In-browser Postgres with an AI interface#

Supabase launched postgres.new which reimagines interacting with Postgres using a large language model (LLM) all in the browser. Spin up as many databases as you want, and with the help of an AI assistant, generate tables with sample data or import your data, database migrations, embeddings for semantic search and RAG, reports and charts, and so much more.

Website | Blog Post | Video Announcement

Day 2 - Supabase Realtime: Broadcast and Presence Authorization#

Realtime introduced Broadcast and Presence Authorization to give you fine-grain control over which clients are authorized to join private Channels and what type of Broadcast and Presence actions those clients within the Channels can execute. Get started by writing row-level security (RLS) policies to dictate, as an example, that Client1 can only send messages while Client2 can only receives messages when they’re both in the same private Channel.

Docs | Blog Post | Video Announcement

Day 3 - Supabase Auth: Bring-your-own Auth0, Cognito, or Firebase#

As much as we want you to migrate over to Supabase Auth, we’re not hurt if you want to stay with your current auth provider. I’m sure you have your reasons. That’s why we’ve launched Firebase Auth, Auth0, and Amazon Cognito support so you can bring your auth and it’ll seamlessly work with the rest of Supabase. We’ve also extended multi-factor authentication (MFA) to support both SMS and WhatsApp and introduced Auth Hooks so you can customize your Supabase Auth flow.

Docs | Blog Post | Video Announcement

Day 4 - Introducing Log Drains#

Supabase generates a ton of logs for every product and we provide a Logs Explorer for you to query them. However, we realize that you may want to send them elsewhere for various purposes. We’re not offended; we actually encourage you to do so with the release of Log Drains. You can now send your logs to external destinations like Datadog and via custom HTTP endpoints and we have more destinations in the works like Syslog and Loki.

Docs | Blog Post | Video Announcement

Day 5 - Postgres Foreign Data Wrappers with Wasm#

Supabase Wrappers has released several official Foreign Data Wrappers (FDW), all written in Rust, so you can query data from the likes of S3, Clickhouse, and Stripe. There are many, many data sources out there so we developed WebAssembly (Wasm) support to enable anyone to create FDWs as long as they are familiar with a language that compiles to WebAssembly and can even share their FDWs with the community. Head over to our Catalog to check Official and Community FDWs, including Snowflake and Paddle Wasm Wrappers.

Docs | Blog Post | Video Announcement

One more thing from Launch Week 12#

Just kidding, there’s always more than one. Here’s more goodies we shipped:

• Official Supabase extension for VS Code and GitHub Copilot
• pg_replicate - Build Postgres replication applications in Rust
• Snaplet is now open source
• Supabase Book - Learn Supabase by building a multi-tenant platform
• PostgREST 12.2: Prometheus metrics
• vec2pg: Migrate to pgvector from Pinecone and Qdrant
• pg_graphql 1.5.7: pagination and multi-tenancy support
• Introducing New Platform Access Control
• Supabase Python

Quick Product Announcements#

• [Platform] Changes to Supabase API Keys on 7th October 2024 [Changelog]

• [Auth] Asymmetric Keys support on 7th October 2024 [Changelog]

• [Dashboard] Organize SQL snippets into folders in SQL Editor [Changelog]

• [Dashboard] Supabase AI Assistant: Choose which schemas to share with OpenAI [Changelog]

• [Database] Spin up Supabase project via Vercel Marketplace [Docs]

• [Database] Threshold for transitioning projects to physical backups lowered to 15GB [Changelog]

• [Billing] Supabase moves to hourly usage-based billing [Database] [Storage] [Add-ons]

• [Billing] Improved invoices and more timely usage data [Changelog]

Community Highlights#

• Hyperdome - Chatbot application familiarized with HTMX, Hyperscript, tweets, memes, and lore. [Repo]

• DevCanvas - An open-source Codepen alternative [Repo]

• CraftGen - Build useful AI agents to complete tasks on autopilot [Repo]

• mangosqueezy - Affiliate marketing tool [Repo]

• notedown - A self-hostable rich text editor built with Next.js and Supabase [Repo]

• Supabase Real-world Production Example by Egor Gorbachev [Video]

• This RAG AI Agent with n8n + Supabase is the Real Deal [Video]

This is now live! Read the blog post.

Introduction#

We are introducing asymmetric key cryptography to Supabase Auth in Q4 2024 on 7th October 2024. This will be provided as an additional option to the JWT secret currently shown in the JWT settings page.

Why are we doing this?#

Supabase Auth has always been using a symmetric secret (known as the JWT secret) for signing and verifying JWTs. While this is simple and convenient (since the same secret is used for both signing and verifying), it presents the following problems:

1. Extra network request required to verify the user’s JWT with the symmetric secret. Currently, one needs to make a request to Supabase Auth in order to verify the user’s JWT or copy the JWT secret into their environment. While the latter suggestion improves performance, it can result in security implications if the secret is accidentally leaked, which requires all your keys to be rolled.
2. Difficult to roll with zero downtime. Since the symmetric secret cannot be shared publicly, developers need to wrangle with rolling the secret across their environments while ensuring that the new secret is used.

Benefits of using asymmetric keys#

Asymmetric keys rely on public / private key cryptography, which means that the private key is only used for signing, while the public key is only used for verifying. This solves the above problems in the following way:

• Usage of asymmetric key cryptography rather than a shared symmetric secret for signing and verifying JWTs. Since asymmetric keys don’t use a shared secret, there is less risk of the secret being leaked.
• Faster JWT verification times since there’s no need to make a network call to Supabase Auth via getUser() . The public key can be used for verifying the JWT. Note that adding the symmetric secret to your server-side environment to verify the JWT also has the same effect but is potentially less secure since there is an increased risk of the secret being leaked if it is used in multiple applications.
• Zero-downtime key rotation. Public keys can be exposed in a JSON Web Key Set (JWKs) format, which allows any one of them to be used for verification. When the asymmetric key is rotated, we can still keep the previously used public key in the JWKs endpoint to verify existing JWTs. New JWTs will be signed by the new asymmetric key.

These will include the following changes:

• A public JWKs endpoint for retrieving the public JWK to verify JWTs. This will be exposed through the https://<project_ref>.supabase.co/auth/v1/.well-known/jwks.json endpoint. The symmetric secret will not be exposed through this endpoint for security reasons.
• A new method called getClaims() , which handles verifying the JWT and returning the claims in it.
• Ability to download the public keys in different formats through the dashboard (e.g. PEM, JWKs).

Migration to Asymmetric JWTs#

New projects that are created after 1st May 2025 will be created with an RSA asymmetric key by default. Existing projects can choose to start using asymmetric keys by doing the following:

1. Ensure that you are using the new API keys.
2. Update all your clients to use at least supabase-js version x.x.x (the version number will be updated closer to the release date). In this version, we are introducing a new method called getClaims which handles verifying both symmetric and asymmetric JWTs:

   • Example successful response payload for getClaims()

     
     

     _29

     {

     _29

     "data": {

     _29

     "iss": "https://projectref.supabase.co",

     _29

     "sub": "565dafb5-fd66-4274-9c37-f0ff720f5637",

     _29

     "aud": "authenticated",

     _29

     "exp": 1824717902,

     _29

     "iat": 1724717902,

     _29

     "email": "foo@example.com",

     _29

     "phone": "",

     _29

     "app_metadata": {

     _29

     "provider": "email",

     _29

     "providers": ["email"]

     _29

     },

     _29

     "user_metadata": {

     _29

     ...

     _29

     },

     _29

     "role": "authenticated",

     _29

     "aal": "aal1",

     _29

     "amr": [

     _29

     {

     _29

     "method": "oauth",

     _29

     "timestamp": 1724717902

     _29

     }

     _29

     ],

     _29

     "session_id": "479c1cbf-bd52-42d4-894f-1519f39b3241",

     _29

     "is_anonymous": false

     _29

     },

     _29

     "error": null

     _29

     }

     
     

   • Using getClaims() to verify the JWT

     
     

     _13

     import { createClient } from 'supabase/supabase-js'

     _13

     _13

     const supabase = createClient(SUPABASE_URL, SUPABASE_KEY)

     _13

     _13

     // previously, using getUser() requires making an

     _13

     // additional network request to Supabase Auth to verify the JWT

     _13

     //

     _13

     // const { data, error } = await supabase.auth.getUser()

     _13

     _13

     // getClaims() will always return the JWT payload if the JWT is verified

     _13

     // If it's an asymmetric JWT, getClaims() will verify using the JWKs endpoint.

     _13

     // If it's a symmetric JWT, getClaims() calls getUser() to verify the JWT.

     _13

     const { data, error } = await supabase.auth.getClaims(jwks)

     
     
3. Create an asymmetric key through the dashboard. At this point the symmetric JWT moves to a Previously Used state. Existing JWTs signed with the symmetric JWT continue to be valid, but new JWTs are signed via the asymmetric JWT. Note: The UI mockup below is subjected to change and is just meant to illustrate the different possible states of a signing key.

4. After the JWT expiry period, you can safely revoke the “Previously Used” symmetric JWT, since new JWTs will now be signed with the asymmetric key.

Frequently Asked Questions#

• What do I need to do before I can start using asymmetric keys in Supabase Auth?
  • See migration section above for the detailed steps
• Can I create a symmetric key after I create an asymmetric key?
  • Yes. You will still be able to create a new symmetric key under the JWT settings page in the dashboard. New projects will be created with an asymmetric key by default on 1st May 2025.
• Will the private asymmetric key be exposed?
  • No. Only the public keys will be exposed in various formats (e.g. PEM, JWKs) since those are needed for verification.
• Will I be able to bring my own private key?
  • Yes, you can bring your own private key as long as it complies with the key types allowed.
• What key types can I use to create asymmetric JWTs?
  • By default, asymmetric keys will be created with RS256 by default. You can optionally choose to use ECC or Ed25519. ECC keys are more performant, but not as widely supported as RS256. You can also fallback to HS256 (symmetric keys).

We’re changing the way API keys work in Supabase to improve your project’s security and developer experience. Refer to the timetable below for key dates and info on actions you may need to take in the future.

This change starts out as early preview and is opt-in. No action necessary until at least 1st November 2025. We strongly encourage you to give the new API keys a try!

What's the change?#

These are the planned changes for the API keys:

• anon and service_role keys remain available for use.
• A single publishable key with the form sb_publishable_... can be used to replace the anon key.
• You can create multiple secret keys with the form sb_secret_.... You can also choose not to have a secret key if you don’t need one. Secret keys replace the service_role key.
• You can disable and re-enable the anon and service_role keys, as needed during the migration period.

Summarized, there are 4 types of API keys that can now be used with Supabase. This chart should illustrate it better:

Timetable#

Why are we doing this?#

Since the start of Supabase, the JWT-based anon and service_role keys were the right trade-off between simplicity and relative security for your project. Unfortunately they pose some real challenges in live applications, especially around rotation and security best practices.

The main reasons for making this change are:

• Tight coupling between the JWT secret (which itself can be compromised, if you mint your own JWTs) and the anon (low privilege), service_role (high privilege), and authenticated (issued by Supabase Auth) Postgres roles.
• Inability to independently rotate each aspect of the keys, without downtime.
• Inability to roll-back an unnecessary or problematic JWT secret rotation.
• Publishing new versions of mobile applications can take days and often weeks in the app review phase with Apple's App Store and Google's Play Store. A forced rotation can cause weeks of downtime for mobile app users.
• Users may continue using desktop, CLI and mobile apps with very old versions, making rotation impossible without a forced version upgrade.
• JWTs had 10-year expiry duration, giving malicious actors more to work with.
• JWTs were self-referential and full of redundant information not necessary for achieving their primary purpose.
• JWTs are large, hard to parse, verify, and manipulate -- leading to insecure logging or bad security practices.
• They were signed with a symmetric JWT secret, preventing future development of Auth features.

Start using the new API keys#

It’s easy to start using the new API keys. You can opt in in the Supabase dashboard. This will create the default publishable key and a single secret API key.

For the most part, you can substitute the sb_publishable_... and sb_secret_... values anywhere you used the anon and service_role keys respectively. They work roughly the same in terms of permissions and data access.

You can initialize any version of the Supabase Client libraries with the new values without any additional changes, and we don't expect any backward compatibility issues.

Key differences to be aware of#

We've redesigned how the Supabase hosted platform deals with API keys with a few key goals:

• Advanced and enterprise-ready security features
• Zero-downtime rotation
• Solid foundations for the introduction of asymmetric JWT support and other Auth features requiring this

To achieve these, the new API keys have some subtle differences from anon and publishable:

• Permission and access control. Secret keys are hidden by default and need to be individually "revealed." Each event appears in your organization's Audit Log.
• Instant revocation. By deleting a secret key it is instantly revoked.
• Forbidden use in a browser. Using a secret key in a browser is no longer possible and will always fail with HTTP 401 Unauthorized.
• Limitation with Realtime: Connections last 24 hours when there’s no signed in user, or when using a secret key. Sign users in to extend connections indefinitely.
• Limitation with Edge Functions: Edge Functions provide the option --no-verify-jwt which means they can be called without knowing any API key. You will need to apply this option to functions you are protecting without it.
• Use of the Authorization header. It is no longer possible to use a publishable or secret key inside the Authorization header — because they are not a JWT. Instead pass in the user’s JWT, or leave the header empty. For backward compatibility, it is only allowed if the value in the header exactly matches the value in the apikey header.

We believe these limitations are minor and not likely to impact even a single-digit percentage of existing customers. Should you find any additional limitation do not hesitate to bring it up in this discussion or via Supabase Support.

Schema Visualizer nodes are now persisted#

This was yet another request that we've commonly heard from everyone and we're taking a first step to making this happen 😄 Position of the nodes will now be stored within local storage so that you won't have to re-position them each time you land on this page. We've also added a button to help arrange the nodes automatically if that might be preferred!

Note that if you add new tables to the schema however, the node positions will be defaulted to a certain position that may overlap with other nodes - we're definitely looking into how we can make that better so that new nodes can be easily identified (and then shifted around to your liking 🙂)

PR: https://github.com/supabase/supabase/pull/29136

Link: https://supabase.com/dashboard/project/_/schemas

Other improvements and bug fixes#

General

• Minor improvements to layouts and buttons to ensure their visibility on smaller screens (PR)
• Fix project status filter on home page to only show active projects if only the active checkbox is checked (PR)

Table Editor

• Fix client crash when creating an empty table with no columns (PR)
• Fix handling of of large JSON / text fields in the side panel text editor (PR)

SQL Editor

• Add client side validation for query size (max 1MB) (PR)
• Couple of fixes around adding a new folder with the same name as an existing one (PR)

Database

• Update Stripe Wrapper with more tables (PR)
• Remove docs button for database extensions that have no documentation yet (PR)

Supabase Edge Runtime version 1.57 is compatible with Deno 1.45.

Supabase's hosted platform was upgraded to use this release when serving Edge Functions starting last week.

If you're using Supabase CLI for local development latest stable release 1.192.5, it adds compatibility for Deno 1.45.

How do I find which version of Edge Runtime I'm running?#

Supabase CLI (local)#

When you run supabase functions serve, it should show the current version of Edge Runtime used (and its Deno compatibility)

Hosted Platform#

You can check the served_by field in log events to see which Edge Runtime version was used to serve your function.

We try our best to maintain backward compatibility in these upgrades. If you're experiencing any issues, please feel free to make a support request

Upgrade your organization directly from our pricing page#

https://github.com/user-attachments/assets/2262d816-0c69-4c58-a6e2-1ce4868122f2

Users who are logged in will now be able to select and upgrade their organization from the pricing page itself when clicking on the Upgrade to Pro / Team plan buttons. This is mainly to help streamline this process so that users can upgrade their existing organizations, and prevent confusions where users end up creating new paid organizations instead.

PR: https://github.com/supabase/supabase/pull/28942

Link: https://supabase.com/pricing

UI improvements around credit card billing information#

The selected payment method on the billing page is easily missed as you'll need to scroll down before finding it. In particular with outstanding invoices, it may not be obvious that the wrong card (or even expired card) might have been selected as the default. As such we now will

• Indicate which cards are about to expire (within the current month)
• Indicate which cards have expired
• Show the selected payment method, along with a quick link to change it on the invoices page

PR: https://github.com/supabase/supabase/pull/28971

Link: https://supabase.com/dashboard/org/_/billing

Set payment method as default when adding a new payment method#

When adding a new payment method, we have now added a checkbox to set the card as default which is toggled on by default. This should resolve a UX issue whereby customers needed to explicitly set the card as default in a separate manual step after adding it.

PR: https://github.com/supabase/supabase/pull/28921

Link: https://supabase.com/dashboard/org/_/billing

Choose which schemas to share with OpenAI#

This mainly applies to wherever the Supabase AI assistant is present in the dashboard (SQL Editor + RLS policies). You can now choose which schemas to share with OpenAI as opposed to sending information from all schemas in hopes to improve the output quality of the assistant by only sharing relevant information for your prompts to the assistant.

Do keep in mind that you'll need to opt in to sending anonymous data to OpenAI prior to doing this 🙂 You may also verify exactly what data is being sent here as well under "Important information regarding opting in"!

PR: https://github.com/supabase/supabase/pull/28594

Link: https://supabase.com/dashboard/project/_/sql/new

Other improvements and bug fixes#

General

• Show which is the last sign in method used on login page (PR)
• Added 3 new regions to spin up projects from: Ohio, Stockholm, Paris, and Zurich (PR)
• Commands added for cmd+k to search and open snippets in the SQL Editor (PR)
• Support pasting image (via Cmd/Ctrl + v) in the feedback widget (PR)
• Use expanding text area for RLS AI assistant for multi line prompts (PR)

Table Editor

• Save last selected schema, no longer defaults to public schema (PR)
• Set the correct schema in the schema selector when opening a table via URL directly (PR)
• Support exporting table data as SQL seed file (PR)
• Couple of fixes for bugs around composite foreign keys (PR)
• Improve display of estimated row count for the table if the table has > 50k rows, to emphasize that it's an estimated count (PR)
• Spreadsheet import now checks column types from imported spreadsheet (PR)

SQL Editor

• Fix folder name editing where clicking on the input field toggles the folder (PR)
• Support opening cell value via right click into a side panel for a more detailed view (PR)

Auth

• "With check" checkbox is toggled on by default for commands that involve a with check expression (PR)

Storage

• Support searching and sorting buckets (PR)

Logs Explorer

• Support copying cell content via context menu (PR)

The SQL Editor got an upgrade this week, finally letting you organize snippets into folders!

• Favourites and Shared snippets are in folders now
• Organize Private snippets in folders as you like
• Share snippets with your team as you could before

Link: https://supabase.com/dashboard/project/_/sql/new PR: https://github.com/supabase/supabase/pull/27881

Other bug fixes and improvements#

Project compute size badge

• See project compute details and upgrade right from the home screen (PR)

SQL Editor

• Update the SQL Editor AI Assistant model to the latest from OpenAI (PR)

tldr:

• No changes for Free Plan users
• Billing for paid plan organizations will be based on provisioned disk rather than used database space:
  • Each project starts with 8 GB disk provisioned by default.
  • The first 8 GB of provisioned disk per project is free, then $0.125 per additional GB.
  • Charges are prorated down to the hour, which is advantageous for short-lived projects and branches.
  • Provisioned disk from Read Replicas will also be included in billing.
  • Enables upcoming features for enhanced control over disk and Postgres parameters.

Timeline

This change will be rolled out to new customers on August 26th, 2024 and will be gradually rolled out to existing customers shortly after.

Changes

We are adjusting our pricing to offer more flexibility and self-serve for developers wanting to tune their disk and Postgres configuration. For example:

• Some developers want disks with higher throughput
• Some developers want to store more than 1GB of WAL (for tools like Airbyte/PeerDB, or adding more read replicas)

To make this available we will start billing for provisioned disk size (rather than database space used). Previously, costs associated with WAL files were not directly billed but also users could not control change max_wal_size (default is 1GB).

There is no action needed on your end. You will automatically be transitioned to the new billing model throughout the next couple of weeks. In case there is any change in your monthly bill, we will reach out to you proactively with additional information and give you a grace period to decrease your usage.

For customers on the Free Plan, there will be no changes; the total database space remains capped at 500MB. These adjustments only apply to customers on paid plans. The database disk will continue to autoscale when nearing capacity for paid plan customers.

Example 1: Pro plan org, active for whole month#

In this scenario, an Organization is on the Pro Plan with 3 active projects.

Usage

Billing

Example 2: Pro plan org, active for part of the month#

In this scenario, an Organization is on the Pro Plan with 3 active projects.

Usage

Billing

Where do I see my disk size?#

You can see your project’s disk size in your database settings (Project Settings > Database).

How can I resize my disk down?#

Your disk size is based on your database space usage. As a first step, you need to identify current database space usage and reduce it. To see your current database space usage, head over to the built-in “Database” project report. Once you have reduced your database space and want to reduce your provisioned disk, you can upgrade your Postgres version through your project settings to automatically rightsize your disk. For further information around disk management and reducing database space, please refer to our docs.

Is this going to affect my monthly bill?#

If your current disk size is >8GB, this is likely going to impact you. Note that this will be gradually rolled out and you will be notified about the concrete impact on your organization and given a 3-month grace period, which gives you time to right-size your disk and minimize the impact of this change.

Further to earlier discussions, the threshold for transitioning large databases to use physical backups for their daily backups is being lowered to 15GB in the next few days.

Physical backups are more performant, have lower impact on the db, and avoid holding locks for long periods of time. Restores continue to work as expected, but backups taken using this method can no longer be downloaded from the dashboard.

Over the next few months, we'll be introducing functionality to restore to a separate, new database, allowing for the perusal of the backed up data without disruption to the original project.

Please refer to supabase.com/docs/guides/platform/backups#daily-backups-process for additional details.

Claim your ticket for Launch Week 12 kicking off August 12 and read on to learn about a number of new features we have to share with you for the month.

Launch Week 12#

Join us August 12-16 for our next Launch Week event. We will be announcing a number of new features and giving away some great swag!

Claim Your Ticket

Disable Data API for Your Project#

You can now disable the Data API when creating a new project with a setting under "Advanced Options". This option bolsters the security of your data by preventing unintentional access from clients. You can change this behavior on an existing project via the project's API Settings.

Custom Schema for Data API#

Your project's Data API exposes the public schema by default, the most commonly used schema, and can lead to unintentional access to your data. Now, you can dictate which custom schema to expose via the Data API for better security and granular control.

Save Money With Hourly Storage Billing#

On August 20, 2024, Supabase is changing billing for Storage from daily to hourly for new customers and gradually rolling it out for existing customers shortly thereafter. There are no billing changes for projects who continue to use Storage for the entire month while projects using Branching or Storage for partial months will see a reduction in their bill.

Deploy More Functions at No Extra Cost#

We have increased the number of Edge Functions across all plans at no extra cost and removed usage-based billing to simplify your bill.

Quick product announcements#

• [Database] Postgres 13 Deprecation Notice [Github Discussion]
• [Auth] Migrate from Auth0 to Supabase Auth [Docs]
• [Branching] You can customize the public environment variable prefix to use any framework [Pull Request]
• [Docs] Supabase docs now feature global navigation bar [Docs]

Made with Supabase#

• Krea - Realtime and interactive image generation in the browser, the easiest way to generate with AI [Website]
• Cheat Layer - The most powerful no-code agent editor on the planet. Learn new RPA concepts to build future-proof agents that are impossible in other RPA tools [Website]
• Udio - Generative music, you can even edit segments of the tracks using AI [Website]
• Pika - The idea-to-video AI platform that sets your creativity in motion. [Website]
• MakePodcast - Effortlessly craft professional podcasts in minutes using AI [Website]

Community Highlights#

• Using Pre-commit Hook to Upload Local Media to Supabase Bucket [blog]
• Build Library Management System Using React, Shadcn/ui, Supabase and React Query From Scratch [Youtube]
• Instagram Clone in React Native: Video, Backend with Supabase & Push Notifications [YouTube]
• It all starts with Postgres (Interview to Paul Copplestone) [YouTube]
• GraphQL Quickstart with Supabase [YouTube]
• 13min High Intensity Postgres Workout (NO REPEATS) [YouTube]

Launch week, Storage, Supabase CLI, Connection Pooling, Supabase UI, and Pricing. Here's what we released last month.

This is also available as a blog post and a video demo.

Supabase Storage#

Need to store images, audio, and video clips? Well now you can do it on Supabase Storage. It's backed by S3 and our new OSS storage API written in Fastify and Typescript. Read the full blog post.

Connection Pooling#

The Supabase API already handles Connection Pooling, but if you're connecting to your database directly (for example, with Prisma) we now bundle PgBouncer. Read the full blog post.

React UI Component Library#

We open sourced our internal UI component library, so that anyone can use and contribute to the Supabase aesthetic. It lives at ui.supabase.io . It was also the #1 Product of the Day on Product Hunt.

CLI#

Now you can run Supabase locally in the terminal with supabase start. We have done some preliminary work on diff-based schema migrations, and added some new tooling for self-hosting Supabase with Docker. Blog post here.

OAuth Scopes#

Thanks to a comunity contribution (@_mateomorris and @Beamanator), Supabase Auth now includes OAuth scopes. These allow you to request elevated access during login. For example, you may want to request access to a list of Repositories when users log in with GitHub. Check out the Documentation.

Kaizen#

• You can now manage your PostgREST configuration inside the Dashboard.
• Our website has been redesigned. Check out our new Homepage and Blog, and our new Database, Auth, and Storage product pages.
• We refactored some of our Filter methods to make them even easier to use. Check out the Full Text Search refactor.
• We have added several new sections to our Docs including: Local Dev, Self Hosting, and Postgres Reference docs (all still under development).

Supabase is an open source Firebase alternative. We've now been building for one year. Here's what we released last month.

This is also available as a blog post and a video demo.

Dashboard Sidebars#

We've improved the UX of our Dashboard with sidebars in every section, including the Table view, the Auth section, and the SQL Editor.

SQL Autocomplete#

Writing SQL just got 10x easier. We added autocomplete to the SQL editor, including table & column suggestions.

Auth Redirects#

Redirect your users to specific route within your site on signIn() and signUp().

Learning Resources#

We've released a new Resources section in our docs, as well as two new Auth modules: GoTrue Overview and Google OAuth.

New Region#

Launch your database in South Africa.

Kaizen#

• We filled up our Examples page with a lot of new content.
• We released a Docker Compose file for running Supabase locally. This will be used in our upcoming CLI.
• We have a couple of pending RFCs which you may want to participate in:
  • Planning our CLI and Local Development
  • Connection Pooling on Supabase

New year, new features. We've been busy at Supabase during January and our community has been even busier. Here's a few things you'll find interesting.

This is also available as a blog post and a video demo.

Count functionality#

Anyone who has worked with Firebase long enough has become frustrated over the lack of count functionality. This isn't a problem with PostgreSQL! Our libraries now have support for PostgREST's exact, planned, and estimated counts. A massive thanks to @dshukertjr for this adding support to our client library.

New Auth Providers#

We enabled 2 new Auth providers - Facebook and Azure. Thanks to @Levet for the Azure plugin, and once again to Netlify's amazing work with GoTrue to implement Facebook.

Auth Audit Trail#

We have exposed the audit trail directly in the dashboard, as well as the GoTrue logs. Great for security and debugging.

Auth UI widget#

In case our Auth endpoints aren't easy enough already, we've built a React Auth Widget for you to drop into your app and to get up-and-running in minutes.

New auth.email() function#

We added a helper function for extracting the logged in user's email address.

New Regions#

Launch your database in London or Sydney!

Copy rows as Markdown#

You can now copy SQL results as Markdown - super useful for adding to blogs and issues.

React server components#

If you're excited by React Server components then check out the Supabase + Server Components experimental repo. https://github.com/supabase/next-server-components

Learn#

We know that Auth can be a bit daunting when you're just starting out, so we have created some intro videos to get you up to speed in no time:

• Supabase Auth Deep Dive Part 1: JWTs
• Supabase Auth Deep Dive Part 2: Restrict Table Access
• Supabase Auth Deep Dive Part 3: User Based Access Policies

Kaizen#

• Performance: We migrated all of our subdomains to Route53, implementing custom Let's Encrypt certs for your APIs. As a result, our read benchmarks are measuring up 12% faster.
• Performance: We upgrade your databases to the new GP3 storage for faster and more consistent throughput.

After 10 hectic months of building, Supabase is now in Beta.

This is also available as a blog post and a video demo.

Supabase is now in Beta#

We spent months working on Performance, Security, and Reliability. Read more on our Beta Page.

Improve your docs inline#

Add comments and descriptions to your Tables directly from our auto-generated docs.

Table View now has realtime changes#

Any updates that happen to your database are reflected in the Table View immediately.

Table Pagination#

Our table view now has pagination - better for working with large data sets.

Supabase raised a Seed Round#

We raised $6M from Y Combinator, Mozilla, and Coatue. You can read more on TechCrunch.

Kaizen#

• Supabase is now 26% faster in regions which support Graviton (1460 reqs/s up from 1167 reqs/s)
• We launched a new region in Sao Paulo.
• Postgres Array Support. You can now edit Native Postgres array items in the grid editor or the side panel.
• We added better support for your custom Database Types.
• Fixed some buggy keyboard commands. We're continuously improving key commands in the Table editor.