Dashboard Bug: Cannot Edit/Delete Edge Function Secrets

Hi Supabase community — I’m running into what looks like a Supabase Dashboard UI bug that’s blocking a live production app.

What’s happening (the bug) In Supabase Dashboard → Project Settings → Edge Functions → Secrets, I can view existing secrets but I cannot edit or delete them.

Delete attempts fail (no change after confirming) There’s no reliable way to edit/update existing values in the UI This appears to be affecting project-level Edge Function secrets (not just one function).

Impact (no secret values shared) This is blocking us from correcting essential configuration for a custom domain launch. Specifically, we need to update secrets such as:

SUPABASE_ANON_KEY CORS_ALLOWED_ORIGINS APP_BASE_URL Because we can’t update these, we’re seeing:

Edge Function errors: 401 Unauthorized / “Invalid JWT” (functions receive a token but fail validation) CORS failures: browser OPTIONS preflight failures, blocking POST requests (e.g. verify-redemption) App-level issue: resolveRole: DB query timeout, which leaves the Business Dashboard stuck in a “Pending” state This is production-blocking (QR scanning + business workflow broken).

What I’m asking for Has anyone experienced this Dashboard secret management bug and found a workaround?

I’m specifically looking for a workaround that does not require the CLI (I’m not comfortable relying on CLI for production secret updates right now). For example:

A known UI path to force refresh/reset secrets A setting/permission that restores edit/delete A safe “reset secrets” approach Any known incident/regression affecting Edge Function secrets in the Dashboard Project reference Project Ref: hbaflbmfptobyfqbudrt

Security note I can’t share actual secret values publicly, but I can provide screenshots of the UI behavior (with values redacted) and exact error messages / request status codes if helpful.

Thanks in advance for any guidance or confirmed workarounds.