Deprecated RLS features

Last edited: 12/29/2025

The `auth.role()` function is now deprecated

The auth.role() function has been deprecated in favour of using the TO field, natively supported within Postgres:

1
-- DEPRECATED
2
create policy "Public profiles are viewable by everyone."
3
on profiles for select using (
4
  auth.role() = 'authenticated' or auth.role() = 'anon'
5
);
6
7
-- RECOMMENDED
8
create policy "Public profiles are viewable by everyone."
9
on profiles for select
10
to authenticated, anon
11
using (
12
  true
13
);

The `auth.email()` function is now deprecated

The auth.email() function has been deprecated in favour a more generic function to return the full JWT:

1
- DEPRECATED
2
create policy "User can view their profile."
3
on profiles for select using (
4
  auth.email() = email
5
);
6
7
-- RECOMMENDED
8
create policy "User can view their profile."
9
on profiles for select using (
10
  (auth.jwt() ->> 'email') = email
11
);