Performing administration tasks on the server side with the service_role secret

By default, the auth-helpers/ssr do not permit the use of the service_role secret. This restriction is in place to prevent the accidental exposure of your service_role secret to the public. Since the auth-helpers/ssr function on both the server and client side, it becomes challenging to separate the key specifically for client-side usage.

However, there is a solution. You can create a separate Supabase client using the createClient method from @supabase/supabase-js and provide it with the service_role secret. In a server environment, you will also need to disable certain properties to ensure proper functionality.

By implementing this approach, you can safely utilize the service_role secret without compromising security or exposing sensitive information to the public.

1
2
3
4
5
6
7
8
9
import { createClient } from '@supabase/supabase-js'const supabase = createClient(supabaseUrl, serviceRoleSecret, {  auth: {    persistSession: false,    autoRefreshToken: false,    detectSessionInUrl: false,  },})