supabase-custom-claims VS supabase-tenant-rbac

Compare supabase-custom-claims vs supabase-tenant-rbac and see what are their differences.

supabase-custom-claims

How to implement custom claims with Supabase (by supabase-community)
Suggest topics
Source Code
Suggest alternative
Edit details

supabase-tenant-rbac

A template for implementing basic RBAC for a multi-tenant supabase project (by point-source)
Suggest topics
Source Code
Suggest alternative
Edit details
SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
supabase-custom-claims supabase-tenant-rbac
18 5
482 213
8.7% -
1.3 4.8
8 months ago 6 days ago
JavaScript PLpgSQL
- BSD 2-clause "Simplified" License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

supabase-custom-claims

Posts with mentions or reviews of supabase-custom-claims. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-12-16.
  • Comparing Postgres Managed Services: AWS, Azure, GCP and Supabase
    1 project | news.ycombinator.com | 5 Mar 2024
    Have you checked out this repo: https://github.com/supabase-community/supabase-custom-claims?

    The "raw_app_meta_data" stored for a user is not writeable by the user, so you can store roles and/or privileges in there.

  • Fly Postgres, Managed by Supabase
    3 projects | news.ycombinator.com | 16 Dec 2023
    Have a look at the supabase-community claims repo [1]. NOTE: this is for ACL type permissions where you want to provide granular access to a wide range of services.

    This stuff is "really cool" but just keep in mind that it is pretty advanced. And exactly as another commenter noted in this thread, it is possible to destroy your performance if you need to join on other tables in an extended version of this kind of RLS policy.

    In this repo, the logic is simply "if a claim exists on the JWT then grant access". But in a lot of cases you may want to do something like "if this user is an owner of then grant access". That can require a join to that other table. That logic can get even more complex, for example, you might want to say "allow the user access to this row if they are an owner of the project". So you have to do more work to join from a child table, to a project table, to the user table, etc.

    These operations are in addition to any work you might be doing in the actual query that is executed. I have no idea if the query planner can recognize you are doing the same joins in the RLS as the main query and optimize that away. But at any rate, every single policy invocation (on every single query) will be executing this logic.

    These are all considerations if you are planning more advanced access policies to your data. If all you need is a binary "can access"/"cannot access" then basic RLS policies may be fine. But once you get into even moderately complex scenarios your policies are likely to balloon in complexity and you'll be writing a fair amount of PL/pgsql and fighting with testing and validating.

    1.https://github.com/supabase-community/supabase-custom-claims...

  • ntegrating Supabase SDK with Drizzle ORM in Next.js: How to handle DB operations and authentication seamlessly?
    1 project | /r/nextjs | 27 Aug 2023
    Custom Claims and RLS: I have created custom claims using this repo to handle routes and API access for custom roles like HEAD_ADMIN, ADMIN. Should I also use RLS (Row Level Security) on tables to add an extra layer of security for certain roles? Is this necessary, or will my custom claim handling suffice?
  • Row Level Security (RLS): Performance implications
    2 projects | /r/Supabase | 27 Jun 2023
    https://github.com/supabase-community/supabase-custom-claims https://github.com/point-source/supabase-tenant-rbac
  • Using Triggers to Map Database Relationships in Custom Claims
    2 projects | dev.to | 30 May 2023
    Custom claims are a powerful tool for implementing row-level security (RLS) policies in your applications which was popularized by Supabase. In a previous blog post (Part 1: "Using Custom Claims: Testing RLS with Supabase"), we explored the basics of custom claims and their application in Supabase. In this Part 2, we will delve deeper into the topic by introducing triggers and how they can be used to map database relationships in custom claims.
  • How to Implement Role-Based Access with Supabase
    1 project | dev.to | 21 May 2023
    Supabase does not currently have built-in support for role-based access as of May 21, 2023. However, they are actively working on implementing it in the future. In the meantime, you can leverage the functionality provided by the supabase-custom-claims library. I have personally found this library effective and have successfully integrated it into my system using the SQL functions it offers.
  • Hi! I just moved to Supabase and is there any way that I can set a user as admin without creating a user table?
    2 projects | /r/Supabase | 13 May 2023
    https://github.com/supabase-community/supabase-custom-claimshttps://github.com/point-source/supabase-tenant-rbac I wrote the first one, the second one was built with mine as a base. If you have questions please let me know -- I'm happy to help.
  • Allowing users to invite others with Supabase Edge Functions
    2 projects | /r/learnprogramming | 11 May 2023
    I also had to modify the library I was using (custom-claims) to consider the service_role as an admin.
  • Admin role
    1 project | /r/Supabase | 11 Apr 2023
    What you're looking for is custom claims.check it here
  • Role-based Access Control / Groups / Tenancy
    2 projects | /r/Supabase | 7 Apr 2023
    This is built off the original custom-claims project.

supabase-tenant-rbac

Posts with mentions or reviews of supabase-tenant-rbac. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-07-11.

What are some alternatives?

When comparing supabase-custom-claims and supabase-tenant-rbac you can also consider the following projects:

auth-helpers - A collection of framework specific Auth utilities for working with Supabase. [Moved to: https://github.com/supabase/auth-helpers]

zenstack - Typescript toolkit on top of Prisma ORM, offering flexible and declarative Access Control Policy(Authorization/Permission) for RBAC/ABAC/PBAC/ReBAC with auto-generated type-safe APIs and frontend hooks.

frank_jwt - JSON Web Token implementation in Rust.

supabase - The open source Firebase alternative.

gdschool

auth0-java - Java client library for the Auth0 platform

refine - Build your React-based CRUD applications, without constraints.

supabase-custom-claims vs auth-helpers supabase-tenant-rbac vs zenstack supabase-custom-claims vs frank_jwt supabase-custom-claims vs supabase supabase-custom-claims vs gdschool supabase-custom-claims vs auth0-java supabase-custom-claims vs refine