The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Supabase-custom-claims Alternatives
Similar projects and alternatives to supabase-custom-claims
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
auth-helpers
Discontinued A collection of framework specific Auth utilities for working with Supabase. [Moved to: https://github.com/supabase/auth-helpers] (by supabase-community)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
supabase-custom-claims reviews and mentions
-
Comparing Postgres Managed Services: AWS, Azure, GCP and Supabase
Have you checked out this repo: https://github.com/supabase-community/supabase-custom-claims?
The "raw_app_meta_data" stored for a user is not writeable by the user, so you can store roles and/or privileges in there.
-
Fly Postgres, Managed by Supabase
Have a look at the supabase-community claims repo [1]. NOTE: this is for ACL type permissions where you want to provide granular access to a wide range of services.
This stuff is "really cool" but just keep in mind that it is pretty advanced. And exactly as another commenter noted in this thread, it is possible to destroy your performance if you need to join on other tables in an extended version of this kind of RLS policy.
In this repo, the logic is simply "if a claim exists on the JWT then grant access". But in a lot of cases you may want to do something like "if this user is an owner of then grant access". That can require a join to that other table. That logic can get even more complex, for example, you might want to say "allow the user access to this row if they are an owner of the project". So you have to do more work to join from a child table, to a project table, to the user table, etc.
These operations are in addition to any work you might be doing in the actual query that is executed. I have no idea if the query planner can recognize you are doing the same joins in the RLS as the main query and optimize that away. But at any rate, every single policy invocation (on every single query) will be executing this logic.
These are all considerations if you are planning more advanced access policies to your data. If all you need is a binary "can access"/"cannot access" then basic RLS policies may be fine. But once you get into even moderately complex scenarios your policies are likely to balloon in complexity and you'll be writing a fair amount of PL/pgsql and fighting with testing and validating.
1.https://github.com/supabase-community/supabase-custom-claims...
-
ntegrating Supabase SDK with Drizzle ORM in Next.js: How to handle DB operations and authentication seamlessly?
Custom Claims and RLS: I have created custom claims using this repo to handle routes and API access for custom roles like HEAD_ADMIN, ADMIN. Should I also use RLS (Row Level Security) on tables to add an extra layer of security for certain roles? Is this necessary, or will my custom claim handling suffice?
-
Row Level Security (RLS): Performance implications
https://github.com/supabase-community/supabase-custom-claims https://github.com/point-source/supabase-tenant-rbac
-
Using Triggers to Map Database Relationships in Custom Claims
Custom claims are a powerful tool for implementing row-level security (RLS) policies in your applications which was popularized by Supabase. In a previous blog post (Part 1: "Using Custom Claims: Testing RLS with Supabase"), we explored the basics of custom claims and their application in Supabase. In this Part 2, we will delve deeper into the topic by introducing triggers and how they can be used to map database relationships in custom claims.
-
How to Implement Role-Based Access with Supabase
Supabase does not currently have built-in support for role-based access as of May 21, 2023. However, they are actively working on implementing it in the future. In the meantime, you can leverage the functionality provided by the supabase-custom-claims library. I have personally found this library effective and have successfully integrated it into my system using the SQL functions it offers.
-
Hi! I just moved to Supabase and is there any way that I can set a user as admin without creating a user table?
https://github.com/supabase-community/supabase-custom-claimshttps://github.com/point-source/supabase-tenant-rbac I wrote the first one, the second one was built with mine as a base. If you have questions please let me know -- I'm happy to help.
-
Allowing users to invite others with Supabase Edge Functions
I also had to modify the library I was using (custom-claims) to consider the service_role as an admin.
-
Admin role
What you're looking for is custom claims.check it here
-
Role-based Access Control / Groups / Tenancy
This is built off the original custom-claims project.
-
A note from our sponsor - WorkOS
workos.com | 29 Apr 2024
Stats
The primary programming language of supabase-custom-claims is JavaScript.
Sponsored