Sign in
S
Integration

DeployDoc for Supabase

Audit Supabase env vars, RLS + GRANT coverage, redirect URLs, and service-role placement in one diagnosis pass.

Educational recipeEducational recipe — pair with the Vercel/Netlify connector for full coverage.

What commonly breaks on Supabase

  • service_role key bundled into the client via NEXT_PUBLIC_ / VITE_.
  • New public-schema table without matching GRANT statements.
  • RLS enabled but no policy for the CRUD action the app performs.
  • Site URL still localhost in production.
  • OAuth provider redirect URI missing /auth/v1/callback.

What DeployDoc checks

  • service_role placement: server-only paths vs client bundles.
  • Migrations: CREATE TABLE in public without GRANTs.
  • Auth Site URL and Redirect URL allow-list.
  • OAuth provider redirect URIs matching Supabase callback.
  • Realtime publication coverage for subscribed tables.

Can automate

  • Static analysis of Supabase env placement.
  • Migration linting for grants and policies.
  • Auth URL allow-list diff.

Cannot automate

  • Writing or applying SQL migrations.
  • Rotating leaked service-role keys.
  • Editing Supabase project settings.

Get started with Supabase

Run a diagnosis on a recent failed build, or connect Supabase for one-click fixes where supported.

Diagnose a deployment Manage connections

Related