truffle_search
KKinde
•Created by truffle_search on 5/13/2024 in #💻┃support
Kinde + Supabase
Hi, I'm trying to enable RLS in Supabase by syncing the Kinde Client Secret with the Supabase JWT Secret. The idea is to parse the 'sub' attribute from the JWT and then match it against a user_id value in the target db table. (before granting SELECT permission) I've been following this handy guide:
https://kinde.com/blog/engineering/kinde-with-supabase/
But I'm using the Next.js app router, not the pages router, and I need some help understanding how to adapt this to the app router.
I can get the frontend to successfully retrieve data with RLS disabled, but I can't seem to get RLS to work. I suspect that the token may not be passing successfully to Supabase??.. even though according to the guide, "Supabase automatically authenticates the API connections with the JWT token that we have setup. Since our Kinde and Supabase token secrets are the same (See the Supabase Setup above), the authentication handshake should be done automatically and we do not have to do anything else."
I'm also unclear about how to implement the Supabase db function (get_user_id() in the guide) - does this get referenced in the RLS policy itself? Or does it automatically trigger based on a db SELECT call?
Thanks very much for any advice !! I'm somewhat of a newbie to all this!
6 replies