> ## Documentation Index
> Fetch the complete documentation index at: https://opensre.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Supabase

> Connect Supabase so OpenSRE can diagnose database, API, and authentication issues during investigations

Supabase powers many modern applications. When something goes wrong with your database, APIs, or authentication flows, OpenSRE can use your Supabase project configuration to investigate issues, inspect resources, and gather operational insights.

## What you'll need

* A Supabase project
* Your Supabase Project URL
* A Supabase Service Role Key
* Permissions to access project resources

## Connecting Supabase

### Guided walkthrough

Let's set this up together:

```bash theme={null}
opensre integrations setup
```

Pick **Supabase** and enter your project credentials when prompted.

### DIY: Using environment variables

Or add these directly to your `.env`:

```bash theme={null}
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_SERVICE_KEY=your_service_role_key
```

| Variable               | Description               |
| ---------------------- | ------------------------- |
| `SUPABASE_URL`         | Supabase project URL      |
| `SUPABASE_SERVICE_KEY` | Supabase service role key |

### Option 3: Persistent store

```json theme={null}
{
  "version": 1,
  "integrations": [
    {
      "id": "supabase-prod",
      "service": "supabase",
      "status": "active",
      "credentials": {
        "url": "https://your-project.supabase.co",
        "service_key": "your_service_role_key"
      }
    }
  ]
}
```

## Finding your Supabase credentials

1. Log in to Supabase
2. Open your project
3. Navigate to **Settings** → **API**
4. Copy the **Project URL**
5. Copy the **Service Role Key**
6. Add these values to your OpenSRE configuration

<Info>
  The Service Role Key has elevated privileges. Store it securely and never expose it in client-side applications or public repositories.
</Info>

## Investigation tools

When OpenSRE investigates a Supabase-related alert, these tools are available:

### Service health

Checks the health of PostgREST, Auth, Storage, and other Supabase services for the project. Useful when triaging 503 or 401 errors from a Supabase-backed application.

### Storage buckets

Lists all Storage buckets and their configuration metadata — public vs private access, file size limits, and allowed MIME types.

## Verify it works

Let's make sure everything is connected:

```bash theme={null}
opensre integrations verify supabase
```

Expected output:

```
Service: supabase
Status: passed
Detail: Connected to Supabase project ...
```

## Troubleshooting

| Symptom                                 | Fix                                                                                    |
| --------------------------------------- | -------------------------------------------------------------------------------------- |
| **401 Unauthorized**                    | Confirm the **Service Role Key** (not the anon key) is set in `SUPABASE_SERVICE_KEY`.  |
| **Invalid project URL**                 | Use the Project URL from Settings → API (`https://your-project.supabase.co`).          |
| **Health check shows degraded service** | Check the Supabase status page and project dashboard for the affected service.         |
| **Storage bucket not found**            | Verify the bucket name in the investigation matches an existing bucket in the project. |

## Security best practices

* Use the **service role key** only on the server side — never in client apps or public repos.
* Rotate the service role key if it is ever exposed.
* Prefer a dedicated Supabase project or restricted key for investigation workloads when possible.
