Skip to content

[pull] master from supabase:master #887

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pull merged 7 commits into from
May 4, 2026
Merged

[pull] master from supabase:master #887

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
89e291a
docs: prefer publishable/secret key naming in SDK specs (#45372)
mandarini May 4, 2026
bc9ecfb
Minor clean up for preview branch call outs (#45448)
joshenlim May 4, 2026
3036bb1
[FE-3134] fix(studio): handle ALTER TABLE IF EXISTS in RLS detection …
alaister May 4, 2026
12521f5
Shift feature preview badge on merge page (#45508)
joshenlim May 4, 2026
5a5a2fc
fix: Database tables filter has a smaller tap-target than its visual …
djhi May 4, 2026
4a702c4
fix(studio): show effective Max IOPS in DB observability (#45363)
jordienr May 4, 2026
e61853c
fix(studio): clarify default privileges toggle covers tables (#45458)
inian May 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions apps/docs/spec/storage_v0_config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ info:
id: 'storage' # {string} A unique ID for this tool.
version: 'next' # {string} The current version number of the tool.
title: 'Storage' # {string} A readable name.
source: 'https://github.com/supabase/storage-api' # {string} Where developers can find the source code.
bugs: 'https://github.com/supabase/storage-api/issues' # {string} Where developers can file bugs.
spec: 'https://github.com/supabase/supabase/blob/master/spec/storage_v1_config.yml' # {string} Where developers can find this spec (to link directly in the docs).
source: 'https://github.com/supabase/storage' # {string} Where developers can find the source code.
bugs: 'https://github.com/supabase/storage/issues' # {string} Where developers can file bugs.
spec: 'https://github.com/supabase/supabase/blob/master/spec/storage_v0_config.yml' # {string} Where developers can find this spec (to link directly in the docs).
description: |
A sample `.env` file is located in the [storage repository](https://github.com/supabase/storage-api/blob/master/.env.sample).

Expand Down
6 changes: 3 additions & 3 deletions apps/docs/spec/supabase_dart_v2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2114,15 +2114,15 @@ functions:
- id: admin-api
title: 'Overview'
notes: |
- Any method under the `supabase.auth.admin` namespace requires a `service_role` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `service_role` key in the Flutter app.
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the Flutter app.
examples:
- id: create-auth-admin-client
name: Create server-side auth client
isSpotlight: true
code: |
```dart
final supabase = SupabaseClient(supabaseUrl, serviceRoleKey);
final supabase = SupabaseClient(supabaseUrl, secretKey);
```
- id: get-user-by-id
title: 'getUserById()'
Expand Down
14 changes: 7 additions & 7 deletions apps/docs/spec/supabase_js_v2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ functions:
```js
import { createClient } from '@supabase/supabase-js'

const supabase = createClient(supabase_url, anon_key)
const supabase = createClient(supabase_url, publishable_key)
```
- id: create-auth-client-server-side
name: Create auth client (server-side)
Expand All @@ -42,7 +42,7 @@ functions:
```js
import { createClient } from '@supabase/supabase-js'

const supabase = createClient(supabase_url, anon_key, {
const supabase = createClient(supabase_url, publishable_key, {
auth: {
autoRefreshToken: false,
persistSession: false,
Expand Down Expand Up @@ -159,8 +159,8 @@ functions:
- id: admin-api
title: Overview
notes: |
- Any method under the `supabase.auth.admin` namespace requires a `service_role` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `service_role` key in the browser.
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
examples:
- id: create-auth-admin-client
name: Create server-side auth client
Expand All @@ -169,7 +169,7 @@ functions:
```js
import { createClient } from '@supabase/supabase-js'

const supabase = createClient(supabase_url, service_role_key, {
const supabase = createClient(supabase_url, secret_key, {
auth: {
autoRefreshToken: false,
persistSession: false
Expand Down Expand Up @@ -213,7 +213,7 @@ functions:
title: Custom OIDC/OAuth Provider Admin API
notes: |
- These methods allow you to manage custom OIDC/OAuth providers programmatically.
- Requires `service_role` key.
- Requires `secret` key.
- Custom providers use the `custom:` prefix when signing in (e.g., `custom:my-oidc-provider`).
- id: admin-custom-providers-create
$ref: '@supabase/auth-js.GoTrueAdminCustomProvidersApi.createProvider'
Expand Down Expand Up @@ -590,7 +590,7 @@ functions:
notes: |
The OAuth Admin API allows you to manage OAuth clients programmatically.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
These functions should only be called on a server. Never expose your `service_role` key in the browser.
These functions should only be called on a server. Never expose your `secret` key in the browser.
- id: auth-js-gotrueadminoauthapi-createclient
$ref: '@supabase/auth-js.GoTrueAdminOAuthApi.createClient'
- id: auth-js-gotrueadminoauthapi-deleteclient
Expand Down
24 changes: 12 additions & 12 deletions apps/docs/spec/supabase_kt_v2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Auth)
install(Postgrest)
Expand All @@ -140,7 +140,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Auth) {
alwaysAutoRefresh = false // default: true
Expand Down Expand Up @@ -197,7 +197,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Postgrest) {
defaultSchema = "schema" // default: "public"
Expand All @@ -219,7 +219,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Storage) {
transferTimeout = 90.seconds // Default: 120 seconds
Expand All @@ -246,7 +246,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Realtime) {
reconnectDelay = 5.seconds // Default: 7 seconds
Expand All @@ -273,7 +273,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Functions) {
//no custom settings
Expand All @@ -290,7 +290,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(GraphQL) {
apolloConfiguration {
Expand Down Expand Up @@ -2816,7 +2816,7 @@ functions:
isSpotlight: true
code: |
```kotlin
val supabase = createSupabaseClient(supabaseURL = "https://xyzcompany.supabase.co'", supabaseKey = "publishable-or-anon-key") { ... }
val supabase = createSupabaseClient(supabaseUrl = "https://xyzcompany.supabase.co", supabaseKey = "your-publishable-key") { ... }
val auth = supabase.auth
```
- id: sign-up
Expand Down Expand Up @@ -3973,8 +3973,8 @@ functions:
- id: admin-api
title: 'Overview'
notes: |
- Any method under the `supabase.auth.admin` namespace requires a `service_role` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `service_role` key in the browser.
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
examples:
- id: create-auth-admin-client
name: Create server-side auth client
Expand All @@ -3988,9 +3988,9 @@ functions:
install(Auth) {
minimalSettings() //disables session saving and auto-refreshing
}
// install other plugins (these will use the service role key)
// install other plugins (these will use the secret key)
}
supabase.auth.importAuthToken("service_role")
supabase.auth.importAuthToken("your-secret-key")

// Access auth admin api
val adminAuthClient = supabase.auth.admin
Expand Down
24 changes: 12 additions & 12 deletions apps/docs/spec/supabase_kt_v3.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Auth)
install(Postgrest)
Expand All @@ -145,7 +145,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Auth) {
alwaysAutoRefresh = false // default: true
Expand Down Expand Up @@ -202,7 +202,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Postgrest) {
defaultSchema = "schema" // default: "public"
Expand All @@ -228,7 +228,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Storage) {
transferTimeout = 90.seconds // Default: 120 seconds
Expand All @@ -255,7 +255,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Realtime) {
reconnectDelay = 5.seconds // Default: 7 seconds
Expand All @@ -282,7 +282,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(Functions) {
//no custom settings
Expand All @@ -299,7 +299,7 @@ functions:
```kotlin
val supabase = createSupabaseClient(
supabaseUrl = "https://xyzcompany.supabase.co",
supabaseKey = "publishable-or-anon-key"
supabaseKey = "your-publishable-key"
) {
install(GraphQL) {
apolloConfiguration {
Expand Down Expand Up @@ -2911,7 +2911,7 @@ functions:
isSpotlight: true
code: |
```kotlin
val supabase = createSupabaseClient(supabaseUrl = "https://xyzcompany.supabase.co'", supabaseKey = "publishable-or-anon-key") { ... }
val supabase = createSupabaseClient(supabaseUrl = "https://xyzcompany.supabase.co", supabaseKey = "your-publishable-key") { ... }
val auth = supabase.auth
```
- id: sign-up
Expand Down Expand Up @@ -4165,8 +4165,8 @@ functions:
- id: admin-api
title: 'Overview'
notes: |
- Any method under the `supabase.auth.admin` namespace requires a `service_role` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `service_role` key in the browser.
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
examples:
- id: create-auth-admin-client
name: Create server-side auth client
Expand All @@ -4180,9 +4180,9 @@ functions:
install(Auth) {
minimalConfig() //disables session saving and auto-refreshing
}
// install other plugins (these will use the service role key)
// install other plugins (these will use the secret key)
}
supabase.auth.importAuthToken("service_role")
supabase.auth.importAuthToken("your-secret-key")

// Access auth admin api
val adminAuthClient = supabase.auth.admin
Expand Down
28 changes: 14 additions & 14 deletions apps/docs/spec/supabase_py_v2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2135,8 +2135,8 @@ functions:
- id: admin-api
title: 'Overview'
notes: |
- Any method under the `supabase.auth.admin` namespace requires a `service_role` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `service_role` key in the browser.
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
examples:
- id: create-auth-admin-client
name: Create server-side auth client
Expand All @@ -2148,7 +2148,7 @@ functions:

supabase = create_client(
supabase_url,
service_role_key,
secret_key,
options=ClientOptions(
auto_refresh_token=False,
persist_session=False,
Expand All @@ -2168,7 +2168,7 @@ functions:
description: |
The user's unique identifier

This function should only be called on a server. Never expose your `service_role` key in the browser.
This function should only be called on a server. Never expose your `secret` key in the browser.
notes: |
- Fetches the user object from the database based on the user's id.
- The `get_user_by_id()` method requires the user's id which maps to the `auth.users.id` column.
Expand Down Expand Up @@ -2397,8 +2397,8 @@ functions:
description: |
If true, then the user will be soft-deleted (setting `deleted_at` to the current timestamp and disabling their account while preserving their data) from the auth schema. Defaults to false for backward compatibility.

This function should only be called on a server. Never expose your `service_role` key in the browser.
description: Delete a user. Requires a `service_role` key.
This function should only be called on a server. Never expose your `secret` key in the browser.
description: Delete a user. Requires a `secret` key.
notes: |
- The `delete_user()` method requires the user's ID, which maps to the `auth.users.id` column.
examples:
Expand Down Expand Up @@ -2655,7 +2655,7 @@ functions:
description: |
The data you want to update.

This function should only be called on a server. Never expose your `service_role` key in the browser.
This function should only be called on a server. Never expose your `secret` key in the browser.
subContent:
- name: app_metadata
isOptional: true
Expand Down Expand Up @@ -2825,7 +2825,7 @@ functions:
title: 'Overview'
notes: |
- OAuth 2.1 client administration endpoints are available via the `supabase.auth.admin.oauth` namespace.
- These methods require a `service_role` key and should only be called server-side.
- These methods require a `secret` key and should only be called server-side.
- Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
- This is an alpha feature and may change in the future.

Expand All @@ -2834,7 +2834,7 @@ functions:
description: |
Lists OAuth clients with optional pagination.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand Down Expand Up @@ -2872,7 +2872,7 @@ functions:
description: |
Creates a new OAuth client.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand Down Expand Up @@ -2923,7 +2923,7 @@ functions:
description: |
Updates an existing OAuth client.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand Down Expand Up @@ -2971,7 +2971,7 @@ functions:
description: |
Retrieves details of an OAuth client by ID.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand All @@ -2992,7 +2992,7 @@ functions:
description: |
Deletes an OAuth client.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand All @@ -3013,7 +3013,7 @@ functions:
description: |
Regenerates the client secret for an OAuth client.
notes: |
- Requires `service_role` key.
- Requires `secret` key.
- Only available when OAuth 2.1 server is enabled.
- This is an alpha feature and may change in the future.
params:
Expand Down
Loading
Loading