Hi guys and Supabase team! I've been working with Supabase and Next for a few months building isomorphic e-commerce application. As far as I can tell now, it's not possible to build an entire application using only Supabase client and Next. The blocker is that the Supabase client is only accessing the database from the client side — so I can not deal with things like placing orders, creating transactions or user notifications from client side. Even with anon key every user can generate notifications for himself and these notifications will be valid. To do so, user don’t even need to dig into source code, just open browser dev tools and find the request. Having this request user is able to repeat it with curl, changing the parameters as he likes. Same thing with placing orders, changing account balance, etc. Next offers API Routes for this, so I can isolate all necessary logic on server side and user will not be able to bypass server side checks. But Supabase client is not working server side so it is not the solution. And then it turns out that Supabase is not an alternative to Firebase, with which you can build application, but a replacement for database providers such as Atlas. Convenient way to get database up and running. Am I wrong and missing something? And how do you solve this issues in your projects?

Why do you say the client is not working serverside? I am running nextjs + supabase in production and this is not an issue. Are you setting up another client with the service key?

thank you for your reply. supabase client is working in api routes server-side? well it is something new for me.

You can use the service api key (as opposed to anon key). This lets you pass RLS

I don't want to bypass RLS, I actually want to get data server-side with respect of configured RLS. As I can see, I should set auth cookie on client and then read it on server and pass to Supabase.

Hi ! From what I understand of your problem indeed that would be how to do it : https://github.com/supabase/supabase/discussions/2125. Is this blocking to you ?