Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

How would I detect the role of a user through the Supabase SDK from a JWT token (including service role and anon)? Would it just be `userData.data` since I know `userData.user` is null when an anon or service role token is provided. Also, what's the easiest way to forbid users from any database access and only allow function access?

Hello <@652314275188310020>!
This thread has been automatically created from your message in <#843999948717555735> a ``few seconds ago``.

Pinging <@&951828363943759883> so that they see this as well!

**Want to unsubscribe from this thread?**
Right-click the thread in Discord (or use the ... menu) and select **Leave Thread** to unsubscribe from future updates.

**Want to change the title?**
Use the `/title` command!

**We have solved your problem?**
Click the button below to archive it.

As to your second question no easiest way.  Two main ways are to put all your tables in a custom schema.  Then the API will not have access.  Leave your rpc in public so they are accessible.  

2nd way would be to turn RLS on and set policies to false on all tables.  Then your rpc functions would need to be security definer functions to bypass RLS.