I'm trying to make a RLS policy where anyone can get rows from a table but only specific information is returned, here's what i have so far but its giving me a syntax error:

sql
CREATE POLICY "Public profiles with minimal data"
ON public.profiles
FOR SELECT USING (
  SELECT id, preferred_name, identity_data - 'email' identity_data, access FROM public.profiles 
);

RLS policy is you can get the row or not. It is just like an extra AND on your api query. If you want to limit columns you have to do rpc/function or a view. Well there is also column security in Postgresql, but I've not seen a good use case with auth users.

Ohhh okay, thanks! I'll look into making a RPC.