Quickback Docs
Quickback for Supabase

Setup

Configure the Supabase RLS target, compile your definitions, and apply the generated migrations.

Prerequisites

  • A Supabase project (free tier is fine for development)
  • The Supabase CLI installed: npm install -g supabase
  • A Quickback project (quickback create or existing)

1. Configure the target

quickback/quickback.config.ts
import { defineConfig, defineRuntime, defineDatabase, defineAuth } from "@quickback/compiler";

export default defineConfig({
  name: "my-app",
  providers: {
    runtime: defineRuntime("supabase"),
    database: defineDatabase("supabase"),
    auth: defineAuth("supabase-auth"),
  },
});

The supabase-auth provider tells Quickback to emit RLS policies that reference auth.uid() — Supabase's built-in JWT claim function — rather than the Better Auth equivalents used by the Neon target.

2. Compile

quickback compile

This generates:

supabase/
├── migrations/
│   ├── 0100_create_rls_helpers.sql      # get_active_org_id(), has_any_role(), etc.
│   ├── 0101_create_rls_policies.sql     # Per-table SELECT/INSERT/UPDATE/DELETE policies
│   └── 0102_create_audit_triggers.sql   # Optional audit logging
src/
├── db/
│   └── schema.ts                         # Drizzle schema (typed access from your app)

3. Apply migrations

supabase db push

Supabase applies the migrations to your remote project. RLS is enabled on every generated table and the deny-anon policy is installed.

4. Use from your app

Quickback for Supabase doesn't generate API routes. Your application code (PostgREST, Edge Functions, your own server) talks to Supabase as normal — the RLS policies are enforced beneath it.

import { createClient } from '@supabase/supabase-js';

const supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY, {
  global: { headers: { Authorization: `Bearer ${userJwt}` } },
});

// RLS policies generated by Quickback enforce row-level access
const { data } = await supabase.from('projects').select('*');

Updating the schema

Edit your defineTable() files, recompile, and push:

quickback compile
supabase db push

The compiler diffs against the previous compilation and emits a new migration only for what changed.

Comparison with the Neon target

SupabaseNeon
Auth functionauth.uid()auth.user_id()
Auth providerSupabase AuthBetter Auth + Neon Authorize
Users tableauth.userspublic.users
API code generatedNoYes (Hono routes)

Both targets emit RLS policies. The difference is who issues the JWTs and where the application logic lives.

Quickback for Supabase RLS

Compile your Quickback definitions into Postgres Row Level Security policies for Supabase. Keep Supabase Auth, Storage, and Realtime — Quickback generates the security layer.

Mappings

How Quickback definitions compile to PostgreSQL Row Level Security policies for Supabase.

On this page

Prerequisites1. Configure the target2. Compile3. Apply migrations4. Use from your appUpdating the schemaComparison with the Neon target