--- title: Supabase API Integration on Truto slug: supabase category: Application Development canonical: "https://truto.one/integrations/detail/supabase/" --- # Supabase API Integration on Truto **Category:** Application Development **Status:** Generally available ## Unified APIs ### Unified User Directory API - **Organizations** — Organizations are the top level entity in the source application. Users are associated with an organization. - **Roles** — The Role object represents a role of a User. - **Users** — The User object represents a User. ## How it works 1. **Link your customer's Supabase account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach Supabase.** The Proxy API is a 1-to-1 mapping of the Supabase API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Sync user directories into Supabase for seamless RBAC** — An IAM or HR platform can push organizations, roles, and users directly into a customer's Supabase project, ensuring Row Level Security policies recognize the correct tenant and role assignments without manual data entry. - **Automate Supabase project provisioning for end users** — A no-code app builder or AI agent platform can use Supabase's Management API via OAuth to spin up new database instances, run schema migrations, and inject API keys — all on behalf of the end user without touching their Supabase dashboard. - **Pipe product analytics data into customer-owned Supabase databases** — A B2B analytics SaaS can bulk-sync event telemetry into a customer's Supabase tables via the PostgREST Data API, letting the customer join that data with their own tables using native SQL for custom dashboards. - **Enable AI-powered search by writing vector embeddings to Supabase** — An AI tooling company can write and index pgvector embeddings directly into a customer's Supabase project, giving end users a fully owned RAG datastore without standing up separate vector infrastructure. - **Subscribe to real-time database changes to trigger cross-product workflows** — A workflow automation or notification SaaS can listen for row-level mutations in a customer's Supabase tables via Realtime WebSockets, triggering alerts, syncs, or downstream actions the moment data changes. ## What you can build - **Automated user and role provisioning into Supabase** — Push newly created users, role assignments, and organization structures from your product directly into a customer's Supabase public.profiles and user_roles tables so their RLS policies work instantly. - **Organization-aware directory sync via Unified User Directory API** — Map your product's organization, role, and user models to Truto's Unified User Directory API to read and write directory data across Supabase and other connected platforms in a single schema. - **One-click Supabase project setup for new customers** — Use Supabase's OAuth-based Management API to provision a new Postgres database, apply your required schema migrations, and store the resulting connection credentials — all from within your onboarding flow. - **Bi-directional data sync between your SaaS and Supabase tables** — Perform full CRUD operations on any customer-exposed Supabase table via PostgREST, keeping your product's data model and the customer's database continuously in sync. - **Real-time event listener for Supabase row changes** — Subscribe to INSERT, UPDATE, or DELETE events on customer tables through Supabase Realtime to trigger notifications, analytics pipelines, or workflow automations in your product. ## FAQs ### How does authentication work when connecting to a customer's Supabase account? Supabase supports OAuth 2.1 for its Management API, allowing your end users to authorize access to their Supabase Organization securely. For Data API (PostgREST) access, connections typically use the project's service_role or anon API key combined with the project URL. Truto handles storing and managing these credentials on your behalf. ### What Unified APIs does Truto support for Supabase? Truto maps Supabase to the Unified User Directory API, which covers Organizations, Roles, and Users. This lets you read and write directory data in a normalized schema across Supabase and other integrated platforms. ### Are there specific Truto tools available for Supabase today? Supabase tools are built on request. If your use case requires specific operations — such as Management API project provisioning, PostgREST CRUD, or Realtime subscriptions — Truto can build and ship the required tools tailored to your workflow. ### Does Supabase impose rate limits on its APIs? Supabase applies rate limits that vary by plan tier and API surface. The Management API has stricter per-minute limits, while the PostgREST Data API throughput is largely governed by the underlying Postgres connection pool and project plan. Truto handles pagination and request management to work within these constraints. ### Can I write to custom tables in a customer's Supabase project? Yes. Supabase's PostgREST API auto-generates endpoints for any table or view exposed in the public schema. As long as the customer has granted appropriate API key access, you can perform CRUD operations on custom tables, including those with custom columns and relationships. ### How does Truto handle Supabase's Row Level Security when writing data? RLS policies are enforced at the Postgres level. When using the anon key, all requests are subject to RLS. When using the service_role key, RLS is bypassed. Truto stores whichever key the end user provides during the connection setup, so the security posture is determined by the customer's own configuration.