SupabaseS
Supabase4y ago
Deleted User

Custom claims package

Hi everyone, I'm using this package here for authorization and storing some additional metadata: https://github.com/supabase-community/supabase-custom-claims

The way it is set up it allows users with the claims_admin claim change claims. Now what I want to do is also let my service role update claims. Currently the function looks like this:

    BEGIN
      IF NOT is_claims_admin() THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;


I want something like this but I don't know how to achieve it:

    BEGIN
      IF NOT is_claims_admin() OR **SERVICE_ROLE** THEN
          RETURN 'error: access denied';
      ELSE        
        update auth.users set raw_app_meta_data = 
          raw_app_meta_data || 
            json_build_object(claim, value)::jsonb where id = uid;
        return 'OK';
      END IF;
    END;


Sorry for tagging you @Mark Burggraf but you seem to be the maintainer of that package.
GitHub
GitHub - supabase-community/supabase-custom-claims: How to implemen...
How to implement custom claims with Supabase. Contribute to supabase-community/supabase-custom-claims development by creating an account on GitHub.
Was this page helpful?