How can Webhook Edge function authenticate itself without user's access token?
I have a webhook that sends me subscription_renewed events with user id (Qonversion, RevenueCat and similar).
I want to create an Edge function that will update a row in database (add some credits). But the webhook request can't contain any given users' access token (it's async event from 3rd party, I just know the user id). Since the table has RLS applied, how can the Edge function perform the operation?
Should I maybe create a special role just for the Edge function and adjust the RSL policy? How would the Edge function authenticate itself with this new role?
Just to be clear, I know how to authorize the request/response between Qonversion and the Edge function endpoint - Qonversion can put custom token into the request header. But I don't know how to authorize the Edge function to work with Supabase tables in this setup.
Thank you.
I want to create an Edge function that will update a row in database (add some credits). But the webhook request can't contain any given users' access token (it's async event from 3rd party, I just know the user id). Since the table has RLS applied, how can the Edge function perform the operation?
Should I maybe create a special role just for the Edge function and adjust the RSL policy? How would the Edge function authenticate itself with this new role?
Just to be clear, I know how to authorize the request/response between Qonversion and the Edge function endpoint - Qonversion can put custom token into the request header. But I don't know how to authorize the Edge function to work with Supabase tables in this setup.
Thank you.
