Can't access Vault secrets from Edge Functions without making them publicly accessible

Hi there!

I'm trying to make it so that decrypted secrets in Supabase Vault are available from Edge Functions (acting as the 'service_role' role) but not to users.

I've tried creating a database function, which works except that

security definer

security definer

makes it publicly accessible and

security invoker

security invoker

makes it not even accessible to the

service_role

service_role

user in the backend.

I've tries creating a view, but this isn't accessible to any users (even

service_role

service_role

) and Supabase doesn't let me edit RLS on either the vault or the view.

Where am I going wrong here? Thanks!

Supabase•3y ago•

2 replies

Jeremy Evans

Can't access Vault secrets from Edge Functions without making them publicly accessible

security definer

security definer

makes it publicly accessible and

security invoker

security invoker

makes it not even accessible to the

service_role

service_role

user in the backend.

I've tries creating a view, but this isn't accessible to any users (even

service_role

service_role

) and Supabase doesn't let me edit RLS on either the vault or the view.

Where am I going wrong here? Thanks!

Can't access Vault secrets from Edge Functions without making them publicly accessible

Similar Threads

Can't access Vault secrets from Edge Functions without making them publicly accessible

Similar Threads

Similar Threads

Similar Threads