SupabaseS
Supabase2y ago
Deleted User

supabase-js createServerClient doesn't work with service role?

I can use the service role in a NextJS Route Handler to bypass RLS. This code works: 

import { createClient } from "@supabase/supabase-js";

export async function POST(request: Request) {
  const adminClient = createClientJS(projectUrl, serviceRole);
  const res = await adminClient
    .from("profiles")
    .update({ credits: 123 })
    .eq("id", userId)
    .select();
  console.dir(res, { depth: null });


If I follow the docs for NextJS (https://supabase.com/docs/guides/auth/server-side/creating-a-client?environment=route-handler)

It works when using the anon key but not the service role key:

import { createServerClient, type CookieOptions } from '@supabase/ssr'
import { cookies } from 'next/headers'

export async function POST(request: Request) {
  const cookieStore = cookies();
  const adminClient2 = createServerClient(projectUrl, serviceRole, {
    cookies: {
      get(name: string) {
        return cookieStore.get(name)?.value;
      },
      set(name: string, value: string, options: CookieOptions) {
        cookieStore.set({ name, value, ...options });
      },
      remove(name: string, options: CookieOptions) {
        cookieStore.set({ name, value: "", ...options });
      },
    },
  });

  const res = await adminClient2
    .from("profiles")
    .update({ credits: 123 })
    .eq("id", userId)
    .select();
  console.dir(res, { depth: null });


The console.dir returns a status of 200 and no errors but the database isn't updated.

I guess it doesn't really make sense to use the user's cookies as these aren't relevant when using the service role. Should I just use createClient as I did in my first code example?
Creating a Supabase client for SSR | Supabase Docs
Configure Supabase client to use Cookies
Was this page helpful?