Data API 406 with Accept-Profile custom schema (‘seocc’), PostgREST serving stale schema list
Trying to use a custom schema ‘seocc’ via Data API (supabase-js v2, per-query .schema('seocc')) for CRUD on seocc.websites (RLS in place;
public.profiles.company_id set).
Issue
- Every request with Accept-Profile: seocc returns 406:
- “The schema must be one of the following: public, slechthorenden_transcriptie”
- “slechthorenden_transcriptie” is an old schema from a previous setup and is NOT listed in Exposed schemas anymore.
Env
- Supabase Cloud
- Web, Next.js 15.3.2
- @supabase/supabase-js 2.49.x
- Project ref: klxhviaxokocbitjdyfj
- Project Settings → API:
- Exposed schemas: ‘seocc’ (+ public)
- Extra search path: ‘public, extensions, seocc’
- Data API enabled
- Clicked Save (reload), toggled Data API off/on, Restarted project
Tried (SQL)
- Grants per docs (USAGE on schema, ALL on tables/routines/sequences, ALTER DEFAULT PRIVILEGES) for anon/authenticated/service_role
- Force config + reload:
- alter role authenticator set pgrst.db_schemas = 'public,seocc';
- alter role authenticator set pgrst.db_extra_search_path = 'public,extensions,seocc';
- notify pgrst;
- select current_setting('pgrst.db_schemas', true); → null
Minimal repro (browser console)
- Fails (406):
await fetch('https://<PROJECT>.supabase.co/rest/v1/websites?select=*', {
headers:{apikey:'<ANON>',Authorization:'Bearer <ANON>','Accept-Profile':'seocc'}
}).then(async r=>({status:r.status, text:await r.text()}))
- With Accept-Profile: public: not 406 (expected, table is not in public)
Questions
1. How to force the live PostgREST instance to pick up Exposed schemas (pgrst.db_schemas) on Cloud? Any step beyond Save/toggle/restart?
2. Is current_setting('pgrst.db_schemas', true) returning null expected on Cloud, and are ALTER ROLE ...; NOTIFY pgrst; ignored?
Workaround
I can use a public view or public RPCs that call into seocc (RLS still applies), but prefer first‑class Accept-Profile: seocc.
4 Replies
They normally just work on the cloud with the change.
Try restarting.
Are you sure this code is going to the same instance (not local or another hosted)?
The error implies those are the only two schemas in your API list.
406 could also be grants, but I would not expect the error you are seeing. If you are using the REST API directly there are 2 headers involved with schemas depending on the operation. Just heads up. On 2 I get null on a working instance.
406 could also be grants, but I would not expect the error you are seeing. If you are using the REST API directly there are 2 headers involved with schemas depending on the operation. Just heads up. On 2 I get null on a working instance.
Thanks for the pointers. Quick answers + hard facts:
project ref we see in the dashboard.
- Headers: using Accept-Profile for reads and Content-Profile for writes. Repro below uses Accept-Profile for GET.
- Grants: applied per docs on schema/table/routines/sequences + default privileges. public endpoints behave normally.
- Restarted: Saved “Exposed schemas” multiple times, toggled Data API off/on, Restarted project.
Minimal repro (browser console)
(using the project in question)
await fetch('https://.supabase.co/rest/v1/websites?select=*', {
headers: {
apikey: '<ANON>',
Authorization: 'Bearer <ANON>',
'Accept-Profile': 'seocc'
}
}).then(async r => ({ status: r.status, text: await r.text() }))
// => 406 with message: “The schema must be one of the following: public, slechthorenden_transcriptie”
Notes
- “slechthorenden_transcriptie” is an old schema from a previous setup and is NOT in Exposed schemas anymore. That’s why I suspect a
stale PostgREST allowed-schema list on the live API.
- current_setting('pgrst.db_schemas', true) returns null for me too (matches your note). I also tried:
- alter role authenticator set pgrst.db_schemas = 'public,seocc';
- alter role authenticator set pgrst.db_extra_search_path = 'public,extensions,seocc';
- notify pgrst;
(and the database‑qualified variant) — no change in behavior.
Questions
1. Is there a supported way on Cloud to force the live PostgREST to refresh its allowed schema list (beyond Save/toggle/restart)?
2. Is ALTER ROLE … SET pgrst.db_schemas … ignored on Cloud (managed config), and if so, how can I verify what the live instance is using?
3. Anything else I might be missing to get Accept-Profile: seocc working? Public endpoints and RLS are fine; only the schema switch gets
406 with that old schema name.
Restart of the instance (though normally not needed) would load the new parameters.
Search path is not involved.
Not had a user hit this before here or github that I recall.
The fact the old schema name is in the error says the instance you are going to thinks that is the setting.
Contacting support is probably best bet at this point.
I'll start a ticket. Ill give the solution here and mark solved when solved