RLS accidentally enabled on auth.users — can't disable
Hi,
I’m working on my project and somehow Row Level Security (RLS) got enabled on the auth.users table. Since this table is locked, I can’t disable RLS or create any policies, and now all signups fail with "Database error saving new user".
im new to supabase so i dont know what to do honestly
thanks in advance!!
14 Replies
Im no expert but, I think you can modify the RLS policies of auth schema through the SQL Editor
Appreciate it will try when im on my laptop again!!🙏🏻
Why do you think this has to do with RLS?
Do you have a trigger on auth.users?
Excuse my lack of knowledge im new honestly i dont know
Nope i got nothing on auth.users its literally locked :((
Check the postgres logs in the dashboard.
Check the Trigger UI for auth schema
But RLS is enabled for auth.users normally for all roles but the auth admin role and it does not impact the auth process. No other user roles are allowed to access the schema so RLS should not matter.
yes my bad the problem isnt really about RLS
When I try to sign up a new user via /auth/v1/signup, I get:
Database error saving new user
I checked my database schema with:
SELECT column_name, data_type, is_nullable, column_default
FROM information_schema.columns
WHERE table_schema = 'auth'
AND table_name = 'users';When I try to sign up a new user via /auth/v1/signup, I get:
Database error saving new user
I checked my database schema with:
SELECT column_name, data_type, is_nullable, column_default
FROM information_schema.columns
WHERE table_schema = 'auth'
AND table_name = 'users';
and found that the id column in auth.users is:
id | uuid | NOT NULL | (no default)
By default, Supabase creates this column with:
DEFAULT gen_random_uuid()
Since the default is missing, inserts into auth.users fail because id is NOT NULL and no value is provided.
I tried to run:
ALTER TABLE auth.users
ALTER COLUMN id SET DEFAULT gen_random_uuid();
but got:
ERROR: must be owner of table users
I can’t fix this because I’m not the owner of the table.
and found that the id column in auth.users is:
id | uuid | NOT NULL | (no default)
By default, Supabase creates this column with:
DEFAULT gen_random_uuid()
Since the default is missing, inserts into auth.users fail because id is NOT NULL and no value is provided.
I tried to run:
ALTER TABLE auth.users
ALTER COLUMN id SET DEFAULT gen_random_uuid();
but got:
ERROR: must be owner of table users
So I can’t fix this myself.
You don't need to modify and can't modify the auth schema.
Did you look in the two places I suggested.
There is no default on id column. The auth server adds its own UUID value.
really?? thank you yes i did check in the two places u suggested i will try again
This is a working auth.users id column (forgot the image, but there is no default value). I've seen the code at some point (or the insert to the table) and the ID comes from the auth server not relying on the DB.
Your error is very common and is 99% of the time an auth.users trigger function you (or your AI) added failing because of coding.
Your message says database error so there will be a database error (500) in the Postgres log of the dashboard.
What do you see here:
thats what i see
You have a trigger calling a function you added.
Looks like it is to populate a public users/profile table of some sort.
The Postgres error from the log will tell you what is going wrong with it.
THANK YOU all fixed!!!