Request to reset project keys due to leakage
We have experienced a leakage of sensitive project information: project URL, project ID, anon key, and service_role key have become publicly accessible.
We would like to rotate all project keys to ensure that:
1. The old keys are immediately invalid.
2. Access to the database using the old keys is no longer possible.
We kindly request your assistance in securely replacing the keys and reconfiguring the project.
Thank you very much for your help!
1 Reply
This is something you do yourself for the keys. Go to API Keys settings.
Your project URL, ID and anon key are considered public info by Supabase.
If you change your JWT secret, legacy anon and service role will change.
Otherwise if using the new SB style API keys you rotate them in that settings section.
You can't change your URL or ID.
https://supabase.com/docs/guides/troubleshooting/rotating-anon-service-and-jwt-secrets-1Jq6yd