SupabaseS
Supabase3d ago
cryyyyyyptoLove

service_role lost write permissions on auth schema - Production DOWN

Description:
Project Ref: ruasioxmitvlrrmeiuga
PostgreSQL Version: 17.4
Severity: CRITICAL - Production is completely down

ISSUE:
New user registration broken. service_role cannot INSERT into auth tables.

COMPLETE DIAGNOSIS:

  1. PERMISSION CHECK (auth.users):
    • service_role: SELECT only ❌
    • postgres: full access
    • Expected: service_role should have INSERT, UPDATE, DELETE
  2. AFFECTS ALL AUTH TABLES:auth.users, auth.sessions, auth.refresh_tokens, auth.identities,auth.mfa_factors, etc. - ALL have service_role = SELECT only
  3. DEFAULT ACL MISSING service_role:Query: SELECT * FROM pg_default_acl WHERE defaclnamespace = 'auth'::regnamespace;Result: Only postgres and dashboard_user listed, service_role NOT included
  4. ROLE PERMISSIONS:
    • service_role.rolbypassrls = false
    • postgres.rolsuper = false (cannot GRANT)
    • SET ROLE supabase_admin: permission denied
  5. WE CANNOT FIX THIS:
    • GRANT command fails (postgres not superuser)
    • Cannot SET ROLE to supabase_admin
    • Dashboard SQL Editor also lacks permission
    FIX REQUIRED (must be run with supabase_admin):GRANT INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA auth TO service_role;ALTER DEFAULT PRIVILEGES FOR ROLE supabase_auth_admin IN SCHEMA authGRANT INSERT, SELECT, UPDATE, DELETE ON TABLES TO service_role;QUESTIONS:
  6. Was this project recently upgraded to PostgreSQL 17?
  7. Is this a known issue from database migration?IMPACT:
  8. No new user registration
  9. Auth completely broken
  10. Production DOWNPlease prioritize this issue. Thank you.
#support
Was this page helpful?