service_role lost write permissions on auth schema - Production DOWN

RLS

auth🟢SQL

Description:
Project Ref: ruasioxmitvlrrmeiuga
PostgreSQL Version: 17.4
Severity: CRITICAL - Production is completely down

ISSUE:
New user registration broken. service_role cannot INSERT into auth tables.

COMPLETE DIAGNOSIS:

1. PERMISSION CHECK (auth.users):
- service_role: SELECT only

- postgres: full access
- Expected: service_role should have INSERT, UPDATE, DELETE

2. AFFECTS ALL AUTH TABLES:
auth.users, auth.sessions, auth.refresh_tokens, auth.identities,
auth.mfa_factors, etc. - ALL have service_role = SELECT only

3. DEFAULT ACL MISSING service_role:
Query: SELECT * FROM pg_default_acl WHERE defaclnamespace = 'auth'::regnamespace;
Result: Only postgres and dashboard_user listed, service_role NOT included

4. ROLE PERMISSIONS:
- service_role.rolbypassrls = false
- postgres.rolsuper = false (cannot GRANT)
- SET ROLE supabase_admin: permission denied

5. WE CANNOT FIX THIS:
- GRANT command fails (postgres not superuser)
- Cannot SET ROLE to supabase_admin
- Dashboard SQL Editor also lacks permission

FIX REQUIRED (must be run with supabase_admin):
GRANT INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA auth TO service_role;

ALTER DEFAULT PRIVILEGES FOR ROLE supabase_auth_admin IN SCHEMA auth
GRANT INSERT, SELECT, UPDATE, DELETE ON TABLES TO service_role;

QUESTIONS:
- Was this project recently upgraded to PostgreSQL 17?
- Is this a known issue from database migration?

IMPACT:
- No new user registration
- Auth completely broken
- Production DOWN

Please prioritize this issue. Thank you.

#support

Supabase•4mo ago•

31 replies

cryyyyyyptoLove

service_role lost write permissions on auth schema - Production DOWN

RLS

auth🟢SQL

service_role lost write permissions on auth schema - Production DOWN

service_role lost write permissions on auth schema - Production DOWN

Similar Threads

Similar Threads

Similar Threads