Secure API
🤷other
I’m reviewing the “Securing your API” guide:
https://supabase.com/docs/guides/api/securing-your-api
Is it supported or recommended to move request-level validation
out of PostgREST (RLS / db_pre_request) and instead use Edge Functions?
Specifically:
- Can Edge Functions act as a gateway in front of the Data API?
- Is this considered a valid alternative to the approach described in the guide?
I’m asking about supported patterns, not implementation details.
https://supabase.com/docs/guides/api/securing-your-api
Is it supported or recommended to move request-level validation
out of PostgREST (RLS / db_pre_request) and instead use Edge Functions?
Specifically:
- Can Edge Functions act as a gateway in front of the Data API?
- Is this considered a valid alternative to the approach described in the guide?
I’m asking about supported patterns, not implementation details.
