VibeRaven

What Is RLS on Supabase? (AI-Built Apps)

Row-level security (RLS) on Supabase limits which rows each user can read or write in Postgres. Run npx -y viberaven --agent-mode to scan repo evidence for RLS assumptions, service-role key exposure, and migrations before trusting AI-generated policies.

RLS basics to verify before launch

Confirm RLS is enabled on tables that store user-owned or sensitive data.
Review select, insert, update, and delete policies—not only client-side filters.
Ensure service-role keys stay server-side and never ship in browser bundles.
Check migrations and SQL files for policy definitions.
Test access with two different user sessions on the same table paths your app uses.
Use /supabase-auth-rls-checklist-ai-apps for the full auth-and-RLS launch checklist.

what is rls on supabase

RLS is Postgres row-level security: policies that restrict which rows authenticated users can access. Enable RLS on sensitive tables, keep service-role keys server-side, and verify policies in migrations—not only in the Supabase dashboard.