Supabase
Connect a Supabase Postgres database with a connection string.
Reads tables and views from a Supabase Postgres database. Queries run inside a read-only transaction, so Flitch can never write to your database.
Add a source
Supabase authenticates with a connection string over enforced SSL.
Prerequisites
- A Supabase project.
- A dedicated database role with read access (not the
postgressuperuser).
Create a read-only role
In the Supabase SQL editor:
CREATE ROLE flitch_readonly LOGIN PASSWORD 'choose-a-strong-password';
GRANT USAGE ON SCHEMA public TO flitch_readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO flitch_readonly;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO flitch_readonly;Copy the pooler connection string
In the Supabase dashboard, click Connect (top of the page), then copy the Session pooler (or Transaction pooler) string. The pooler username embeds your project ref as <role>.<project-ref>. For the read-only role you created, use flitch_readonly.<project-ref> (the dashboard string defaults to postgres.<project-ref>; swap in your role and its password):
postgresql://flitch_readonly.<project-ref>:password@aws-0-<region>.pooler.supabase.com:5432/postgres?sslmode=requireUse a pooler connection string, not Direct connection. Supabase direct connections (db.<project-ref>.supabase.co) are IPv6-only, and Flitch's connector reaches your database over IPv4, so a direct connection will fail to connect. The pooler is IPv4 and works.
Open the form
Go to Data → Add → Supabase, paste the connection string, then pick datasets.
Team-wide credential (optional)
A team admin can store one shared Supabase credential in Settings → Data connections; new connections then default to it, with no per-connection secret.
Refresh
Refresh is off by default. Enable it to schedule a background refresh and serve from cache between runs. See Refresh.
Troubleshooting
Authentication failed. Use the dedicated role's password, not the project API keys.
Permission denied on a table. Grant SELECT on that schema/table to the read-only role. Row Level Security policies also apply to the connecting role.