← Back to Marketplace

Supabase

API Key

Postgres, auth, storage, and realtime. The open-source Firebase alternative.

https://your-project.supabase.co
OVERVIEW

Supabase wraps a full Postgres database with instant REST and GraphQL APIs, built-in auth, file storage, and realtime subscriptions. The REST API is powered by PostgREST. Every table becomes an endpoint automatically.

Two keys are available: anon (public, row-level security enforced) and service_role (admin, bypasses RLS). The anon key is safe to use in client apps when combined with Row Level Security policies.

Supabase requires two headers with the same key: apikey for PostgREST routing and Authorization: Bearer for JWT verification. The connection config below sets both via auth_config + extra_headers.

GET YOUR API KEY

Authentication setup

  1. Go to supabase.com and open your project
  2. Navigate to Settings → API
  3. Copy the Project URL (your base URL)
  4. Copy the anon public key (safe for client-side) or service_role key (server-side only)
  5. Both keys are JWTs. Use as both apikey header and Authorization: Bearer
Token format eyJ... (JWT)
Auth type api_key
Header apikey
QUICK CONNECT

Create a connection in one request.

CONNECT SUPABASE
POST /connections Authorization: Bearer $TOKEN Content-Type: application/json { "name": "Supabase", "base_url": "https://your-project.supabase.co", "auth_type": "api_key", "auth_config": {"key": "eyJ...", "header": "apikey"}, "extra_headers": {"Authorization": "Bearer eyJ..."} } → {"id": "cn_xxxxxxxx", "name": "Supabase"}
KEY ENDPOINTS

What you can call via proxy.

MethodPathDescription
GET /rest/v1/{table}?select=* Query rows from a table
POST /rest/v1/{table} Insert one or more rows
PATCH /rest/v1/{table}?id=eq.{id} Update rows matching a filter
DELETE /rest/v1/{table}?id=eq.{id} Delete rows matching a filter
POST /auth/v1/signup Create a new user account
POST /auth/v1/token?grant_type=password Sign in with email/password
POST /storage/v1/object/{bucket}/{path} Upload a file to storage
POST /rest/v1/rpc/{function} Call a Postgres function (RPC)
EXAMPLE

Query Table

PROXY CALL
GET /proxy/cn_xxxxxxxx/rest/v1/todos?select=*&is_complete=eq.false&order=created_at.desc&limit=5 Authorization: Bearer $TOKEN [ {"id": 1, "title": "Ship API proxy", "is_complete": false, "created_at": "2026-03-24T10:00:00Z"}, {"id": 2, "title": "Write docs", "is_complete": false, "created_at": "2026-03-23T15:30:00Z"}, {"id": 3, "title": "Add marketplace", "is_complete": false, "created_at": "2026-03-23T09:00:00Z"} ]
USE CASES

What people build with Supabase.

App Backend

Full CRUD API for your app's data. Tables auto-generate REST endpoints.

User Authentication

Built-in auth with email/password, magic links, OAuth providers, and JWTs.

File Storage

Upload and serve files with S3-compatible storage and CDN delivery.

Realtime Subscriptions

Subscribe to database changes in real time via WebSocket channels.

← Back to Marketplace Developer Guide →
# Supabase > Postgres, auth, storage, and realtime. The open-source Firebase alternative. ## Overview Supabase wraps a full Postgres database with instant REST and GraphQL APIs, built-in auth, file storage, and realtime subscriptions. The REST API is powered by PostgREST. Every table becomes an endpoint automatically. Two keys are available: <code>anon</code> (public, row-level security enforced) and <code>service_role</code> (admin, bypasses RLS). The anon key is safe to use in client apps when combined with Row Level Security policies. Supabase requires <strong>two headers</strong> with the same key: <code>apikey</code> for PostgREST routing and <code>Authorization: Bearer</code> for JWT verification. The connection config below sets both via <code>auth_config</code> + <code>extra_headers</code>. - **Base URL:** https://your-project.supabase.co - **Auth type:** api_key - **Token format:** eyJ... (JWT) ## Get Your API Key 1. Go to supabase.com and open your project 2. Navigate to Settings → API 3. Copy the Project URL (your base URL) 4. Copy the anon public key (safe for client-side) or service_role key (server-side only) 5. Both keys are JWTs. Use as both apikey header and Authorization: Bearer ## Quick Connect bashcurl -X POST https://api.liteio.dev/connections \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "name": "Supabase", "base_url": "https://your-project.supabase.co", "auth_type": "api_key", "auth_config": {"key": "eyJ...", "header": "apikey"} }' ## Key Endpoints MethodPathDescription GET/rest/v1/{table}?select=*Query rows from a table POST/rest/v1/{table}Insert one or more rows PATCH/rest/v1/{table}?id=eq.{id}Update rows matching a filter DELETE/rest/v1/{table}?id=eq.{id}Delete rows matching a filter POST/auth/v1/signupCreate a new user account POST/auth/v1/token?grant_type=passwordSign in with email/password POST/storage/v1/object/{bucket}/{path}Upload a file to storage POST/rest/v1/rpc/{function}Call a Postgres function (RPC) ## Example: Query Table bashcurl https://api.liteio.dev/proxy/cn_xxx/rest/v1/todos?select=*&is_complete=eq.false&order=created_at.desc&limit=5 \ -H "Authorization: Bearer $TOKEN" ## Use Cases - **App Backend**: Full CRUD API for your app's data. Tables auto-generate REST endpoints. - **User Authentication**: Built-in auth with email/password, magic links, OAuth providers, and JWTs. - **File Storage**: Upload and serve files with S3-compatible storage and CDN delivery. - **Realtime Subscriptions**: Subscribe to database changes in real time via WebSocket channels. ## Links - Back to Marketplace - Developer Guide - Get API Key