Skip to main content

API key

Use a Supabase personal access token for Management API operations.
  1. Open Supabase account settings.
  2. Go to Access Tokens.
  3. Create a personal access token.
  4. Store it as api_key.
pnpm corsair setup --supabase api_key=<supabase_pat>

OAuth 2.0

Use OAuth when you want users to connect their own Supabase account through Corsair.
  1. Create a Supabase OAuth app.
  2. Add the redirect URL used by your Corsair app.
  3. Store the OAuth app credentials with Corsair.
pnpm corsair setup \
  --supabase client_id=<client_id> \
  --supabase client_secret=<client_secret>
Supabase OAuth app scopes are configured in the Supabase dashboard.

Project API key

Most Supabase Management API operations use the account token above. Project-hosted routes, such as invoking an Edge Function or TUS storage options, need a project API key too. Pass it in plugin options or per call: 
supabase({
  key: process.env.SUPABASE_ACCESS_TOKEN,
  projectApiKey: process.env.SUPABASE_PROJECT_API_KEY,
})