Skip to main content

Documentation Index

Fetch the complete documentation index at: https://powersync-supabase-guide-data-api-grants-rls.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

PowerSync’s Sync Streams (or legacy Sync Rules) and Supabase’s support for Row Level Security (RLS) can be used in conjunction. Here are some high level similarities and differences:
  • RLS should be used as the authoritative set of security rules applied to your users’ CRUD operations that reach Postgres.
  • Sync Streams (or legacy Sync Rules) are only applied for data that is to be downloaded to clients. They do not apply to uploaded data.
    • Sync Streams / Sync Rules can typically be considered to be complementary to RLS, and will generally mirror your RLS setup.
Supabase tables are often created with auto-increment IDs. For easiest use of PowerSync, make sure to convert them to text IDs as detailed here.

Example

The Supabase + PowerSync guide sets up RLS policies for the to-do list demo app: 
create policy "owned lists" on public.lists
  for all to authenticated
  using (auth.uid() = owner_id);

create policy "todos in owned lists" on public.todos
  for all to authenticated
  using (
    auth.uid() in (
      select lists.owner_id from public.lists where lists.id = todos.list_id
    )
  );
auth.uid() in a Supabase RLS policy maps to: If you compare these policies to the Sync Config in the guide, you’ll see the access patterns mirror each other. If you have any questions, join us on our community Discord where our team is always available to help.