[bigEnotation]

So where is the secret key stored for signing the JWT? In the front end as well?

Edit: Oh I found it here: https://postgrest.org/en/stable/how-tos/sql-user-management....

That’s a pretty neat design. Also an interesting attack surface