[simonw]

Really glad to hear there's more documentation on the way!

Does Supabase have any feature that take advantage of PostgreSQL's table-level permissions? I'd love to be able to issue a token to an MCP server that only has read access to specific tables (maybe even prevent access to specific columns too, eg don't allow reading the password_hash column on the users table.)

[gregnr]

We're experimenting with a PostgREST MCP server that will take full advantage of table permissions and row level security policies. This will be useful if you strictly want to give LLMs access to data (not DDL). Since it piggybacks off of our existing auth infrastructure, it will allow you to apply the exact fine grain policies that you are comfortable with down to the row level.

[jonplackett]

This seems like a far better solution and uses all the things I already love about supabase.

Do you think it will be too limiting in any way? Is there a reason you didn’t just do this from the start as it seems kinda obvious?

[gregnr]

The limitation is that it is data-only (no DDL). A large percentage of folks use Supabase MCP for app development - they ask the LLM to help build their schema and other database objects at dev time, which is not possible through PostgREST (or designed for this use case). This is particularly true for AI app builders who connect their users to Supabase.