Toolstools / supabase
Supabase
What this is
Supabase is a backend platform.
It can provide:
- Database.
- Authentication.
- File storage.
Simple model:
Setting
Frontend = what users see
Backend = where data livesWhy it matters
Beginner websites can stay frontend-only.
Apps that store user data usually need a backend. Supabase is useful when the project needs saved profiles, bookings, dashboards, uploaded files, or login.
What to do
Use Supabase only when the project has a real data need.
Decide if Supabase is needed
Ask:
Reference
Does this project need to save user data after refresh?If no, skip Supabase.
If yes, continue.
Create the project
- Create an account at supabase.com.
- Create one project.
- Choose a project name that matches the app.
- Save the database password somewhere private.
- Wait for the dashboard to finish provisioning.
Visual checkpoint:
Flow
Supabase Dashboard
Project selected
Table Editor visible
SQL Editor visible
Authentication visible
Project Settings -> API visibleCreate the first table
Start with one table only.
Example for a booking/contact project:
| Column | Type | Meaning |
|---|---|---|
id | uuid | Unique row ID. |
created_at | timestamp | When the row was created. |
name | text | Customer name. |
email | text | Customer email. |
message | text | Message or booking request. |
Ask AI:
Copy prompt
I am a beginner using Supabase.
My app needs to save:
[describe data]
Suggest one first table only.
Explain each column in simple language.
Do not add authentication yet.Core features to understand
| Feature | Meaning | Beginner action |
|---|---|---|
| Database | Stores rows of app data | Start with one table. |
| Table Editor | Spreadsheet-like database view | Use it to inspect data. |
| SQL Editor | Advanced database commands | Use later with tutor guidance. |
| Auth | User login system | Add only when the app truly needs accounts. |
| Storage | Uploaded files | Use for images/files later. |
| API keys | App connection keys | Public anon key can be used client-side; service role key stays private. |
| RLS | Row Level Security | Keep it enabled and create policies before real user data. |
Connect to a web app
For a Next.js project, install the client:
Terminal command
npm install @supabase/supabase-jsAdd env variables locally:
Setting
NEXT_PUBLIC_SUPABASE_URL=...
NEXT_PUBLIC_SUPABASE_ANON_KEY=...Then add the same variables in Vercel Project Settings before deploying.
Safety rule
Never put the service role key in frontend code.
Use this check:
Setting
Anon key = okay for browser use
Service role key = server only, never publicCommon mistakes
- Adding Supabase too early.
- Starting with authentication before understanding the app.
- Creating too many tables.
- Copying database code without knowing where it belongs.
- Turning off Row Level Security without understanding the risk.
- Putting service role keys in
.env.localand then pushing them. - Connecting frontend before the table design is clear.
Next step
Go to Links.