Cloud//Supabase

Open-source backend-as-a-service built on PostgreSQL. Combines auth/roles + a robust relational database + real-time APIs in one service. It's a backend for your users — a separate server from your frontend that communicates via API.

Open-source backend-as-a-service built on PostgreSQL. Combines auth/roles + a robust relational database + real-time APIs in one service. It's a backend for your users — a separate server from your frontend that communicates via API.

The database IS PostgreSQL — full SQL, JOINs, and you can install extensions like pgvector for vector search

Auth with roles: email, OAuth, magic links — built in with row-level security (RLS). Users get permissions per table, per row. No third-party auth service needed.

Real-time: subscribe to database changes via WebSockets — the API pushes updates to connected clients instantly

Storage: file uploads with access control (like a simple S3)

SDK for React, Next.js, Flutter — client libraries that talk to the Supabase API

Common pairing: Vercel + Supabase = frontend on Vercel, database + auth + storage + real-time on Supabase

The PostgreSQL they give you is yours to use however you want — if you need to store additional client data, run custom queries, or add tables beyond what the SDK manages, you can connect directly and use it as a regular Postgres database. Full access.

Table Editor vs SQL Editor: the Table Editor is visual — spreadsheet view, click to edit rows, filter, sort. The SQL Editor is for commands: DDL, triggers, indexes, RLS policies, complex queries. Table Editor only touches rows; SQL Editor can do everything. It even lets you save queries as favorites.

Architecture: URL (where the "building" is) + publishable key (front door, light lock) + session token per user (real identity) + RLS (the database-level lock). The publishable key is not the security — the token + RLS is.

Supabase Auth handles OAuth natively with Google — one login does both identity + Gmail access.