Persona logoPersona Help Center
ArticlesCommunityAcademyDeveloper DocsSystem Status
Menu icon

Articles

Getting started
Solutions
Inquiries
Verifications
Accounts
Transactions
Reports
Cases
Workflows
Graph
Marketplace and 3rd-Party Integrations
AI
ATS
Authentication
Communication
CRM
Crypto
Data Enrichment
HRIS
Productivity
Using Productivity Integrations
Anthropic
Asana
Cloudflare
Google AI
Groqcloud
Intercom
Jira
OpenAI
ServiceNow
Smartsheet
Todoist
Zendesk
Basecamp
Github
ClickUp
Datadog
Notion
Airtable
Cloudflare
Coda
Supabase integration overview
Ticketing
Workforce
Other Platform Products
Admin
For end users

Get help now

Submit a request
Marketplace and 3rd-Party Integrations
Productivity
Supabase integration overview

Supabase integration overview

Overview

Supabase is an open-source Firebase alternative that provides a PostgreSQL database, authentication, storage, real-time functionality, and edge functions. Persona’s integration with Supabase helps teams connect identity workflows in Persona to Supabase administration tasks—so operational and security actions can happen automatically when key events occur (like a Case being created or a verification outcome changing).

This integration is especially helpful for engineering, security, fraud, and operations teams that want to reduce manual access management and keep Supabase project context available inside identity-driven workflows.

Benefits

Just-in-time database access: Grant time-limited, role-scoped database access only when it’s needed—supporting least-privilege workflows for investigations and sensitive operations.

Faster, more consistent operations: Automate routine project lookups and access updates so teams don’t need to jump between tools or manually reconfigure access for common scenarios.

Centralized workflow control: Use Persona Workflows as the source of orchestration (decisioning, routing, approvals) while still taking direct actions in Supabase via the Management API.

Integration Features

Persona’s Supabase integration supports secure administration actions and lookups you can add to any Workflow. Key capabilities include:

  • Organization member lookup: Retrieve members in a Supabase organization to support routing, approvals, and audit-friendly workflows.
  • Project discovery and context: List projects and retrieve a specific project to enrich workflow steps with the right project metadata before taking action.
  • Authorize temporary database role access: Approve a request to assume a database role for a project (for example, when an investigation is opened and access is required).
  • Update JIT role mappings and restrictions: Maintain user-to-role mappings for temporary access, including expirations and allowed network ranges.

Setting up the Supabase integration

Prerequisites

To set up the Supabase integration, ensure you have:

  • Admin access to your Supabase account
  • Necessary API permissions to access Supabase credentials

Setting up the Supabase Credentials

  1. In the Persona Dashboard, navigate to Integrations > Marketplace and click on Supabase.
  2. Click Add Credential at the top of the page.
  3. Enter a nickname for the credential and click Continue.
  4. In Supabase, generate an access token from your account settings (Supabase provides tokens via the dashboard’s account token page).
  5. Copy the token into Persona when prompted, then save the credential.
  6. Click Test to confirm the credential is working.

Using the Supabase integration in a Workflow

  1. Create a new workflow, or open an existing workflow you’d like to update.
  2. Add a new action step > Integrations.
  3. Select the Supabase integration and choose your saved Supabase credential.
  4. Select the operation you want to run and map Persona data into the Supabase input fields.
  5. Save/publish the workflow.

Supabase Operations Overview

In addition to syncing field values, Persona can list organization members, list projects, retrieve a specific project, authorize database JIT access, and update JIT access mappings using Supabase’s API. These actions support seamless two-way workflows, letting teams manage investigations without switching platforms. See below for a comprehensive list of available Workflow Action steps and possible configurations for the Supabase integration:

List Organization Members Workflow Action Step

Lists members in a Supabase organization so you can understand who has access and drive workflow decisions (for example, routing approvals or selecting the right user to update). This is commonly used as an input step before making access changes, or to enrich a Case with organization context.

Configuration Steps:

  • Provide values for required fields:
    • Organization Slug

List Projects Workflow Action Step

Returns the projects available to the authenticated Supabase account, which can help teams dynamically select the right project within a workflow. This is useful when your workflow needs to branch by environment or region, or when you want to surface project details for review before taking an access action.

Configuration Steps:

  • Make a simple TEST request to the endpoint.
  • Use the returned project list to:
    • Select the correct Project Ref for downstream steps
    • Capture core project metadata in workflow variables (for logging or routing)

Retrieve Project Workflow Action Step

Fetches details for a single Supabase project so your workflow can confirm it’s operating on the correct target before performing sensitive actions. This is especially helpful when you’re working from an externally-provided project identifier and want to validate status and configuration context.

Configuration Steps:

  • Provide values for required fields:
    • Project Ref

Authorize JIT Access Workflow Action Step

Authorizes a request to assume a database role within a Supabase project, enabling temporary access workflows tied to a specific event (such as a privileged review, escalation, or on-call investigation). This action can also be used to ensure database access is tied to a known request context rather than standing permissions.

Configuration Steps:

  • Provide values for required fields:
    • Project Ref
    • Role (database role to assume)
    • Remote Host (the IP address the connection is coming from)

Update JIT Access Workflow Action Step

Updates a user’s temporary-access role mappings for a Supabase project, including which roles they can assume and how long access should last. You can also apply network restrictions so temporary database access is only valid from approved IPv4 and/or IPv6 ranges.

Configuration Steps:

  • Provide values for required fields:
    • Project Ref
    • User ID
    • Roles
      • Role (for each role entry)
  • Optionally add:
    • Expires At (a timestamp indicating when temporary access should expire)
    • Allowed Networks
      • Allowed CIDRs (IPv4 ranges)
      • Allowed CIDRs v6 (IPv6 ranges)

FAQs

What Supabase API does Persona use for this integration?

Persona uses Supabase’s Management API operations exposed via api.supabase.com to perform supported lookups and temporary-access actions.

Where do I get the token needed to connect Supabase to Persona

Supabase provides account access tokens via the Supabase dashboard’s account token page, which are used for Management API access. Generate a token in Supabase, then save it as a credential in Persona.

Can I restrict temporary database access by time or network?

Yes. Supabase temporary access supports restrictions such as an expiry window and IP/network allowlists (IPv4 and/or IPv6 ranges), and the Supabase integration exposes configuration fields to pass these restrictions when updating role mappings.