According to a recent LinkedIn post from Supabase, the company is shifting new projects to a default model in which tables in the public schema are not automatically exposed to its Data API starting May 30th. The post indicates that developers will instead need to explicitly grant permissions per role, either through the dashboard or via SQL.
Memorial Day Sale – Claim 70% Off TipRanks
- Unlock trusted, data-backed investing tools with TipRanks Premium, from analyst ratings and forecasts to breaking news and portfolio analysis.
- Discover high-conviction stock picks and new investing opportunities with the TipRanks Smart Investor Newsletter
The post highlights that explicit PostgreSQL grants are designed to be reviewable and diffable, making permission changes more auditable and transparent in migrations. It also suggests that this approach enables finer per-role access control, particularly between anonymous and authenticated users, potentially improving security posture and governance for production workloads.
For investors, this move may signal an emphasis on enterprise-grade access control and compliance features within Supabase’s platform. By making more secure, explicit permissioning the default rather than an optional configuration, the company could strengthen its appeal to larger, security-sensitive customers and enhance its competitive position among database-as-a-service providers.
The update appears incremental rather than a major product overhaul, but it may reduce misconfigurations that lead to data exposure, thereby lowering operational risk for customers. Over time, such shifts toward declarative and auditable infrastructure could support higher customer retention and increase Supabase’s suitability for regulated or mission-critical use cases.