# Connect Supabase Organization

### Why connect my Supabase organization?

Securing your cloud infrastructure is crucial to protecting your user data. You can leverage Aikido's security checks to detect and address any misconfigurations in your Supabase projects.

#### **Main use cases**

* Aikido surfaces critical cloud misconfigurations that could expose your Supabase projects to attackers - things like overly permissive policies, weak authentication settings, or misconfigured storage buckets. All configuration checks can be found [here.](https://app.aikido.dev/clouds/checks)
* Aikido continuously monitors your Supabase organization for new risks as your setup evolves.

Aikido performs daily compliance scans on the above.

<figure><img src="/files/hbil8ruHYAp4hXbtAfth" alt=""><figcaption></figcaption></figure>

### Getting started <a href="#getting-started" id="getting-started"></a>

To get started, head to the [cloud overview page](https://app.aikido.dev/clouds) on Aikido and click **"Connect Cloud"**. Select **Supabase** from the list and follow the step-by-step setup wizard.

<figure><img src="/files/2oNzSEqm3uqcH8V7KzLx" alt=""><figcaption></figcaption></figure>

To connect your account, you'll need two things from Supabase: your **organization slug** and a **Personal Access Token (PA token)**.

{% stepper %}
{% step %}
**Log into your Supabase dashboard**

Go to the [Supabase dashboard](https://supabase.com/dashboard) and sign in with the account that has access to the organization you want to connect.
{% endstep %}

{% step %}
**Copy your organization slug**

Navigate to **Organization settings** for the organization you want to connect. Copy the **organization slug** and paste it into the Aikido setup wizard.
{% endstep %}

{% step %}
**Set up the right user**

Navigate to **Team settings** for the organization. Either log in as a user with at least a **read-only role**, or create a dedicated user for the Aikido integration with those permissions.

*We recommend creating a dedicated user so it's easy to audit Aikido's access later.*
{% endstep %}

{% step %}
**Generate a Personal Access Token**

In the account settings of that user, go to **Access Tokens** and click **"Generate new token"**. Give it a descriptive name (e.g. `aikido-integration`) so you can identify it later.

Set your token to never expire so your integration doesn't break.

<div><figure><img src="/files/pG6FoTJnJadwmnfd8HIv" alt=""><figcaption></figcaption></figure> <figure><img src="/files/XlC2KBYjfm3rbShCcldj" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Paste the token into Aikido**

Copy the token and paste it into the **PA token** field in Aikido's setup wizard. Then click **"Save & Continue"**.\
\
![](/files/nlnMSClwOiA9mHWRevZE)
{% endstep %}

{% step %}
**Name your cloud configuration**

Give your connected project a name in Aikido and specify the environment it operates in (production, staging, etc.). This helps Aikido prioritize findings based on severity and business impact.\
\
![](/files/Qwwvkpf4BQO8kJ8zDj1e)
{% endstep %}
{% endstepper %}

Within 1-2 minutes after connecting your account, Aikido will report misconfigurations that could pose a threat.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/cloud-scanning/connect-your-cloud/supabase-cloud-scanning/connect-supabase-organization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.