Ctrlk
Changelog NotificationsAPIAikido login

Connect Supabase Organization

Why connect my Supabase organization?

Securing your cloud infrastructure is crucial to protecting your user data. You can leverage Aikido's security checks to detect and address any misconfigurations in your Supabase projects.

Main use cases

  • Aikido surfaces critical cloud misconfigurations that could expose your Supabase projects to attackers - things like overly permissive policies, weak authentication settings, or misconfigured storage buckets. All configuration checks can be found here.

  • Aikido continuously monitors your Supabase organization for new risks as your setup evolves.

Aikido performs daily compliance scans on the above.

Getting started

To get started, head to the cloud overview page on Aikido and click "Connect Cloud". Select Supabase from the list and follow the step-by-step setup wizard.

To connect your account, you'll need two things from Supabase: your organization slug and a Personal Access Token (PA token).

1

Log into your Supabase dashboard

Go to the Supabase dashboard and sign in with the account that has access to the organization you want to connect.

2

Copy your organization slug

Navigate to Organization settings for the organization you want to connect. Copy the organization slug and paste it into the Aikido setup wizard.

3

Set up the right user

Navigate to Team settings for the organization. Either log in as a user with at least a read-only role, or create a dedicated user for the Aikido integration with those permissions.

We recommend creating a dedicated user so it's easy to audit Aikido's access later.

4

Generate a Personal Access Token

In the account settings of that user, go to Access Tokens and click "Generate new token". Give it a descriptive name (e.g. aikido-integration) so you can identify it later.

Set your token to never expire so your integration doesn't break.

5

Paste the token into Aikido

Copy the token and paste it into the PA token field in Aikido's setup wizard. Then click "Save & Continue".

6

Name your cloud configuration

Give your connected project a name in Aikido and specify the environment it operates in (production, staging, etc.). This helps Aikido prioritize findings based on severity and business impact.

Within 1-2 minutes after connecting your account, Aikido will report misconfigurations that could pose a threat.

Last updated

Was this helpful?