apps/www/_blog/2024-08-16-platform-access-control.mdx
At Supabase, we're constantly striving to provide the tools developers need to build secure, reliable applications. Our latest update focuses on an area that's critical to both security and reliability: Platform Access Control.
We're excited to announce the rollout of our new granular access control features which allows giving users access to specific projects instead of the entire organization.
Managing who can access what within your project isn't just a convenience — it's essential for maintaining security and ensuring that your software development lifecycle (SDLC) is followed and availability guarantees are met. While Supabase already provides a robust data security framework through Row-Level Security (RLS), we recognized a gap when it came to managing platform-level access. Our new Platform Access Control feature fills that gap by offering Role-Based Access Control (RBAC) to the Supabase platform and management APIs.
With Platform Access Control, Supabase now offers a way to manage permissions at the both the organization and project levels.
A user can either have permissions assigned for the whole organization or for specific projects. The roles remain the same as before:
For a more exhaustive list of actions allowed for each role, check out the access control docs.
With these new features, Supabase is making it easier than ever to ensure that every team member has the right level of access. By assigning specific roles, you can reduce the risk of accidental changes, streamline workflows, and maintain a high level of security across your projects. If you're part of a growing team, consider upgrading to an Enterprise Plan to take full advantage of these powerful new tools.
To start using the new Platform Access Control features, check out our updated documentation here.