Supabase Visualizer

Auth, Row Level Security, Realtime subscriptions, and Edge Functions — all visualized

Built-in authentication that integrates directly with PostgreSQL RLS for end-to-end security.

System table storing user credentials, metadata, and provider info

Access token (1hr) with user ID + role. Refresh token for renewal

PG function that extracts user ID from JWT — used in RLS policies

Client (Browser/App) → supabase-js SDK

↓ HTTPS

Supabase Auth (GoTrue) → JWT generation, session management

↓ Internal

PostgreSQL → auth.users table, auth.uid() function

↓ RLS

PostgREST → API server that respects RLS with JWT context