Supabase
Leak API key on Realtime subscriptions #16715
Closed
BrunoFerreira95
started this conversation in
General
Replies: 1 comment 1 reply
-
|
The apikey shows up anytime used in a browser environment. Which is why Supabase recommends using only the anon_key. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
That it, I am being walk for home, and think about this, today, I use an auth, with client side, but if I use the Realtime with serve side, fix the issue. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
When I use a real-time subscription on one page of next.
In the network with an F5, show the web socket? apikey=” apikey”
I make a post on LinkedIn, showing how to implement a role system login with supabase.
And a guy came to talk with me, and show this leak, I ready check in my app, and it’s real, it was showing the api key.
I make a quick search in the forum but I don’t find.
Guys warning. =/
Beta Was this translation helpful? Give feedback.
All reactions