Supabase
Connect Supabase to collect database configuration and access control evidence for your compliance program.
What is Supabase?
Supabase is an open-source backend platform built on PostgreSQL that provides a managed database, authentication, storage, and real-time subscriptions. If your application uses Supabase, this integration allows Imara to collect evidence about your database security configuration and access controls.
What Imara collects from Supabase
- Project team members and their access levels
- Database configuration — SSL enforcement status
- Row-Level Security (RLS) status across tables
- Auth provider and MFA configuration settings
Required permissions
Imara connects using a Supabase Service Role Key or a Management API token with read-only access. The key is found in Supabase → Project Settings → API. Imara does not write to your database or modify project settings.
How to connect
- In Supabase, go to Project Settings → API and copy the Service Role Key.
- In Imara, go to Integrations and select Supabase.
- Enter your project URL and the Service Role Key.
- Click Connect.
Frameworks supported
SOC 2, ISO 27001.
What to expect
Imara maps database configuration findings to data protection and access control controls. Common findings include tables without Row-Level Security enabled or missing SSL enforcement.