Adding custom API keys with selectable Postgres role for backend components
Lasse Amonat suggests adding a feature to Supabase allowing custom API keys with selectable Postgres roles for backend components. This would enhance security by adhering to the principle of least privilege, as the current service_role grants excessive privileges. Lasse provides a workaround using Supabase CLI to generate signing keys and JWTs, but notes it feels unofficial and cumbersome.