hugot4eboss

Role based API keys for microservices

The user is seeking a way to implement role-based API keys for microservices in Supabase to ensure secure server-to-server communication. They want to limit access to specific resources to minimize damage if a key is compromised. They have explored several options, such as service role API keys, signing their own JWTs, and using service user accounts, but each has drawbacks. They are requesting a solution that allows scoped API keys with role-based access.