Skip to main content

Function: createUserClient()

createUserClient(accessToken): SupabaseClient<Database>

Defined in: src/db/clients/user.ts:16

User-scoped Supabase client — the logged-in user's JWT is attached, so all RLS policies apply. This is the defense-in-depth read path: even if application logic has a bug, Postgres refuses cross-tenant / cross-role access.

Pass the access token resolved from the Supabase auth session (see auth/session handling in a later step). Used in Server Components and read queries. Privileged writes and cross-tenant reads go through createServiceClient instead, behind an explicit role check.

Parameters

accessToken

string

Returns

SupabaseClient<Database>