| Role | API/Tool |
|---|---|
| supabase_admin | Used by Supabase to configure projects and for monitoring. Also be used to manage realtime connections |
| authenticator | PostgREST (Database API) |
| supabase_auth_admin | Auth |
| supabase_storage_admin | Storage |
| supabase_replication_admin | Synchronizes Read Replicas |
| postgres | Supabase Dashboard and External Tools (e.g., Prisma, SQLAlchemy, PSQL...) |
| Custom roles defined by user | External Tools (e.g., Prisma, SQLAlchemy, PSQL...) |
For those wondering about the anon, authenticated, and service_role users, they're not true "roles". They're "role groups" (permission groups) that the authenticator impersonates after connecting to the database. The concept is explained in another Gist