Supabase — Your Cloud Database
Supabase is your cloud filing cabinet — it stores your app's data (students, fees, clients, filings) securely in the cloud, accessible from any device.
Your app will need to remember things: who the users are, what fees have been collected, which ITR deadlines are approaching, which client has what status. That information needs to live somewhere permanent, secure, and accessible from anywhere.
That somewhere is Supabase — your cloud database.
What Supabase Is
Supabase is a cloud platform that gives you:
| Service | What it does |
|---|---|
| PostgreSQL database | A structured filing system for your app's data — tables, rows, columns, relationships |
| Authentication | Email/password and social logins, built-in. Users can sign up, sign in, reset passwords. |
| Row Level Security (RLS) | Rules that control which users can see which rows — a CA can only see their own clients, not another CA's |
| Storage | File uploads — PDFs, documents, invoices — stored securely in the cloud |
| Edge Functions | Small pieces of server logic that run close to your users (for emails, webhooks, and calculations) |
The CA analogy: Supabase is a cloud-hosted, multi-purpose filing system combined with a security guard (RLS). It stores your data in structured tables, enforces who can see what, and gives every authorised user access from any device.
Thinking in Tables
A database stores data in tables — exactly like Excel sheets, but more disciplined.
For a school fees app:
| Table | What it stores |
|---|---|
students | id, name, class, parent_phone, admission_date |
fees | id, student_id, term, amount_due, amount_paid, due_date |
staff | id, name, role, branch_id |
Rows are records; columns are fields. The difference from Excel: every column has a strict type (text, number, date, boolean). You cannot put text in a number column. This discipline prevents the messy data problems that plague spreadsheets.
Row Level Security — Why It Matters
Imagine you build a CA firm management app. Each CA in the firm should only see their own clients — not the whole firm's client list.
Supabase's Row Level Security lets you write a rule like:
"A row in the
clientstable is visible only if theassigned_ca_idcolumn matches the currently logged-in user's ID."
This runs at the database level — not in your app code. Even if a bug in your code tries to fetch someone else's data, the database rejects it. Security is enforced at the source.
Hands-On: Create a Supabase Project
- Go to supabase.com and sign up for a free account
- Click New project, name it
training-practice, choose the Singapore region - Once created, go to Table Editor → New table
- Create a table called
clientswith columns:id(uuid, primary key — auto-generated)name(text, not null)pan(text)created_at(timestamp, default: now())
- Click Insert row and add one sample client
You now have a cloud database with a real table and real data — accessible via a URL from anywhere in the world.
Before you move on — can you do all of this?
Click each item you're confident about. Bring the unchecked ones to your next session.
I have a Supabase account and created a project
I understand that Supabase stores data in tables — rows and columns, like a disciplined spreadsheet
I understand what Row Level Security does — rules enforced at the database level
I created a table and inserted a sample row