keyhippo@keyhippo

v1.2.0Created 4 months agoBy keyhippo

KeyHippo PostgreSQL Extension

KeyHippo extends Supabase's Row Level Security (RLS) to support API key authentication and Role-Based Access Control (RBAC) directly in Postgres.

Installation

Install the KeyHippo extension in your PostgreSQL database:

select dbdev.install('keyhippo@keyhippo');
create extension "keyhippo@keyhippo" version '1.2.0';

For updates, visit the KeyHippo extension catalog entry.

Core Features

API Key Authentication

KeyHippo enables secure API key management directly in Postgres. Each API key is hashed for storage, ensuring plaintext keys are never exposed.

Unified RLS Policies

With KeyHippo, session tokens and API keys can coexist under unified RLS policies, simplifying authentication logic.

Role-Based Access Control (RBAC)

Define fine-grained access control through groups, roles, and permissions that integrate seamlessly with your database.

Impersonation

Administrators can impersonate users for troubleshooting or support tasks without compromising security.

Usage

API Key Management

Generate an API key for an authenticated user:

SELECT * FROM keyhippo.create_api_key('Primary API Key', 'default');

Revoke an API key:

SELECT keyhippo.revoke_api_key('<api_key_id>');

Rotate an API key (revoke the old one, create a new one):

SELECT * FROM keyhippo.rotate_api_key('<old_api_key_id>');

Full usage details can be found on GitHub.

Integration with Supabase

KeyHippo integrates with Supabase and PostgREST, enabling API key and RBAC functionality within your existing stack.

Security Highlights

  • Hashed Keys: Only key hashes are stored, ensuring plaintext keys are unavailable after creation.
  • Scoped Permissions: API keys include scoping to restrict their usage.
  • Session Interoperability: Works alongside session-based authentication.

Contribution

Contributions are welcome. See our Contributing Guide for details.

License

KeyHippo is distributed under the MIT license. See the LICENSE file for more information.

Support

For technical issues, open a GitHub issue. For commercial support, visit keyhippo.com.

Install

  1. Install the dbdev package manager
  2. Install the package:
select dbdev.install('keyhippo@keyhippo');
create extension "keyhippo@keyhippo"
    version '1.2.0';

Downloads

  • 482 all time downloads
  • 101 downloads in the last 30 days
  • 308 downloads in the last 90 days
  • 482 downloads in the last 180 days