Hi,
Do you mean removing the toggle to see the private API key in plain text ? It was made possible to easily copy/paste the key from Supabase to Supabase Auth plugin and make you able to check they are the same.
I understand your concern, I think it’s doable and it would make sense. But be aware technical people could still access it even if we remove the toggle or the field itself, as the plugin settings are loaded in the editor so we can make admin API call to parse your database and display your available tables and columns in plugin actions or make your users manageable from the Users panel.
You can refer to the post I wrote there for more explanation => WeWeb Security Concerns - #7 by Alexis