- About removing the toggle : yes that would be great
I understand that it won’t prevent a sophisticated (or at least tech-informed) attack, but it’s already a great thing to prevent a too easy access to our service_role key !
I agree, I will ask the product team and see if we can make the change 
- There is one point I’m not sure to get in your explanation : I get that the service_role key is used to both get / set users and roles, and also to get the information_schema for editor purposes (especially on CRUD actions, and it’s indeed very practical to use), but it’s only a parameter for the supabase auth plugin. What happens if I don’t use the auth plugin, only the basic one ?
Will the tables and fields list just not be available in the editor ?
Oh you’re right, so it’s only required in our Auth plugin, it probably means we dont need it to retrieve the schema. So we can probably make it optional at the cost of losing access to users management feature in the editor.
- And finally I have one question that may be naive : why not do all admin Supabase API calls through a proxy on your server that would just add the service-role key to headers and do the request server side ? From what I understand this could serve both functional needs for the weweb editor and our worries about access to the service_role.
It was the main solution I was exploring indeed. It’s already a pattern we are used to. For example we have a few microservice where their only purpose is to hide the API key and restrict his usage to the specific endpoint we defined around it (Airtable, Smartsuite,…) because such services api key was not made to be used from a front end. Maybe we should take a similar approach with the credential with use in the editor as we have now many users building with a whole team and sharing sensitive stuff with each others.
The issue is as we plan to allow people to build and publish custom plugins themselves in WeWeb, they will not be able to follow the same pattern (unless we provide a way to write custom server code but it’s not planned yet).
Anyways, we will try to figure out how to better manage credentials in the editor, thanks for your feedback!