supabase-api-v1 — quality + safety report

---
name: supabase-api-v1
description: "Supabase API (v1) API skill. Use when working with Supabase API (v1) for branches, projects, organizations. Covers 158 endpoints."
version: 1.0.0
generator: lapsh
---

# Supabase API (v1)
API version: 1.0.0

## Auth
Bearer bearer

## Base URL
Not specified.

## Setup
1. Set Authorization header with your Bearer token
2. GET /v1/projects -- verify access
3. POST /v1/branches/{branch_id_or_ref}/push -- create first push

## Endpoints

158 endpoints across 5 groups. See references/api-spec.lap for full details.

### branches
| Method | Path | Description |
|--------|------|-------------|
| GET | /v1/branches/{branch_id_or_ref} | Get database branch config |
| PATCH | /v1/branches/{branch_id_or_ref} | Update database branch config |
| DELETE | /v1/branches/{branch_id_or_ref} | Delete a database branch |
| POST | /v1/branches/{branch_id_or_ref}/push | Pushes a database branch |
| POST | /v1/branches/{branch_id_or_ref}/merge | Merges a database branch |
| POST | /v1/branches/{branch_id_or_ref}/reset | Resets a database branch |
| POST | /v1/branches/{branch_id_or_ref}/restore | Restore a scheduled branch deletion |
| GET | /v1/branches/{branch_id_or_ref}/diff | [Beta] Diffs a database branch |

### projects
| Method | Path | Description |
|--------|------|-------------|
| GET | /v1/projects | List all projects |
| POST | /v1/projects | Create a project |
| GET | /v1/projects/available-regions | [Beta] Gets the list of available regions that can be used for a new project |
| GET | /v1/projects/{ref}/actions | List all action runs |
| HEAD | /v1/projects/{ref}/actions | Count the number of action runs |
| GET | /v1/projects/{ref}/actions/{run_id} | Get the status of an action run |
| PATCH | /v1/projects/{ref}/actions/{run_id}/status | Update the status of an action run |
| GET | /v1/projects/{ref}/actions/{run_id}/logs | Get the logs of an action run |
| GET | /v1/projects/{ref}/api-keys | Get project api keys |
| POST | /v1/projects/{ref}/api-keys | Creates a new API key for the project |
| GET | /v1/projects/{ref}/api-keys/legacy | Check whether JWT based legacy (anon, service_role) API keys are enabled. This API endpoint will be removed in the future, check for HTTP 404 Not Found. |
| PUT | /v1/projects/{ref}/api-keys/legacy | Disable or re-enable JWT based legacy (anon, service_role) API keys. This API endpoint will be removed in the future, check for HTTP 404 Not Found. |
| PATCH | /v1/projects/{ref}/api-keys/{id} | Updates an API key for the project |
| GET | /v1/projects/{ref}/api-keys/{id} | Get API key |
| DELETE | /v1/projects/{ref}/api-keys/{id} | Deletes an API key for the project |
| GET | /v1/projects/{ref}/branches | List all database branches |
| POST | /v1/projects/{ref}/branches | Create a database branch |
| DELETE | /v1/projects/{ref}/branches | Disables preview branching |
| GET | /v1/projects/{ref}/branches/{name} | Get a database branch |
| GET | /v1/projects/{ref}/custom-hostname | [Beta] Gets project's custom hostname config |
| DELETE | /v1/projects/{ref}/custom-hostname | [Beta] Deletes a project's custom hostname configuration |
| POST | /v1/projects/{ref}/custom-hostname/initialize | [Beta] Updates project's custom hostname configuration |
| POST | /v1/projects/{ref}/custom-hostname/reverify | [Beta] Attempts to verify the DNS configuration for project's custom hostname configuration |
| POST | /v1/projects/{ref}/custom-hostname/activate | [Beta] Activates a custom hostname for a project. |
| GET | /v1/projects/{ref}/jit-access | [Beta] Get project's just-in-time access configuration. |
| PUT | /v1/projects/{ref}/jit-access | [Beta] Update project's just-in-time access configuration. |
| POST | /v1/projects/{ref}/network-bans/retrieve | [Beta] Gets project's network bans |
| POST | /v1/projects/{ref}/network-bans/retrieve/enriched | [Beta] Gets project's network bans with additional information about which databases they affect |
| DELETE | /v1/projects/{ref}/network-bans | [Beta] Remove network bans. |
| GET | /v1/projects/{ref}/network-restrictions | [Beta] Gets project's network restrictions |
| PATCH | /v1/projects/{ref}/network-restrictions | [Alpha] Updates project's network restrictions by adding or removing CIDRs |
| POST | /v1/projects/{ref}/network-restrictions/apply | [Beta] Updates project's network restrictions |
| GET | /v1/projects/{ref}/pgsodium | [Beta] Gets project's pgsodium config |
| PUT | /v1/projects/{ref}/pgsodium | [Beta] Updates project's pgsodium config. Updating the root_key can cause all data encrypted with the older key to become inaccessible. |
| GET | /v1/projects/{ref}/postgrest | Gets project's postgrest config |
| PATCH | /v1/projects/{ref}/postgrest | Updates project's postgrest config |
| GET | /v1/projects/{ref} | Gets a specific project that belongs to the authenticated user |
| DELETE | /v1/projects/{ref} | Deletes the given project |
| PATCH | /v1/projects/{ref} | Updates the given project |
| GET | /v1/projects/{ref}/secrets | List all secrets |
| POST | /v1/projects/{ref}/secrets | Bulk create secrets |
| DELETE | /v1/projects/{ref}/secrets | Bulk delete secrets |
| GET | /v1/projects/{ref}/ssl-enforcement | [Beta] Get project's SSL enforcement configuration. |
| PUT | /v1/projects/{ref}/ssl-enforcement | [Beta] Update project's SSL enforcement configuration. |
| GET | /v1/projects/{ref}/types/typescript | Generate TypeScript types |
| GET | /v1/projects/{ref}/vanity-subdomain | [Beta] Gets current vanity subdomain config |
| DELETE | /v1/projects/{ref}/vanity-subdomain | [Beta] Deletes a project's vanity subdomain configuration |
| POST | /v1/projects/{ref}/vanity-subdomain/check-availability | [Beta] Checks vanity subdomain availability |
| POST | /v1/projects/{ref}/vanity-subdomain/activate | [Beta] Activates a vanity subdomain for a project. |
| POST | /v1/projects/{ref}/upgrade | [Beta] Upgrades the project's Postgres version |
| GET | /v1/projects/{ref}/upgrade/eligibility | [Beta] Returns the project's eligibility for upgrades |
| GET | /v1/projects/{ref}/upgrade/status | [Beta] Gets the latest status of the project's upgrade |
| GET | /v1/projects/{ref}/readonly | Returns project's readonly mode status |
| POST | /v1/projects/{ref}/readonly/temporary-disable | Disables project's readonly mode for the next 15 minutes |
| POST | /v1/projects/{ref}/read-replicas/setup | [Beta] Set up a read replica |
| POST | /v1/projects/{ref}/read-replicas/remove | [Beta] Remove a read replica |
| GET | /v1/projects/{ref}/health | Gets project's service health status |
| POST | /v1/projects/{ref}/config/auth/signing-keys/legacy | Set up the project's existing JWT secret as an in_use JWT signing key. This endpoint will be removed in the future always check for HTTP 404 Not Found. |
| GET | /v1/projects/{ref}/config/auth/signing-keys/legacy | Get the signing key information for the JWT secret imported as signing key for this project. This endpoint will be removed in the future, check for HTTP 404 Not Found. |
| POST | /v1/projects/{ref}/config/auth/signing-keys | Create a new signing key for the project in standby status |
| GET | /v1/projects/{ref}/config/auth/signing-keys | List all signing keys for the project |
| GET | /v1/projects/{ref}/config/auth/signing-keys/{id} | Get information about a signing key |
| DELETE | /v1/projects/{ref}/config/auth/signing-keys/{id} | Remove a signing key from a project. Only possible if the key has been in revoked status for a while. |
| PATCH | /v1/projects/{ref}/config/auth/signing-keys/{id} | Update a signing key, mainly its status |
| GET | /v1/projects/{ref}/config/auth | Gets project's auth config |
| PATCH | /v1/projects/{ref}/config/auth | Updates a project's auth config |
| POST | /v1/projects/{ref}/config/auth/third-party-auth | Creates a new third-party auth integration |
| GET | /v1/projects/{ref}/config/auth/third-party-auth | Lists all third-party auth integrations |
| DELETE | /v1/projects/{ref}/config/auth/third-party-auth/{tpa_id} | Removes a third-party auth integration |
| GET | /v1/projects/{ref}/config/auth/third-party-auth/{tpa_id} | Get a third-party integration |
| POST | /v1/projects/{ref}/pause | Pauses the given project |
| GET | /v1/projects/{ref}/restore | Lists available restore versions for the given project |
| POST | /v1/projects/{ref}/restore | Restores the given project |
| POST | /v1/projects/{ref}/restore/cancel | Cancels the given project restoration |
| GET | /v1/projects/{ref}/billing/addons | List billing addons and compute instance selections |
| PATCH | /v1/projects/{ref}/billing/addons | Apply or update billing addons, including compute instance size |
| DELETE | /v1/projects/{ref}/billing/addons/{addon_variant} | Remove billing addons or revert compute instance sizing |
| GET | /v1/projects/{ref}/claim-token | Gets project claim token |
| POST | /v1/projects/{ref}/claim-token | Creates project claim token |
| DELETE | /v1/projects/{ref}/claim-token | Revokes project claim token |
| GET | /v1/projects/{ref}/advisors/performance | Gets project performance advisors. |
| GET | /v1/projects/{ref}/advisors/security | Gets project security advisors. |
| GET | /v1/projects/{ref}/analytics/endpoints/logs.all | Gets project's logs |
| GET | /v1/projects/{ref}/analytics/endpoints/usage.api-counts | Gets project's usage api counts |
| GET | /v1/projects/{ref}/analytics/endpoints/usage.api-requests-count | Gets project's usage api requests count |
| GET | /v1/projects/{ref}/analytics/endpoints/functions.combined-stats | Gets a project's function combined statistics |
| POST | /v1/projects/{ref}/cli/login-role | [Beta] Create a login role for CLI with temporary password |
| DELETE | /v1/projects/{ref}/cli/login-role | [Beta] Delete existing login roles used by CLI |
| GET | /v1/projects/{ref}/database/migrations | [Beta] List applied migration versions |
| POST | /v1/projects/{ref}/database/migrations | [Beta] Apply a database migration |
| PUT | /v1/projects/{ref}/database/migrations | [Beta] Upsert a database migration without applying |
| DELETE | /v1/projects/{ref}/database/migrations | [Beta] Rollback database migrations and remove them from history table |
| GET | /v1/projects/{ref}/database/migrations/{version} | [Beta] Fetch an existing entry from migration history |
| PATCH | /v1/projects/{ref}/database/migrations/{version} | [Beta] Patch an existing entry in migration history |
| POST | /v1/projects/{ref}/database/query | [Beta] Run sql query |
| POST | /v1/projects/{ref}/database/query/read-only | [Beta] Run a sql query as supabase_read_only_user |
| POST | /v1/projects/{ref}/database/webhooks/enable | [Beta] Enables Database Webhooks on the project |
| GET | /v1/projects/{ref}/database/context | Gets database metadata for the given project. |
| PATCH | /v1/projects/{ref}/database/password | Updates the database password |
| GET | /v1/projects/{ref}/database/jit | Get user-id to role mappings for JIT access |
| POST | /v1/projects/{ref}/database/jit | Authorize user-id to role mappings for JIT access |
| PUT | /v1/projects/{ref}/database/jit | Updates a user mapping for JIT access |
| GET | /v1/projects/{ref}/database/jit/list | List all user-id to role mappings for JIT access |
| DELETE | /v1/projects/{ref}/database/jit/{user_id} | Delete JIT access by user-id |
| GET | /v1/projects/{ref}/functions | List all functions |
| POST | /v1/projects/{ref}/functions | Create a function |
| PUT | /v1/projects/{ref}/functions | Bulk update functions |
| POST | /v1/projects/{ref}/functions/deploy | Deploy a function |
| GET | /v1/projects/{ref}/functions/{function_slug} | Retrieve a function |
| PATCH | /v1/projects/{ref}/functions/{function_slug} | Update a function |
| DELETE | /v1/projects/{ref}/functions/{function_slug} | Delete a function |
| GET | /v1/projects/{ref}/functions/{function_slug}/body | Retrieve a function body |
| GET | /v1/projects/{ref}/storage/buckets | Lists all buckets |
| GET | /v1/pro

… (truncated)