Row Level Security

Row Level Security (RLS) is a PostgreSQL feature that lets you attach access-control policies to individual tables. Each policy defines a condition — evaluated on every query — that determines which rows a given connection can SELECT, UPDATE, or DELETE. RLS runs below application logic, so even a compromised application server cannot bypass it as long as the database role is correctly constrained.

LearnCoin uses tenant-scoped RLS across Supabase. Every table that holds tenant data includes a tenant_id column, and every RLS policy enforces "current session's tenant_id matches this row's tenant_id." The Supabase client library is configured to set the session tenant_id from the validated Clerk identity, so the tenant boundary is enforced at the database level without relying on application-side filter clauses.

This matters because it closes a common failure mode: developer forgets to add "WHERE tenant_id = X" to a query, and another tenant's data leaks. With RLS, that query returns zero rows instead of the wrong rows. Defense in depth.