Supabase
Postgres, auth, and realtime as the backend behind growth apps and AI products
Supabase is an open-source backend platform built on Postgres, bundling a full relational database with authentication, row-level security, instant REST and GraphQL APIs, realtime subscriptions, file storage, edge functions, and pgvector for embeddings. It gives teams a production database and the services around it without stitching together separate vendors, while keeping direct SQL access and portability.
We use Supabase as the system of record for the growth and AI products we ship: campaign and lead data in Postgres, row-level security policies that keep every client and user scoped to their own rows, and Auth handling sign-in, magic links, and social providers. Instant APIs and typed client libraries let us wire the same schema into Next.js frontends, edge functions, and internal dashboards without writing a bespoke backend, and Realtime pushes live updates to those surfaces over websockets.
For AI work we lean on pgvector to store embeddings alongside relational data, so retrieval, semantic search, and recommendation features query one database instead of a separate vector store. We run ingestion and enrichment as Edge Functions, schedule jobs with pg_cron, and manage schema through versioned migrations in CI. Because it is plain Postgres underneath, we connect BI tools, warehouse syncs, and analytics pipelines directly, and clients keep full ownership and export of their data.
We land form fills, offline conversions, and ad-platform signals into Supabase Postgres, then expose scoped APIs that feed CRM sync and conversion uploads. Row-level security keeps multi-brand accounts cleanly partitioned.
For a client knowledge assistant we embedded product docs and support history into pgvector and served semantic retrieval straight from Postgres, so relational filters and vector search run in a single query with no extra infrastructure.
We built an internal ops dashboard where Supabase Realtime streams new signups, trial events, and revenue to the team live, backed by Auth and RLS so each stakeholder sees only their segment.
No. Postgres is the core, but we also use its Auth, storage, edge functions, realtime, and pgvector as one platform, which removes a lot of glue code between separate services.
It is open source and standard Postgres underneath, so schemas, data, and SQL are portable. We can self-host or migrate the same database elsewhere if a client's needs change.
We enforce row-level security policies at the database layer and scope Auth-issued tokens, so isolation holds even when multiple brands or users share one instance and API.
