KeyHippo’s PostgreSQL extension is the core component that enables API key management and authentication in your Supabase database. This guide will walk you through the installation process.

Prerequisites

Before installing KeyHippo, ensure you have:

  1. An active Supabase project
  2. Admin access to your Supabase database
  3. Familiarity with SQL and database management

Installation Steps

1. Connect to Your Supabase Database

First, connect to your Supabase database using the SQL Editor in the Supabase dashboard or your preferred PostgreSQL client.

2. Install the Extension

Run the following SQL commands to install the KeyHippo extension:

-- Install the latest version of KeyHippo
SELECT dbdev.install('keyhippo@keyhippo');

-- Create the extension in your database
CREATE EXTENSION "keyhippo@keyhippo" VERSION '0.0.33';

Replace ‘0.0.33’ with the latest version number if a newer version is available. Check the KeyHippo GitHub repository for the most recent version.

3. Verify Installation

To verify that the extension has been installed correctly, you can run:

SELECT * FROM pg_extension WHERE extname = 'keyhippo@keyhippo';

If the installation was successful, this query should return a row with details about the KeyHippo extension.

Post-Installation Setup

After installing the extension, KeyHippo automatically sets up necessary schemas, tables, and functions. However, you may want to perform some additional steps:

1. Set Up Vault Secrets

KeyHippo uses Supabase Vault for storing sensitive information. The installation process should have automatically set up the required secrets, but you can verify this:

SELECT * FROM vault.secrets WHERE name IN ('project_api_key_secret', 'project_jwt_secret');

If these secrets are not present, you may need to run the setup function manually:

SELECT keyhippo.setup_vault_secrets();

2. Grant Necessary Permissions

Ensure that the authenticated and anon roles have the necessary permissions to use KeyHippo functions:

GRANT USAGE ON SCHEMA keyhippo TO authenticated, anon;
GRANT EXECUTE ON FUNCTION keyhippo.create_api_key(TEXT, TEXT) TO authenticated;
GRANT EXECUTE ON FUNCTION keyhippo.revoke_api_key(TEXT, TEXT) TO authenticated;
GRANT EXECUTE ON FUNCTION keyhippo.get_api_key_metadata(UUID) TO authenticated;

Troubleshooting

If you encounter any issues during installation:

  1. Version Conflicts: Ensure you’re using a compatible version of Supabase and PostgreSQL.
  2. Permission Errors: Verify that you have the necessary admin privileges in your Supabase project.
  3. Extension Not Found: Make sure your Supabase project is up to date and supports custom extensions.

If problems persist, consult the KeyHippo GitHub issues or reach out to Supabase support.

Updating KeyHippo

To update KeyHippo to a newer version:

ALTER EXTENSION "keyhippo@keyhippo" UPDATE TO 'new_version_number';

Always check the changelog before updating to ensure compatibility with your current setup.

Next Steps

With the KeyHippo extension installed, you’re ready to start implementing API key authentication in your Supabase project. Next, you’ll want to:

  1. Configure your client application to use KeyHippo
  2. Create your first API key
  3. Implement RLS policies that utilize KeyHippo functions

Configure Client

Learn how to set up the KeyHippo client in your application.

QuickstartConfigure KeyHippo Client