Skip to content

[Merge after #472][PostgREST][Portal DB] Add Auth0 JWT config for Portal UI RLS access #474

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 55 commits into
base: main
Choose a base branch
from
Open

[Merge after #472][PostgREST][Portal DB] Add Auth0 JWT config for Portal UI RLS access #474

wants to merge 55 commits into from

Conversation

@commoddity
Copy link
Contributor

@commoddity commoddity commented Oct 10, 2025
edited
Loading

🌿 Summary

Add Auth0 JWT configuration for Portal UI Row-Level Security (RLS) access

🌱 Primary Changes:

  • Implement dual JWT authentication supporting both backend services (HS256) and frontend users (RS256 via Auth0)
  • Add Row-Level Security policies for frontend users with user-scoped access to portal accounts and applications
  • Configure JWKS-based JWT verification with support for both symmetric (backend) and asymmetric (Auth0) keys
  • Create new authenticated_user role with RLS policies based on portal_account_rbac permissions

🍃 Secondary changes:

  • Update JWT generation script to support environment-based secret management and improved CLI options
  • Add JWKS file management with 1Password integration for Grove employees

Pascal van Leeuwen and others added 30 commits September 16, 2025 19:32
POC PostgREST implementation
c7a8205
claude cmd_code_review
ab56f4c
move postgrest config to file and add file documentation
6efdaf3
clean up PostgREST config and update documentation
9c9a2dc
@commoddity
Merge branch 'main' into postgrest
6e23da3
@fredteumer
adding legacy transforms for Grove Portal
45d0747
Merge remote-tracking branch 'origin/main' into postgrest
174d5b9
@fredteumer
enhancing hydration scripts, fixing schema, enhancing transform
568d917
@fredteumer
fixing bug with hydrate-applications
1768561
@fredteumer
fixing syntax error in schema after adjustments
7a7645d
@fredteumer
updating schema for legacy compatibility. fixes to transforms
3dccba2
@fredteumer
adding auth to schema. enhancing transform to bring over legacy auth …
0cc5fe3 
…tables
minor file reorganizations
e0e0149
Merge branch 'portal-db-elt' of github.com:buildwithgrove/path into p…
b44e1b7 
…ostgrest
add transaction example
bd53fbe
fix go sdk generation
ea7a0b3
fix: implement review comments
546354d
add Typescript SDK
d5e6928
use better ts open api generation
81edda5
@Olshansk
Merge branch 'main' into portal-db-elt
8990b2c
Merge branch 'portal-db-elt' of github.com:buildwithgrove/path into p…
d5ffa0f 
…ostgrest
@commoddity
Merge branch 'main' into portal-db-elt
bdf7f82
Merge branch 'portal-db-elt' of github.com:buildwithgrove/path into p…
e40262d 
…ostgrest
update sdks after pulling main
8e2a00c
add production pg dump
af9ead1
check port docker container
1f3e0c5
@Olshansk
Minor nits before leaving comments
b9af073
chore: merge conflicts
07533e0
fix hydrate-prod script
ff3b373
@Olshansk
Merge with main
14e030a
Olshansk and others added 23 commits October 1, 2025 18:38
@Olshansk
WIP
5336763
@Olshansk
Remove all the .ts files
4e9a3a7
@Olshansk
Merge branch 'postgrest' into postgrest-sdk
afb89a1
@Olshansk
Revert "Remove all the .ts files"
20895f3 
This reverts commit 4e9a3a7.
@Olshansk
Delete all sdk gen code
e2e1615
@Olshansk
Merge branch 'postgrest' into postgrest-sdk
49d90dd
@Olshansk
Revert "Delete all sdk gen code"
2cace06 
This reverts commit e2e1615.
chore: merge conflicts
f5953c0
fix sdk gen script and add auth password sql file
7fd85f0
feat: add authenticator password script
af56c90
remove TS SDK
9d50b3c
add typescript SDK
82e808b
fix ts readme
6d693b6
add SQL for aux services
8d29335
remove duplicate scripts
eba8d31
generate latest sdks
e781b45
fix legacy owner filter
57aaca3
fix sdk generation
59f4ba1
USe openapi-typescript for TS codegen
d629788
rename grove backend sql file
0e2004c
add openapi-react-query to example
5cfbfa8
use NPM package name in README.md
77b4d66
add Auth0 JWT portal DB access config for portal UI access
51fb8dc
@commoddity commoddity changed the title [PostgREST][Portal DB] Add Auth0 JWT config for Portal UI RLS access [Merge after #472][PostgREST][Portal DB] Add Auth0 JWT config for Portal UI RLS access Oct 10, 2025
@commoddity commoddity self-assigned this Oct 10, 2025
@commoddity commoddity requested a review from Olshansk October 10, 2025 19:46
@commoddity commoddity added this to the Portal Features milestone Oct 10, 2025
@commoddity commoddity requested a review from fredteumer October 10, 2025 19:47
Base automatically changed from postgrest-sdk-typescript to main October 17, 2025 20:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Olshansk Olshansk Awaiting requested review from Olshansk

@fredteumer fredteumer Awaiting requested review from fredteumer

At least 1 approving review is required to merge this pull request.

Assignees

@commoddity commoddity

Labels

portal-db

Projects

None yet

Milestone

Portal Features

Development

Successfully merging this pull request may close these issues.

4 participants

@commoddity @fredteumer @Olshansk