Connect
Supabase
Supabase connects through the Supabase Management API OAuth flow (Authorization Code with PKCE). You authorize Modiva from Supabase's own consent screen and pick the organization to share — Modiva can then run SQL on your project's Postgres database, create and manage projects, deploy and update edge functions, and manage branches, secrets, custom domains and service config, through one unified API and MCP server. Supabase access tokens are short-lived; Modiva refreshes them automatically so your connection stays healthy without you reconnecting.
Before you start
- A Supabase account with at least one organization and project.
- Permission to authorize a third-party OAuth app for that organization.
Step-by-step setup
- 1
Sign in to Modiva
Log in at modiva.ai and open the Dashboard. You need a Modiva account before you can connect any platform — creating one takes a minute and no credit card is required for the free tier.

The Modiva dashboard — your home for connections, posts and analytics. - 2
Open Connections → New connection
In the left sidebar choose Connections, then click New connection. You'll see the full catalogue of platforms grouped by category (Social, Ads and CRM).

The connection picker. Use the search box or category filter to find your platform. - 3
Select Supabase
Click the Supabase card. Modiva redirects you to Supabase's official sign-in and permission screen — your password is entered on Supabase, never on Modiva.

Click Connect on the Supabase card to start the secure OAuth flow. - 4
Authorize Modiva on Supabase
Review the permissions Modiva is requesting and approve them. If you manage more than one account, page or profile, pick the one you want Modiva to manage.

Supabase's consent screen. Approve the requested scopes to continue. - 5
You're connected
Supabase now sends you back to Modiva and the connection appears with a green Connected status. From here it's available to every MCP key and API call in your workspace.

A healthy connection shows a green dot and the connected account name.
Permissions Modiva requests
When you connect Supabase, Modiva asks only for the access it needs to run the tools you use. You can revoke it any time from Supabase or by disconnecting in Modiva.
- Read your organizations and their members
- Create & manage projects and preview branches (pause, restore, delete)
- Run SQL queries on your project's Postgres database (read & write)
- Deploy, update & delete edge functions; manage secrets and API keys
- Manage custom domains, and read & update Postgres, PostgREST and Auth config
Troubleshooting & FAQ
Where is my Supabase password stored?
Nowhere. You sign in on the provider's own site and Modiva only receives a scoped access token, which is encrypted at rest with AES-256-GCM. Modiva never sees your password.
My connection says Expired or Error — what do I do?
Open Connections, find the platform and click Reconnect (or Refresh token). Providers periodically expire tokens or revoke them when you change your password; reconnecting re-runs the consent screen and restores access.
How do I disconnect?
Open Connections, click the Supabase row and choose Disconnect. Modiva deletes the stored token immediately. You can also revoke Modiva from inside Supabase's own app settings.
Can the SQL tool write to my database?
Yes. The SQL query tool executes the statements you (or your agent) send — including INSERT, UPDATE, DELETE and DDL — directly on the connected project's Postgres database. It also accepts a read-only flag that rejects writes. Review statements before running them, and consider connecting a staging project if you only want to experiment.
What can Modiva change on my Supabase account?
The connection is read & write: it can create, pause, restore and delete projects, deploy, update and delete edge functions, and manage branches, secrets, API keys, custom domains and service config. Destructive tools (project and function deletion) are labelled irreversible and always take an explicit project ref.
Which Supabase projects can Modiva see?
Only projects in the organization you authorize on the consent screen. Every tool takes an explicit project ref, so nothing runs against a project you didn't pick. You can connect more organizations as separate connections.
My Supabase token keeps refreshing — is that a problem?
No. Supabase Management API tokens are short-lived by design. Modiva stores a refresh token and renews access automatically in the background, so you won't be asked to reconnect unless you revoke access in Supabase.
Need help with Supabase?
Fin can answer follow-up questions and walk you through any step.
Supabase playbooks
Connected? Put Supabase to work with these free growth playbooks.