Supabase Connection

Supabase projects are Postgres under the hood, but Supabase exposes three different endpoints for a given project, with subtly different behavior. The Supabase connection type in Mycorr is a thin wrapper over the PostgreSQL connection with guidance on which endpoint to use.

If you just want the short version: use the Session Pooler endpoint on port 5432, with the postgres.<project-ref> username and your project database password. Read on for why.

What you need

A Supabase project (any plan, free tier works).
The database password for your project. This is the one you set during project creation — it's not your Supabase login password and it's not your anon / service-role key.
- Forgot it? In the Supabase dashboard: Project Settings → Database → Reset database password.

You do not need to create a separate Postgres role for Mycorr — Supabase exposes the postgres superuser by default, and the pooler endpoints route through it. If you want stricter least-privilege, create a dedicated read-only role as described in the Postgres connection page.

The three Supabase endpoints

In the Supabase dashboard, Project Settings → Database → Connection string shows three options:

Endpoint	Port	What it is	Use it for Mycorr?
Direct connection	5432	Talks straight to Postgres. IPv6-only on the free / Pro plan unless you have the IPv4 add-on.	Only if you have the IPv4 add-on, or if your network has IPv6.
Session Pooler	5432	Supavisor in session mode — looks like a normal Postgres connection, IPv4-reachable.	Yes — recommended.
Transaction Pooler	6543	Supavisor in transaction mode. One server connection is multiplexed across many clients per transaction.	Works, but session mode is simpler.

Why Session Pooler is recommended

IPv4 by default, so it works from Mycorr's network without any add-ons.
Behaves like a regular Postgres connection — no transaction-mode pitfalls.
Same TLS guarantees as the direct connection.

If you specifically want transaction-pooler semantics (e.g. because that's how the rest of your stack connects), the Transaction Pooler on port 6543 also works — Mycorr disables named prepared statements so the typical prepared statement "sqlx_s_1" already exists collision doesn't occur.

Finding the connection details

In the Supabase dashboard:

Go to Project Settings → Database → Connection string.
Choose the Session pooler tab.

Copy the URI. It looks like:

postgresql://postgres.abcdefghijklmnop:<password>@aws-0-eu-west-1.pooler.supabase.com:5432/postgres

Parse it into the Mycorr form fields:

Mycorr field	From the URI
Host	`aws-0-eu-west-1.pooler.supabase.com` (your region differs)
Port	`5432`
Database	`postgres`
Username	`postgres.abcdefghijklmnop` (note the dot-suffix — that's your project ref)
Password	your project database password

The postgres.<project-ref> username format is mandatory on the pooler endpoints — the project ref tells Supavisor which project to route to.

Setting it up

Go to Settings → Connections → New Connection in Mycorr.
Pick Supabase.
Fill in the fields you parsed from the connection string above.
Leave Require encrypted connection on (Supabase requires TLS).
Test & save.

The form is identical to the PostgreSQL one — pick Supabase so the connection is tagged correctly in your list and displays with the Supabase icon.

SSL / TLS

Supabase's pooler endpoints present certificates signed by a public CA, so Mycorr's default verify-full mode works out of the box — no custom CA certificate needed.

Permissions

Out of the box, Mycorr will connect as the postgres superuser through the pooler. That's fine for reading, but it's broader access than necessary. To follow least-privilege:

-- Run this in the Supabase SQL editor (Project → SQL Editor).
CREATE ROLE mycorr_reader WITH LOGIN PASSWORD '<strong-random-password>';
GRANT USAGE ON SCHEMA public TO mycorr_reader;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO mycorr_reader;
ALTER DEFAULT PRIVILEGES IN SCHEMA public
  GRANT SELECT ON TABLES TO mycorr_reader;

Then use mycorr_reader.<project-ref> as the username in the pooler URL (the dot-suffix is still required for pooler routing).

If you use Supabase's Row-Level Security, remember that policies are evaluated against the connecting role — mycorr_reader will see exactly what your policies allow that role to see.

Importing data

Same as any Postgres connection — see Postgres → Importing data.

Troubleshooting

Error	Likely cause	Fix
`connection refused` / `failed to lookup address` on port 5432	You used the direct connection string and your network has no IPv6	Switch to the Session pooler string (still port 5432)
`password authentication failed`	Wrong password — most often, you used your Supabase login password instead of the database password	Project Settings → Database → Reset database password, copy the new one
`Tenant or user not found`	Username is missing the `.<project-ref>` suffix on a pooler endpoint	Use `postgres.<project-ref>` (or `<your-role>.<project-ref>`)
`SSL error: certificate verify failed`	Stale or self-managed CA bundle on your end	Leave Custom CA certificate blank — Supabase's public CA is in the standard trust store
`prepared statement "..." already exists`	You're on the transaction pooler (port 6543) and Mycorr's auto-disable of named statements didn't take effect	Switch to the session pooler (port 5432), or contact support

Revoking

Two ways:

In Mycorr: Settings → Connections → click the row → Delete.
In Supabase: rotate the database password (Project Settings → Database → Reset database password) or drop the dedicated role. The Mycorr connection will start failing on the next refresh.

Used by

Table imports from your Supabase project, browseable inside any Model's Import panel.