IMPORTANT: Need to pass BOTH apikey and Authorization headers!

[princefishthrower]

Just wasted approx 5 hours when I realized you need to pass both an apikey AND Authorization key when initializing the client:

client := postgrest.NewClient(os.Getenv("SUPABASE_REST_URL"), "public", map[string]string{"apikey": os.Getenv("SUPABASE_SERVICE_KEY"), "Authorization": "Bearer " + os.Getenv("SUPABASE_SERVICE_KEY")})

IMO opinion this should anyway become a single field call 'key' or something, and then within the library itself it is applied to

Hoping this helps anyone who probably otherwise assumed (like I did) that this library was broken!

Please update the README to reflect this information!

[muratmirgun]

Thanks for opening your first issue here! 🎉 I'm looking to inspect and correct

[craigpastro]

There is the TokenAuth method on the client that will add both the bearer token and the apikey. But, actually, this is a bit strange isn't it? Is this supposed to be a generic PostgREST client? Then I wouldn't expect that invoking TokenAuth would also set the apikey header. I had a look at the JS and Rust clients and they do not set that header.

[zoogeny]

@craigpastro I created a separate issue (https://github.com/supabase-community/postgrest-go/issues/32) which I think addresses your comment. Being able to independently set the Authorization and apiKey headers would be useful for Row Level Security purposes.

[craigpastro]

@zoogeny Yeah, that is perfect. Thanks for that 🙌

[whoiscarlo]

hey @craigpastro I just I created a PR #41 to help fix this issue =)