Backup and recovery
Backup coverage and limitations
Components included in a recovery point, manual recovery work and current platform limits.
Updated 17 July 2026
Supabase stores application state in PostgreSQL and several platform APIs. ReviveDB records those components in one recovery point and restores each through the appropriate interface.
PostgreSQL database and Auth
- Application and platform schemas included in the logical database dump.
- Tables, rows, sequences, functions, triggers, indexes, RLS policies and supported extensions.
- Supabase Auth users, identities and related database state.
Cluster-wide roles, role passwords, ownership outside the project database and provider infrastructure are not portable database objects and are not recreated.
Supabase Storage
- Bucket inventory and supported bucket settings.
- Actual file bytes, sizes and SHA-256 hashes when Storage access is available.
- Content-addressed deduplication, so unchanged retained files are reused instead of counted repeatedly.
Edge Functions and project configuration
- Edge Function bundles and recoverable function metadata.
- Supported Auth, API, Realtime and Storage configuration returned by the Supabase Management API.
- Secret names are inventoried so the recovery report can list the values that must be supplied manually.
Some Supabase configuration endpoints currently reject OAuth applications. ReviveDB marks those components as unavailable rather than complete. The implementation details are documented in our Management API coverage note.
Not copied
- Edge Function and Vault secret values.
- New-project API keys, custom domains, DNS, external providers and third-party service credentials.
- Provider-level infrastructure such as Supabase project creation, billing settings and platform incident history.