Supabase backup

Back up the whole Supabase project. Recover it as one.

ReviveDB protects your database, Auth, Storage files, Edge Functions and recoverable project configuration in one off-platform recovery point—then checks the pieces that can be verified automatically.

The recovery boundary

PostgreSQL is the core, not the whole project

Supabase spreads application state across PostgreSQL and several platform APIs. A useful backup has to preserve those boundaries without pretending everything belongs in one database restore.

Database and Auth data

Schemas, rows, identities, RLS policies, functions, triggers, grants, sequences, publications and supported extensions.

Storage buckets and files

Bucket settings, object metadata and the actual bytes, read back and verified with SHA-256.

Edge Functions

Function bundles and deployment metadata, stored off-platform and verified by hash before recovery is accepted.

Project configuration

Recoverable Auth, Data API, Realtime and Storage settings captured in a versioned recovery manifest.

Secrets and new keys

Secret names are inventoried without copying their values. Manual key and secret work becomes an explicit checklist.

Three different kinds of protection

These approaches complement each other. Native backups are strong for database rollback. General tools are flexible. ReviveDB focuses on reconstructing a Supabase application across component boundaries.

ComponentSupabase database backupGeneral backup platformReviveDB
PostgreSQL databaseIncludedUsually includedRestored and compared
Auth users and identitiesDatabase stateDepends on dump scopePlatform-aware migration
Storage object bytesNot in database backupsSeparate job or add-onIncluded and hash-verified
Edge FunctionsSeparate from database backupSeparate job or add-onBundles captured and verified
Project configurationSeparate recovery workUsually exported separatelySupported settings in one manifest
Secret valuesManualDepends on setupChecklist generated; values never copied
Recovery resultDatabase restoreArtifacts or separate jobsOne component-aware report

Supabase documents that its database backups exclude Storage object bytes and that restoring to a new project requires separate work for several platform components. See the official database backup documentation and new-project restore documentation.

Provider-aware recovery

The moat is in the restore

Copying files is necessary. Knowing how Supabase-owned state can be restored safely—and proving the result—is the harder part.

  1. 1

    Connect with Supabase OAuth

    Choose a project without pasting API keys. Recent projects can use temporary database access; older projects may need a database-password fallback.

  2. 2

    Capture one recovery point

    Create the consistent database dump, copy Storage bytes and metadata, store Function bundles, and inventory supported configuration.

  3. 3

    Verify every component

    Restore the database into isolated PostgreSQL, compare its inventory, hash-check objects and bundles, and detect project changes during capture.

  4. 4

    Recover in the right order

    Preflight compatibility, make a safety backup for rollback, restore database and Auth data, then Storage, Functions and safe configuration.

  5. 5

    Finish with an honest report

    Any automatically verifiable mismatch fails the restore. Secret values and non-transferable provider settings remain explicit manual actions.

Complete does not mean pretending secrets are portable

ReviveDB never stores Edge Function or Vault secret values. New project API keys, secret values and provider infrastructure remain controlled manual steps, listed in the recovery report instead of hidden behind a green badge.

  • Secret names inventoried
  • New API keys reported
  • Destructive reconcile requires confirmation
  • Automatically detectable mismatches fail

Supabase backup questions

Create your first complete recovery point

One Supabase project, up to 1 GB, no card required.

Connect Supabase