Signup/Login fails due to internal update on profiles — permission denied (SQLSTATE 42501)

Question

Signup/Login fails due to internal update on profiles — permission denied (SQLSTATE 42501)

Opened this issue 3 months ago · 0 comments

I’m running into a critical issue on my Supabase project (rzcrqgihhwavioomvetu) where both signup and login fail with a 500 error. The logs show:

Database error saving new user
permission denied for table profiles (SQLSTATE 42501)

And during login:
error update user’s last_sign_in field: ERROR: permission denied for table profiles

I’ve confirmed:

•	RLS is enabled on profiles
•	authenticated has full insert, select, update, and delete privileges
•	Policies for insert and update are fully permissive (with check (true))

Even after dropping/recreating the table, users, and policies, Supabase’s internal auth system still attempts to write to profiles during signup and login, and fails. I’ve also tried disabling RLS entirely, login then succeeds, which confirms the internal write is the blocker.

If Supabase is going to internally write to profiles (e.g., during last_sign_in_at updates), it needs to be documented, or allow devs to disable this behavior. Right now it makes profiles essentially unusable with RLS.

Please lmk how to stop this or what permissions Supabase Auth expects to perform behind the scenes.

Thanks.