supabase-rate-limits
Implement Supabase rate limiting, backoff, and idempotency patterns. Use when handling rate limit errors, implementing retry logic, or optimizing API request throughput for Supabase. Trigger with phrases like "supabase rate limit", "supabase throttling", "supabase 429", "supabase retry", "supabase backoff".
Install
mkdir -p .claude/skills/supabase-rate-limits && curl -L -o skill.zip "https://mcp.directory/api/skills/download/5400" && unzip -o skill.zip -d .claude/skills/supabase-rate-limits && rm skill.zipInstalls to .claude/skills/supabase-rate-limits
About this skill
Supabase Rate Limits
Overview
Supabase enforces rate limits and quotas across every API surface — PostgREST, Auth, Storage, Realtime, and Edge Functions. Limits scale by plan tier. This skill covers the exact numbers per tier, connection pooling via Supavisor, retry/backoff patterns, pagination to reduce payload, and dashboard monitoring so you can stay within quotas and handle 429 errors gracefully.
Prerequisites
- Active Supabase project (any tier)
@supabase/supabase-jsv2+ installed- Project URL and anon/service-role key available
- Node.js 18+ or equivalent runtime
Instructions
Step 1 — Understand Rate Limits by Tier and Surface
Every Supabase project has per-surface limits that differ by plan. Know these numbers before you architect:
API Request Limits
| Metric | Free | Pro | Enterprise |
|---|---|---|---|
| Requests per minute (RPM) | 500 | 5,000 | Unlimited (custom) |
| Requests per day (RPD) | 50,000 | 1,000,000 | Unlimited (custom) |
Auth Rate Limits
| Endpoint | Free | Pro |
|---|---|---|
| Signup | 30/hour per IP | Higher (configurable) |
| Sign-in (password) | 30/hour per IP | Higher (configurable) |
| Magic link / OTP | 4/hour per user | Configurable |
| Token refresh | 360/hour | 360/hour |
Auth limits are per-IP and per-user. Configure custom limits in Dashboard > Authentication > Rate Limits.
Storage Bandwidth
| Metric | Free | Pro |
|---|---|---|
| Storage size | 1 GB | 100 GB |
| Bandwidth | 2 GB/month | 250 GB/month |
| Max file size | 50 MB | 5 GB |
| Upload rate | Shared with API RPM | Shared with API RPM |
Realtime Connections
| Metric | Free | Pro |
|---|---|---|
| Concurrent connections | 200 | 500 |
| Messages per second | 100 | 500 |
| Channel joins | Shared with connection limit | Shared |
Edge Functions
| Metric | Free | Pro |
|---|---|---|
| Invocations/month | 500,000 | 2,000,000 |
| Execution time | 150s wall / 50ms CPU | 150s wall / 2s CPU |
| Memory | 256 MB | 256 MB |
Database Connections
| Mode | Free | Pro |
|---|---|---|
| Direct connections | 60 | 100+ |
| Pooled connections (Supavisor) | 200 | 1,500+ |
Step 2 — Configure Connection Pooling with Supavisor
Supavisor is Supabase's built-in connection pooler (replaced PgBouncer). It supports two modes:
Transaction mode (port 6543) — recommended for serverless:
import { createClient } from '@supabase/supabase-js'
// Transaction mode: connections returned to pool after each transaction
// Best for: serverless functions, Edge Functions, high-concurrency apps
const supabase = createClient(
'https://your-project.supabase.co',
process.env.SUPABASE_ANON_KEY!,
{
db: {
// Use the pooler connection string with port 6543
// Format: postgresql://postgres.[ref]:[password]@aws-0-[region].pooler.supabase.com:6543/postgres
}
}
)
// For direct Postgres connections (e.g., Prisma, Drizzle), add pgbouncer=true
// Connection string: postgresql://[email protected]:6543/postgres?pgbouncer=true
Session mode (port 5432) — for LISTEN/NOTIFY and prepared statements:
// Session mode: dedicated connection per client session
// Best for: long-lived connections, LISTEN/NOTIFY, prepared statements
// Connection string: postgresql://[email protected]:5432/postgres
When to use which mode:
| Use case | Mode | Port |
|---|---|---|
| Serverless / Edge Functions | Transaction | 6543 |
| Next.js API routes | Transaction | 6543 |
| Long-running workers | Session | 5432 |
| Realtime subscriptions | Direct (no pooler) | 5432 |
| Prisma / Drizzle ORM | Transaction + ?pgbouncer=true | 6543 |
Step 3 — Implement Retry, Pagination, and Monitoring
Retry with exponential backoff for 429 errors:
import { createClient, SupabaseClient } from '@supabase/supabase-js'
const supabase = createClient(
process.env.SUPABASE_URL!,
process.env.SUPABASE_ANON_KEY!
)
interface RetryConfig {
maxRetries: number
baseDelayMs: number
maxDelayMs: number
}
async function withRetry<T>(
operation: () => Promise<{ data: T | null; error: any }>,
config: RetryConfig = { maxRetries: 3, baseDelayMs: 500, maxDelayMs: 10_000 }
): Promise<T> {
for (let attempt = 0; attempt <= config.maxRetries; attempt++) {
const { data, error } = await operation()
if (!error) return data as T
const isRetryable =
error.message?.includes('rate limit') ||
error.message?.includes('too many requests') ||
error.code === '429' ||
error.code === 'PGRST000' // connection pool exhausted
if (!isRetryable || attempt === config.maxRetries) {
throw new Error(`Supabase error after ${attempt + 1} attempts: ${error.message}`)
}
// Check Retry-After header if available
const retryAfter = error.details?.retryAfter
const delay = retryAfter
? retryAfter * 1000
: Math.min(
config.baseDelayMs * Math.pow(2, attempt) + Math.random() * 200,
config.maxDelayMs
)
console.warn(`[supabase-retry] Attempt ${attempt + 1}/${config.maxRetries}, waiting ${delay}ms`)
await new Promise((resolve) => setTimeout(resolve, delay))
}
throw new Error('Unreachable')
}
// Usage — wraps any Supabase query
const users = await withRetry(() =>
supabase.from('users').select('id, email, created_at').eq('active', true)
)
Pagination to reduce payload and stay within limits:
// Use .range() to paginate — reduces response size and avoids timeouts
async function fetchPaginated<T>(
table: string,
pageSize = 100,
filters?: (query: any) => any
): Promise<T[]> {
const allRows: T[] = []
let from = 0
while (true) {
let query = supabase.from(table).select('*', { count: 'exact' })
if (filters) query = filters(query)
const { data, error, count } = await query.range(from, from + pageSize - 1)
if (error) throw error
if (!data || data.length === 0) break
allRows.push(...(data as T[]))
from += pageSize
// Stop if we've fetched everything
if (count !== null && from >= count) break
}
return allRows
}
// Usage
const allProducts = await fetchPaginated('products', 100, (q) =>
q.eq('status', 'active').order('created_at', { ascending: false })
)
// Simple single-page fetch with .range()
const { data } = await supabase
.from('orders')
.select('id, total, status')
.range(0, 99) // First 100 rows (0-indexed)
.order('created_at', { ascending: false })
Monitor usage via the Dashboard:
- Navigate to Dashboard > Reports > API Usage
- Check the "API Requests" chart for RPM/RPD trends
- Review "Database" section for connection count and pool utilization
- Set up alerts in Dashboard > Settings > Notifications for:
- API request threshold (e.g., 80% of RPM limit)
- Database connection saturation
- Storage bandwidth approaching limit
Batch operations to reduce request count:
// BAD: N individual inserts = N requests against your RPM
// for (const item of items) await supabase.from('items').insert(item)
// GOOD: single batch insert (max ~1000 rows per request)
const { data, error } = await supabase
.from('items')
.upsert(batchOfItems, { onConflict: 'external_id' })
.select()
// For larger batches, chunk into groups
function chunk<T>(arr: T[], size: number): T[][] {
return Array.from({ length: Math.ceil(arr.length / size) }, (_, i) =>
arr.slice(i * size, i * size + size)
)
}
for (const batch of chunk(largeDataset, 500)) {
await withRetry(() =>
supabase.from('items').upsert(batch, { onConflict: 'external_id' }).select()
)
}
Output
After applying this skill you will have:
- Clear understanding of rate limits per tier (Free: 500 RPM / 50K RPD, Pro: 5K RPM / 1M RPD)
- Connection pooling configured via Supavisor (port 6543 transaction mode for serverless)
- Retry wrapper with exponential backoff handling 429 errors
- Paginated queries using
.range(0, 99)to reduce payload size - Batch upsert pattern reducing N requests to 1
- Dashboard monitoring configured for API usage alerts
Error Handling
| Error | Cause | Solution |
|---|---|---|
429 Too Many Requests | Exceeded RPM or RPD limit | Apply withRetry backoff; reduce concurrency; upgrade tier |
PGRST000: could not connect | Connection pool exhausted | Switch to Supavisor transaction mode (port 6543); reduce concurrent queries |
Auth over_request_rate_limit | Too many signups/logins from one IP | Add CAPTCHA; configure custom auth rate limits in Dashboard |
Storage 413 Payload Too Large | File exceeds tier limit | Use TUS resumable upload; check tier file size limit |
Realtime too_many_connections | Concurrent connection limit reached | Unsubscribe unused channels; upgrade to Pro for 500 connections |
Edge Function BOOT_ERROR | Cold start timeout or memory exceeded | Reduce bundle size; avoid large imports at top level |
pgbouncer=true errors with Prisma | Missing connection string parameter | Append ?pgbouncer=true to pooler connection string on port 6543 |
Examples
Example 1 — Serverless Edge Function with rate-limit-safe client:
// supabase/functions/process-webhook/index.ts
import { serve } from 'https://deno.land/[email protected]/http/server.ts'
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
serve(async (req) => {
const supabase = createClient(
Deno.env.get('SUPABASE_URL')!,
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')!
)
const payload = await req.json()
// Batch insert webhook events (single request vs N)
const { error } = await supabase
.from('webhook_events')
.insert(payload.events.map((e: any) => ({
type: e.type,
data: e.data,
received_at: new Date().toISOString(),
})))
if (error) {
console.error('Insert failed:', error.message)
---
*Content truncated.*
More by jeremylongshore
View all skills by jeremylongshore →You might also like
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
pdf-to-markdown
aliceisjustplaying
Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.
Related MCP Servers
Browse all servers
Figma ContextUnlock seamless Figma to code: streamline Figma to HTML with Framelink MCP Server for fast, accurate design-to-code work
Supabase MCP ServerConnect Supabase projects to AI with Supabase MCP Server. Standardize LLM communication for secure, efficient developmen
Microsoft DocsAccess official Microsoft Docs instantly for up-to-date info. Integrates with ms word and ms word online for seamless wo
Feishu (Lark)Integrate Feishu (Lark) for seamless document retrieval, messaging, and collaboration via TypeScript CLI or HTTP server
Reddit BuddyReddit Buddy offers powerful Reddit API tools for browsing, searching, and data annotation with secure access, rate limi
Reddit BuddyReddit Buddy offers clean access to Reddit API, advanced reddit tools, and seamless data annotation reddit with smart ca