Can I use Clerk for authentication, Prisma as the ORM, and Supabase as my host?

Question

I would like to use Clerk for user authentication, Prisma as my ORM, and Supabase as my database host. I am wondering, is it possible to use prismaClient for db calls to Supabase, while somehow using the JWT returned from Clerk to ensure that the user is authorized to make the calls to Supabase, without using the supabaseClient?

According to the Supabase docs...

import { useAuth } from '@clerk/nextjs'
import supabase from '../lib/supabaseClient'

export default function Home() {
  const { getToken } = useAuth()

  const fetchData = async () => {
    // TODO #1: Replace with your JWT template name
    const token = await getToken({ template: 'supabase' })

    supabase.auth.setAuth(token)

    // TODO #2: Replace with your database table name
    const { data, error } = await supabase.from('your_table').select()

    // TODO #3: Handle the response
  }

  return (
    <button type="button" onClick={fetchData}>
      Fetch data
    </button>
  )
}

What if I wanted to replace that second TODO

    // TODO #2: Replace with your database table name
    const { data, error } = await supabase.from('your_table').select()

by instead using the prismaClient, since that is how I generated the schemas. So, something more like..

const users = await prisma.user.findMany()

Should I only use Prisma to generate and modify the schemas, then use the Supabase client for the db queries?

Should I not use the supabase client at all, and just use Prisma to make the db calls to supabase by passing the userID returned from clerk?

Is there a better option security wise?

Answer 1

Security wise, there are no issues. I don't think any one is better than the other.

You can use prisma to query the database without issues.

It's a matter of preference, if you prefer to use the superbase client to query the database then go ahead. Otherwise, you can use prisma to modify schema and query the database.