AbuseGraph + Supabase
Score Supabase Auth events with the AbuseGraph check API.
Keys
| Key | Env | Use |
|---|---|---|
| Secret | ABUSEGRAPH_SECRET_KEY (sk_…) | Edge Function / server |
| Publishable | NEXT_PUBLIC_ABUSEGRAPH_PUBLISHABLE_KEY (pk_…) | Browser SDK |
| Site | ABUSEGRAPH_SITE | Licensed domain |
Env
ABUSEGRAPH_SITE=acme.com
ABUSEGRAPH_CHECK_URL=https://your-app.vercel.app/api/v1/check
ABUSEGRAPH_SECRET_KEY=sk_live_…
Edge Function on signup
import "jsr:@supabase/functions-js/edge-runtime.d.ts"
Deno.serve(async (req) => {
const { email, event = "signup" } = await req.json()
const site = Deno.env.get("ABUSEGRAPH_SITE")!
const res = await fetch(Deno.env.get("ABUSEGRAPH_CHECK_URL")!, {
method: "POST",
headers: {
"content-type": "application/json",
"x-api-key": Deno.env.get("ABUSEGRAPH_SECRET_KEY")!,
"x-abusegraph-site": site,
},
body: JSON.stringify({ email, event, site }),
})
return Response.json(await res.json(), { status: res.status })
})
Browser SDK (optional)
import { init } from "@palisade/sdk"
const sdk = init({
publicKey: process.env.NEXT_PUBLIC_ABUSEGRAPH_PUBLISHABLE_KEY!,
edgeUrl: process.env.NEXT_PUBLIC_ABUSEGRAPH_EDGE_URL!,
})
await sdk.check()