Skip to content
HDC Consultancy.

Backend & data

Supabase

The open-source backend we use to ship app features fast.

Supabase is an open-source backend platform built on PostgreSQL. It bundles a hosted database, user authentication, instant APIs, file storage and real-time updates into one service, so there's no server to build from scratch. HDC uses Supabase when a client site needs accounts, saved data or live features, letting us ship a secure, scalable backend in days rather than weeks.

Ask us about Supabase Official site

Where it shines

  • Built on PostgreSQL, a proper, battle-tested relational database, not a black box
  • User authentication, data, storage and real-time come ready out of the box
  • Generates instant REST and GraphQL APIs from your tables, so there's less backend to write
  • Row Level Security enforces who can see what at the database level
  • Open-source and self-hostable, so a client is never locked into one vendor
  • Generous free tier and predictable pricing make it cost-effective to launch

Trade-offs to weigh

  • Overkill for a simple brochure site that only needs a contact form
  • Real-time and edge features are powerful but add complexity that needs careful design
  • As a younger platform, some advanced Postgres tuning still needs hands-on work

What Supabase is

Supabase is an open-source backend-as-a-service platform, often described as an open alternative to Google’s Firebase. Its job is to give developers everything an application needs behind the scenes, a database, user accounts, file storage, APIs and real-time data, without having to build and maintain each piece from scratch.

What sets it apart is its foundation: every Supabase project is a full PostgreSQL database. That matters because Postgres is one of the most trusted, capable relational databases in the world. On top of it, Supabase layers authentication, auto-generated APIs, file storage, edge functions and live subscriptions, all manageable from one dashboard.

How HDC uses Supabase

Most of the websites we build are fast, static marketing sites, but some clients need genuine application features bolted on, and that’s where Supabase earns its place. In practice we use it to:

  • Add secure user accounts so customers or staff can log into a portal or dashboard.
  • Store structured data, bookings, quotes, enquiries, inventory, in a proper Postgres database.
  • Use Row Level Security so each user only ever sees and edits the data they’re allowed to.
  • Power real-time features, like an office dashboard that updates the instant a new lead arrives.
  • Generate instant APIs from the data model, so we write far less backend code by hand.

We connect Supabase to the parts of the site that need it, usually React islands on top of an Astro front end, so the public pages stay lightning fast while the interactive tools work properly.

Why we apply it

For a small business, a bespoke backend is expensive and slow to build. Supabase changes that maths. Because authentication, the database, storage and APIs come ready-made, the engineering effort goes straight into the features a client’s customers actually use, not the plumbing underneath.

It’s also built on solid ground. Resting on PostgreSQL means the data is structured, queryable and reportable from day one, and never trapped in a proprietary format. That keeps the build affordable now and the data portable later, a combination that protects the client’s investment.

How Supabase fits our stack

Supabase is the backend layer we reach for when a project outgrows a simple contact form. It sits behind an Astro site, with React islands handling the interactive pieces, a login, a dashboard, a booking flow, that read and write live data. PostgreSQL is the engine inside it, so everything we say about Postgres applies here too. We host the front end on Cloudflare, and use Node.js for any custom server-side logic or scheduled jobs around the data. Together that gives clients an app-grade product on a foundation that’s fast, secure and genuinely theirs.

When Supabase isn’t the right tool

We don’t reach for it by default. If a client only needs a marketing site with a contact form, adding Supabase is unnecessary weight, a simple form posting to an automation tool does the job better and cheaper. Likewise, a project already committed to a Microsoft or .NET environment may be better served by SQL Server, and a very high-scale, specialised system might warrant a custom backend. Supabase shines in the middle ground: client sites that need real app features, accounts, saved data, live updates, built quickly on dependable foundations.

Worked example

A booking portal a tradesperson can actually log into

Imagine an electrical contractor who wants customers to book jobs and check their status online, plus a private dashboard for the team. We'd use Supabase for the lot: authentication so customers and staff log in securely, a Postgres database for jobs and quotes, and Row Level Security so a customer only ever sees their own bookings. Real-time updates mean the office sees a new request the moment it lands, and the public marketing site stays fast and static on top. The result is an app-grade tool built on solid foundations, without the cost of a bespoke backend. (Illustrative, every build is scoped to your goals.)

Better together

How Supabase fits with the rest of our stack

PostgreSQL

The database engine that powers Supabase

Learn more

Astro

The front end we wire Supabase data into

Learn more

React

Interactive islands that read and write live data

Learn more

Cloudflare

Hosts the site that talks to Supabase

Learn more

Node.js

Server-side code and functions around Supabase

Learn more

Supabase: your questions answered

What is Supabase in plain terms?

Supabase is a ready-made backend for web and mobile apps. Instead of building a database, login system and API from scratch, you get them as one managed service built around PostgreSQL, so the engineering effort goes into the features your customers actually see.

Is Supabase the same as Firebase?

It's the open-source alternative to Firebase. The big difference is that Supabase is built on PostgreSQL, a standard relational database, so your data stays portable and easy to query, report on and migrate, rather than locked into a proprietary system.

Is Supabase secure enough for real customer data?

Yes. It uses PostgreSQL's Row Level Security to control exactly who can read or change each row of data, handles authentication to industry standards, and can be configured to meet UK GDPR requirements. We always scope security rules to the specific data a project holds.

Why does HDC use Supabase?

Because it lets us add genuine app features, logins, saved data, dashboards, real-time updates, to a client's site quickly and on a solid PostgreSQL foundation. That means a smaller build cost and faster launch, without compromising on security or scalability.

Can Supabase work with a fast Astro or React site?

Absolutely. We keep the public marketing pages fast and static, then connect the interactive parts, a customer portal, a live dashboard, a booking flow, to Supabase as React islands. Visitors get speed where it matters and full functionality where they need it.

Will I be locked into Supabase?

No. Because it's open-source and your data lives in standard PostgreSQL, the database can be exported or self-hosted if your needs change. We build so you own your data and aren't trapped with a single supplier.

Want Supabase working for your business?

Tell us what you're trying to achieve, we'll show you, honestly, whether it's the right tool and how we'd apply it.

Enquire now