Configuration
Settings
Supabase and authentication placeholders for the Phase 1 architecture. Secrets are read from environment variables only.
Supabase PostgreSQL
Migrations define organisation-scoped tables, enums, audit fields, archive fields and row level security policies.
Authentication-ready
The schema supports organisation users with admin, editor and reviewer roles. Route protection can be enabled when Supabase auth is connected.
No browser secrets
Only public Supabase values use NEXT_PUBLIC variables. Service keys and future OpenAI keys stay server-side.