Built on Supabase: The Open-Source Backend Powering Email Bits
Learn how Email Bits uses Supabase for authentication, database, and real-time features — and why open-source infrastructure makes for a faster, more reliable product.
Posted by
Cory TrimmRelated reading
EmailBits 1.0: A New Chapter for HTML Email Templates
After months of building, I'm excited to share everything that's landed in the 1.0 release — 200+ templates, an AI generator, two editors, Brand Kit, and a lot more.
Quick Editor vs. Advanced Editor: Which One Should You Use?
EmailBits has two built-in editors. Here's what each one does, when to use which, and why upgrading to the Advanced Editor unlocks a lot more.
AI Email Template Generator: Build Emails in Minutes
Generate professional HTML email templates with AI — describe what you need, get a complete responsive template in under 2 minutes. Free to try.
Why We Chose Supabase
When building Email Bits, we needed a backend that could handle authentication, a relational database, and row-level security without adding operational complexity. Supabase checked every box — it is open-source, Postgres-native, and ships with a generous free tier that grows with the product.
Rather than stitching together separate services for auth, a database, and an API layer, Supabase gives us all three in a single platform. That means less infrastructure to maintain and more time spent building features for you.
How Supabase Powers Email Bits
Authentication
Every Email Bits account is managed through Supabase Auth. Magic-link email sign-in means there are no passwords to remember — you enter your email, click the link, and you're in. Supabase handles the token lifecycle, session refresh, and secure cookie management automatically.
Template and Component Storage
All email templates and components are stored in a Postgres database hosted by Supabase. Each template record holds the raw HTML source, React Email JSX, a preview image path, pricing tier, and visibility status. Queries are fast, typed, and protected by row-level security policies so that draft content is never exposed to the public.
User Profiles and Subscription State
When a user signs up, Supabase Auth automatically creates a corresponding row in a profiles table. The Stripe webhook updates this row when a subscription is activated or cancelled, toggling thehas_access boolean that controls access to pro templates.
Row-Level Security
Supabase's row-level security (RLS) means database access rules live inside Postgres itself — not just in application code. Even if someone calls the Supabase API directly with the public anon key, they can only see rows the policy explicitly allows. Public templates are readable; draft templates, private profiles, and leads are not.
What This Means for You
- Faster sign-in: Magic links mean no password resets, ever.
- Reliable data: Postgres is battle-tested at scale. Your template library will always be there.
- Private by default: Your account data and subscription status are protected at the database layer, not just the application layer.
- Open-source foundation: Supabase is MIT-licensed. Email Bits is not locked into proprietary infrastructure.
What's Next
The Supabase integration is already powering the template library, authentication, and subscription gating you use today. Upcoming features — including saved favorites, usage history, and team workspaces — will all build on this foundation. Stay tuned.
