Integrates @insforge/sdk in frontend apps for client-side database queries, auth flows, file uploads/downloads, AI calls, real-time WebSockets, edge functions, and transactional emails.
npx claudepluginhub insforge/insforge-skillsThis skill uses the workspace's default tool permissions.
This skill covers **client-side SDK integration** using `@insforge/sdk`. For backend infrastructure operations (creating tables, inspecting schema, deploying functions, secrets, managing storage buckets, website deployments, cron job and schedules, logs, etc.), use the **insforge-cli** skill.
ai/backend-configuration.mdai/embeddings-and-rag.mdai/sdk-integration.mdauth/backend-configuration.mdauth/sdk-integration.mdauth/ssr-integration.mddatabase/pgvector.mddatabase/postgres-rls.mddatabase/sdk-integration.mdemail/sdk-integration.mdfunctions/sdk-integration.mdrealtime/sdk-integration.mdstorage/sdk-integration.mdManages InsForge backend infrastructure via CLI: creates DB tables/migrations, runs SQL/RLS, deploys serverless/edge functions/frontends, handles storage buckets/secrets/cron jobs/logs/diagnostics.
Enforces workflow for full-stack apps: requirements, architecture decisions, scaffolding checklists, patterns for API integration, auth, error handling, real-time (SSE/WebSocket) across Node/React/Next.js, Python, Go.
Build full-stack apps with Supabase: PostgreSQL database with RLS, authentication, storage, real-time subscriptions, edge functions. Use for auth, DB design, file storage, live features, serverless.
Share bugs, ideas, or general feedback.
This skill covers client-side SDK integration using @insforge/sdk. For backend infrastructure operations (creating tables, inspecting schema, deploying functions, secrets, managing storage buckets, website deployments, cron job and schedules, logs, etc.), use the insforge-cli skill.
npm install @insforge/sdk@latest
Before using the SDK, create a .env file (or .env.local for Next.js) in your project root with your InsForge URL and anon key.
Ensure the project is linked. Check for .insforge/project.json in the project root.
npx @insforge/cli link (existing project) or npx @insforge/cli create (new project) to generate it.Get the anon key via the CLI:
npx @insforge/cli secrets get ANON_KEY
Get the URL from the oss_host field in .insforge/project.json (e.g., https://myapp.us-east.insforge.app).
Write both values to the .env file using the correct framework prefix (see table below).
Use the correct environment variable prefix and access pattern for your framework:
| Framework | .env file | Variables | Access Pattern |
|---|---|---|---|
| Next.js | .env.local | NEXT_PUBLIC_INSFORGE_URL, NEXT_PUBLIC_INSFORGE_ANON_KEY | process.env.NEXT_PUBLIC_* |
| Vite (React, Vue, Svelte) | .env | VITE_INSFORGE_URL, VITE_INSFORGE_ANON_KEY | import.meta.env.VITE_* |
| Astro | .env | PUBLIC_INSFORGE_URL, PUBLIC_INSFORGE_ANON_KEY | import.meta.env.PUBLIC_* |
| SvelteKit | .env | PUBLIC_INSFORGE_URL, PUBLIC_INSFORGE_ANON_KEY | import { env } from '$env/dynamic/public' |
| Create React App | .env | REACT_APP_INSFORGE_URL, REACT_APP_INSFORGE_ANON_KEY | process.env.REACT_APP_* |
| Node.js / Server | .env | INSFORGE_URL, INSFORGE_ANON_KEY | process.env.* |
Example .env.local for Next.js:
NEXT_PUBLIC_INSFORGE_URL=https://your-appkey.us-east.insforge.app
NEXT_PUBLIC_INSFORGE_ANON_KEY=eyJhbGciOiJIUzI1NiIs...
Important: Never commit
.envfiles to version control. Add.env,.env.local, and.env*.localto your.gitignore(keep.env.examplefor documenting required variables).
import { createClient } from '@insforge/sdk'
// Next.js / CRA: use process.env
const insforge = createClient({
baseUrl: process.env.NEXT_PUBLIC_INSFORGE_URL,
anonKey: process.env.NEXT_PUBLIC_INSFORGE_ANON_KEY
})
// Vite / Astro: use import.meta.env
const insforge = createClient({
baseUrl: import.meta.env.VITE_INSFORGE_URL,
anonKey: import.meta.env.VITE_INSFORGE_ANON_KEY
})
| Module | SDK Integration |
|---|---|
| Database | database/sdk-integration.md |
| Auth | auth/sdk-integration.md |
| Storage | storage/sdk-integration.md |
| Functions | functions/sdk-integration.md |
| AI | ai/sdk-integration.md |
| Real-time | realtime/sdk-integration.md |
| email/sdk-integration.md |
| Module | Content |
|---|---|
| Database | CRUD operations, filters, pagination, RPC calls |
| Auth | Sign up/in, OAuth, sessions, profiles, password reset |
| Storage | Upload, download, delete files |
| Functions | Invoke edge functions |
| AI | Chat completions, image generation, embeddings |
| Send custom transactional HTML emails (welcome, newsletter, notifications) | |
| Real-time | Connect, subscribe, publish events |
| Guide | When to Use |
|---|---|
| database/postgres-rls.md | Writing or reviewing RLS policies — covers infinite recursion prevention, SECURITY DEFINER patterns, performance tips, and common InsForge RLS patterns |
| database/pgvector.md | Building semantic search, recommendations, or RAG — covers the vector extension, schema/dimensions, distance operators, HNSW/IVFFlat indexes, and RPC similarity search |
| ai/embeddings-and-rag.md | Generating embeddings through the InsForge AI gateway, storing them in pgvector, and wiring up a basic RAG pipeline with chat completions |
For real-time channels and database triggers, use SQL migrations or database admin tooling to configure channels, triggers, and policies. The real-time SDK is for frontend event handling and messaging, not backend configuration.
Automatically publish events when database records change.
-- Create trigger function
CREATE OR REPLACE FUNCTION notify_order_changes()
RETURNS TRIGGER AS $$
BEGIN
PERFORM realtime.publish(
'order:' || NEW.id::text, -- channel
TG_OP || '_order', -- event: INSERT_order, UPDATE_order
jsonb_build_object(
'id', NEW.id,
'status', NEW.status,
'total', NEW.total
)
);
RETURN NEW;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER;
-- Attach to table
CREATE TRIGGER order_realtime
AFTER INSERT OR UPDATE ON orders
FOR EACH ROW
EXECUTE FUNCTION notify_order_changes();
CREATE OR REPLACE FUNCTION notify_order_status()
RETURNS TRIGGER AS $$
BEGIN
PERFORM realtime.publish(
'order:' || NEW.id::text,
'status_changed',
jsonb_build_object('id', NEW.id, 'status', NEW.status)
);
RETURN NEW;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER;
CREATE TRIGGER order_status_trigger
AFTER UPDATE ON orders
FOR EACH ROW
WHEN (OLD.status IS DISTINCT FROM NEW.status)
EXECUTE FUNCTION notify_order_status();
RLS is disabled by default. To restrict channel access:
ALTER TABLE realtime.channels ENABLE ROW LEVEL SECURITY;
ALTER TABLE realtime.messages ENABLE ROW LEVEL SECURITY;
CREATE POLICY "users_subscribe_own_orders"
ON realtime.channels FOR SELECT
TO authenticated
USING (
pattern = 'order:%'
AND EXISTS (
SELECT 1 FROM orders
WHERE id = NULLIF(split_part(realtime.channel_name(), ':', 2), '')::uuid
AND user_id = auth.uid()
)
);
CREATE POLICY "members_publish_chat"
ON realtime.messages FOR INSERT
TO authenticated
WITH CHECK (
channel_name LIKE 'chat:%'
AND EXISTS (
SELECT 1 FROM chat_members
WHERE room_id = NULLIF(split_part(channel_name, ':', 2), '')::uuid
AND user_id = auth.uid()
)
);
| Task | SQL |
|---|---|
| Create channel | INSERT INTO realtime.channels (pattern, description, enabled) VALUES (...) |
| Create trigger | CREATE TRIGGER ... EXECUTE FUNCTION ... |
| Publish from SQL | PERFORM realtime.publish(channel, event, payload) |
| Enable RLS | ALTER TABLE realtime.channels ENABLE ROW LEVEL SECURITY |
Create channel patterns first before subscribing from frontend
realtime.channels tableenabled is set to trueUse specific channel patterns
% patterns for dynamic channels (e.g., order:% for order:123)notifications)| Mistake | Solution |
|---|---|
| Subscribing to undefined channel pattern | Create channel pattern in realtime.channels first |
| Channel not receiving messages | Ensure channel enabled is true |
| Publishing without trigger | Create database trigger to auto-publish on changes |
1. Create channel patterns → INSERT INTO realtime.channels
2. Ensure enabled = true → Set enabled to true
3. Create triggers if needed → Auto-publish on database changes
4. Proceed with SDK subscribe → Use channel name matching pattern
These modules still require HTTP API calls because the CLI does not yet support them:
| Module | Backend Configuration |
|---|---|
| Auth | auth/backend-configuration.md |
| AI | ai/backend-configuration.md |
All SDK methods return { data, error }.
| Module | Methods |
|---|---|
insforge.database | .from().select(), .insert(), .update(), .delete(), .rpc() |
insforge.auth | .signUp(), .signInWithPassword(), .signInWithOAuth(), .signOut(), .getCurrentUser() |
insforge.storage | .from().upload(), .uploadAuto(), .download(), .remove() |
insforge.functions | .invoke() |
insforge.ai | .chat.completions.create(), .images.generate(), .embeddings.create() |
insforge.realtime | .connect(), .subscribe(), .publish(), .on(), .disconnect() |
insforge.emails | .send({ to, subject, html, cc?, bcc?, from?, replyTo? }) |
insert([{...}]) not insert({...})createClient({ isServerMode: true }), keep tokens in httpOnly cookies, and perform auth flows on the server. See auth/sdk-integration.mdurl AND key to database for download/delete operations/functions/{slug} (without /api prefix)@insforge/react, @insforge/nextjs, and @insforge/react-router are deprecated. Do NOT install or use them. Use @insforge/sdk directly for all features including authentication.vercel.json in the project root for SPA routing (React, React Router apps). The download-template tool includes this automatically.