RLS policy permissions required:
- buckets table permissions: insert
- objects table permissions: none
Refer to the Storage guide on how access control works

Parameters

REQUIRED

string

A unique identifier for the bucket you are creating.

options

Optional

object

public

REQUIRED

boolean

The visibility of the bucket. Public buckets don't require an authorization token to download objects, but still require a valid token for all other operations. By default, buckets are private.

allowedMimeTypes

Optional

object

specifies the allowed mime types that this bucket can accept during upload. The default value is null, which allows files with all mime types to be uploaded. Each mime type specified can be a wildcard, e.g. image/*, or a specific mime type, e.g. image/png.

fileSizeLimit

Optional

null | string | number

specifies the max file size in bytes that can be uploaded to this bucket. The global file size limit takes precedence over this value. The default value is null, which doesn't set a per bucket file size limit.


const { data, error } = await supabase
  .storage
  .createBucket('avatars', {
    public: false,
    allowedMimeTypes: ['image/png'],
    fileSizeLimit: 1024
  })

Need some help?
Contact support
Latest product updates?
See Changelog
Something's not right?
Check system status