API Overview
Onie Studio is powered by a backend API built on Supabase Edge Functions using the Hono framework running on Deno.
The Onie Studio API is currently an internal API used by the Onie Studio web application. Public API access is planned for a future release.
Base URL
All API requests go to a single Edge Function endpoint:
https://{PROJECT_ID}.supabase.co/functions/v1/make-server-e002a3ed/{endpoint}
Tech Stack
| Layer | Technology |
|---|---|
| Frontend | React 18, Vite, TypeScript |
| Backend | Supabase Edge Functions (Hono, Deno runtime) |
| Database | PostgreSQL via Supabase |
| Storage | Supabase Storage |
| Auth | Supabase Auth (JWT) |
| Payments | Stripe |
| Supabase Edge Functions + SMTP |
Architecture
The backend is a monolithic Edge Function — all business logic endpoints live in a single Hono app. The frontend constructs request URLs programmatically using the project ID from src/utils/supabase/info.ts.
Request Flow
Browser → Supabase Edge Function → PostgreSQL / Stripe / Email
All authenticated requests include a Authorization: Bearer {jwt} header. The Edge Function validates the JWT against Supabase Auth and handles automatic token refresh on 401 responses.
User Roles
| Role | Access |
|---|---|
creative / user | Full app access (CreativeDashboard) |
client | Client Portal (authenticated view) |
| Portal token | Client Portal (unauthenticated, iframe-safe) |
| Superadmin | Admin tools (email-restricted) |
Row-Level Security
All database tables use Supabase Row-Level Security (RLS). RLS is mandatory — it is never disabled on public tables. Both authenticated and anon roles are verified for every policy.