The Scenario
You are a CTO. Your company's SOC 2 Type II audit starts Monday. One of the pre-audit items is an access control review: every person with access to your Supabase organisation, their role, and whether they have MFA enabled.
Your Supabase org has twenty-two members across five teams. You need a sheet listing username, email, role, and MFA status — ready by Friday.
The slow version:
- You open the Supabase dashboard and navigate to Organisation Settings > Team Members
- The page lists members but no export option
- You copy names and emails by hand — one at a time
- The MFA status column is a small icon, easy to misread on members 14 through 22
- You hand the auditor a list with three MFA statuses wrong. The auditor flags it. You spend Monday morning correcting it.
The fast version is one prompt.
The Easy Way: One Prompt in SheetXAI
SheetXAI reads your Supabase organisation member list directly and writes the formatted access review into the sheet, so you do not have to click through the dashboard or misread icons.
Open the SheetXAI sidebar and type:
List all members of my Supabase organisation and write username, email, role, and MFA enabled status into this sheet. Highlight any members without MFA enabled in red.
SheetXAI calls the Supabase API, retrieves all twenty-two members with their MFA status, writes the formatted list, and highlights the non-MFA rows in red.
What You Get
A formatted access review sheet ready for the auditor:
- One row per member — username, email, role, MFA status
- Members without MFA highlighted in red — the security gap is visible immediately
- All twenty-two members — no manual entry, no misread icons
You hand the auditor a complete, accurate list on Friday. The members without MFA get a message. The audit item closes without a correction round.
What If the Access Review Needs More Context
A flat member list is the starting point. SheetXAI can enrich and cross-reference in the same prompt.
When you need to verify that departed employees have been removed
You have a list of departed employees in a separate tab and want to check for matches.
List all members of my Supabase organisation and write username, email, role, and MFA status into this sheet. In column E, check whether any email matches an entry in the Departed tab column A — if yes, label it "OFFBOARD IMMEDIATELY."
When you want members grouped by role
The auditor wants to see owners, admins, and members separately.
List all members of my Supabase organisation and write username, email, role, and MFA status into this sheet. Sort by role, then alphabetically within each role. Add a count per role group in column E for the first row of each group.
When you need to flag accounts that have not been active recently
Your org has contractors who finished their engagement months ago.
List all members of my Supabase organisation and write username, email, role, MFA status, and last sign-in date into this sheet. Flag any member whose last sign-in is more than 60 days ago in column F as "INACTIVE — REVIEW."
When you need the full access review in one shot
Member list, MFA gap, role breakdown, and departed employees — across multiple tabs.
List all members of my Supabase organisation. Write username, email, role, and MFA status into the Members tab with non-MFA rows highlighted red. In the MFA Gaps tab, list only members without MFA with a one-sentence action note. In the Roles tab, show member count per role. In the Flags tab, list any member whose email matches the Departed tab and label them "OFFBOARD."
The pattern: the prompt captures the audit structure the compliance team needs, not just the raw member list.
Try It
Get the 7-day free trial of SheetXAI and open any Google Sheet, then ask it to export your Supabase organisation members. The Supabase integration is included in every SheetXAI plan. For related workflows, see how to export secrets for a rotation audit or the Supabase in Google Sheets overview.