Authenticationbuilt in, not bolted on
Every Supabase project comes with a complete user management system. Including Postgres' Row Level Security for fine-grained access control.
Everything you need
for user authentication
Social logins, email/password, magic links, phone auth, and more — with enterprise-grade security built on Postgres' Row Level Security.
All the social providers
Add social logins with one click. Google, Facebook, GitHub, Azure (Microsoft), GitLab, Twitter, Discord, and many more.
Fully integrated
Auth without any external services. Built-in authentication, authorization, and user management.
Own your data
User data stored in your Supabase database. No third-party privacy concerns. Host in 17+ locations.
Supabase is not only super easy to get started, but also provides all the backend solutions we require as we continue to grow. The auth system just works out of the box.
Enterprise ready
security at every level
Multi-Factor Authentication
- Time-based one-time passwords (TOTP)
- Works with any authenticator app
- Enforce MFA for specific user roles
- Built-in enrollment and challenge flows
Enterprise SSO
- SAML 2.0 support for identity providers
- Connect to Azure AD, Okta, and more
- Automatic user provisioning on sign-in
- Manage SSO from the Dashboard or API
Custom OIDC Providers
- OpenID Connect support for any identity provider
- Connect to Auth0, Keycloak, Amazon Cognito, and more
- PKCE security by default
- Configure providers from the Dashboard or API
Simple APIs
powerful libraries
APIs that you can understand. With powerful libraries that work on client and server-side applications.
// Sign up with email and password
const { data, error } = await supabase.auth.signUp({
email: 'user@example.com',
password: 'secure-password',
})// Sign up with email and password
const { data, error } = await supabase.auth.signUp({
email: 'user@example.com',
password: 'secure-password',
})User permissions
without the middleware
Build authorization rules with Postgres Row Level Security — control who can create, edit, and delete specific rows in your database. No additional servers required.
-- 1. Create table
create table profiles (
id serial primary key,
name text
);
-- 2. Enable RLS
alter table profiles enable row level security;
-- 3. Create Policy
create policy "Public profiles are viewable by everyone."
on profiles for select
using ( true );-- 1. Create table
create table profiles (
id serial primary key,
name text
);
-- 2. Enable RLS
alter table profiles enable row level security;
-- 3. Create Policy
create policy "Public profiles are viewable by everyone."
on profiles for select
using ( true );Kickstart your next project
with production ready templates
View all examples
Stripe Subscriptions Starter
The all-in-one subscription starter kit for high-performance SaaS applications, powered by Stripe, Supabase, and Vercel.
Next.js Starter
A Next.js App Router template configured with cookie-based auth using Supabase, TypeScript and Tailwind CSS.
AI Chatbot
An open-source AI chatbot app template built with Next.js, the Vercel AI SDK, OpenAI, and Supabase.
LangChain + Next.js Starter
Starter template and example use-cases for LangChain projects in Next.js, including chat, agents, and retrieval.
Flutter User Management
Get started with Supabase and Flutter by building a user management app with auth, file storage, and database.
Expo React Native Starter
An extended version of create-t3-turbo implementing authentication on both the web and mobile applications.