import { useParams } from 'common' import CodeSnippet from '../CodeSnippet' import { DocSection } from '../DocSection' import Snippets from '../Snippets' import { InlineLink } from '@/components/ui/InlineLink' import { useProjectSettingsV2Query } from '@/data/config/project-settings-v2-query' import { useIsFeatureEnabled } from '@/hooks/misc/useIsFeatureEnabled' import { DOCS_URL } from '@/lib/constants' import { makeRandomString } from '@/lib/helpers' const randomPassword = makeRandomString(20) interface UserManagementProps { selectedLang: 'bash' | 'js' showApiKey: string } export const UserManagement = ({ selectedLang, showApiKey }: UserManagementProps) => { const { ref: projectRef } = useParams() const keyToShow = showApiKey ? showApiKey : 'SUPABASE_KEY' const { authenticationSignInProviders } = useIsFeatureEnabled([ 'authentication:sign_in_providers', ]) const { data: settings } = useProjectSettingsV2Query({ projectRef }) const protocol = settings?.app_config?.protocol ?? 'https' const hostEndpoint = settings?.app_config?.endpoint ?? '' const endpoint = `${protocol}://${hostEndpoint ?? ''}` return (

Supabase makes it easy to manage your users.

Supabase assigns each user a unique ID. You can reference this ID anywhere in your database. For example, you might create a profiles table that references the user using a user_id field.

Supabase already has built in the routes to sign up, login, and log out for managing users in your apps and websites.

} />

Allow your users to sign up and create a new account.

After they have signed up, all interactions using the Supabase JS client will be performed as "that user".

} snippets={ } />

If an account is created, users can login to your app.

After they have logged in, all interactions using the Supabase JS client will be performed as "that user".

} snippets={ } />

Send a user a passwordless link which they can use to redeem an access_token.

After they have clicked the link, all interactions using the Supabase JS client will be performed as "that user".

} snippets={ } />

A phone number can be used instead of an email as a primary account confirmation mechanism.

The user will receive a mobile OTP via sms with which they can verify that they control the phone number.

You must enter your own twilio credentials on the auth settings page to enable sms confirmations.

} snippets={ } />

SMS OTPs work like magic links, except you have to provide an interface for the user to verify the 6 digit number they receive.

You must enter your own twilio credentials on the auth settings page to enable SMS-based Logins.

} snippets={ } />

Once the user has received the OTP, have them enter it in a form and send it for verification

You must enter your own twilio credentials on the auth settings page to enable SMS-based OTP verification.

} snippets={ } /> {authenticationSignInProviders && (

Users can log in with Third Party OAuth like Google, Facebook, GitHub, and more. You must first enable each of these in the Auth Providers settings{' '} here {' '} .

View all the available{' '} Third Party OAuth providers

After they have logged in, all interactions using the Supabase JS client will be performed as "that user".

Generate your Client ID and secret from:{` `} Google ,{` `} GitHub, {` `} GitLab,{` `} Facebook,{` `} Bitbucket .

} snippets={ } /> )} Get the JSON object for the logged in user.

} snippets={ } /> Sends the user a log in link via email. Once logged in you should direct the user to a new password form. And use "Update User" below to save the new password.

} snippets={ } /> Update the user with a new email or password. Each key (email, password, and data) is optional

} snippets={ } /> After calling log out, all interactions using the Supabase JS client will be "anonymous".

} snippets={ } />

Send a user a passwordless link which they can use to sign up and log in.

After they have clicked the link, all interactions using the Supabase JS client will be performed as "that user".

This endpoint requires you use the service_role_key when initializing the client, and should only be invoked from the server, never from the client.

} snippets={ } />
) }