---
id: config
slug: /config
title: Configuration
toc_max_heading_level: 3
---
A `config.toml` file is generated after running `supabase init`.
This file is located in the `supabase` folder under `supabase/config.toml`.
## General {#general}
### `project_id` {#project_id}
A string used to distinguish different Supabase projects on the same host. Defaults to the working directory name when running `supabase init`.
-
Required:
true
-
Default:
None
## Auth Settings {#auth}
### `auth.site_url` {#auth.site_url}
The base URL of your website. Used as an allow-list for redirects and for constructing URLs used in emails.
- Required:
true
- Default:
"http://localhost:3000"
-
See also:
### `auth.additional_redirect_urls` {#auth.additional_redirect_urls}
A list of _exact_ URLs that auth providers are permitted to redirect to post authentication.
- Required:
true
- Default:
["https://localhost:3000"]
-
See also:
### `auth.jwt_expiry` {#auth.jwt_expiry}
How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 seconds (one week).
- Required:
true
- Default:
3600
-
See also:
### `auth.enable_signup` {#auth.enable_signup}
Allow/disallow new user signups to your project.
- Required:
true
- Default:
true
-
See also:
### `auth.email.enable_signup` {#auth.email.enable_signup}
Allow/disallow new user signups via email to your project.
- Required:
true
- Default:
true
-
See also:
### `auth.email.double_confirm_changes` {#auth.email.double_confirm_changes}
If enabled, a user will be required to confirm any email change on both the old, and new email addresses. If disabled, only the new email is required to confirm.
- Required:
true
- Default:
true
-
See also:
### `auth.email.enable_confirmations` {#auth.email.enable_confirmations}
If enabled, users need to confirm their email address before signing in.
- Required:
true
- Default:
true
-
See also:
### `auth.external..enabled` {#auth.external.provider.enabled}
Use an external OAuth provider. The full list of providers are:
- `apple`
- `azure`
- `bitbucket`
- `discord`
- `facebook`
- `github`
- `gitlab`
- `google`
- `twitch`
- `twitter`
- `slack`
- `spotify`
- Required:
true
- Default:
true
-
See also:
### `auth.external..client_id` {#auth.external.provider.client_id}
Client ID for the external OAuth provider.
- Required:
true
- Default:
""
-
See also:
### `auth.external..secret` {#auth.external.provider.secret}
Client secret for the external OAuth provider.
- Required:
true
- Default:
""
-
See also:
## API Settings {#api}
### `api.port` {#api.port}
Port to use for the API URL.
- Required:
true
- Default:
54321
-
See also:
### `api.extra_search_path` {#api.extra_search_path}
Extra schemas to add to the `search_path` of every request.
- Required:
true
- Default:
["extensions"]
-
See also:
### `api.max_rows` {#api.max_rows}
The maximum number of rows returned from a view, table, or stored procedure. Limits payload size for accidental or malicious requests.
- Required:
true
- Default:
1000
-
See also:
## Database Settings {#database}
### `db.port` {#db.port}
Port to use for the local database URL.
- Required:
true
- Default:
54322
-
See also:
### `db.major_version` {#db.major_version}
The database major version to use. This has to be the same as your remote database's. Run `SHOW server_version;` on the remote database to check.
- Required:
true
- Default:
14
-
See also:
## Dashboard Settings {#dashboard}
### `studio.port` {#studio.port}
Port to use for Supabase Studio.
-
Required:
true
-
Default:
54323
## Local Development {#local}
### `inbucket.port` {#inbucket.port}
Port to use for the email testing server web interface.
Emails sent with the local dev setup are not actually sent - rather, they are monitored, and you can view the emails that would have been sent from the web interface.
- Required:
true
- Default:
54324
-
See also: