--- id: config slug: /config title: Configuration toc_max_heading_level: 3 --- A `config.toml` file is generated after running `supabase init`. This file is located in the `supabase` folder under `supabase/config.toml`. ## General {#general} ### `project_id` {#project_id} A string used to distinguish different Supabase projects on the same host. Defaults to the working directory name when running `supabase init`.
## Auth Settings {#auth} ### `auth.site_url` {#auth.site_url} The base URL of your website. Used as an allow-list for redirects and for constructing URLs used in emails.
### `auth.additional_redirect_urls` {#auth.additional_redirect_urls} A list of _exact_ URLs that auth providers are permitted to redirect to post authentication.
### `auth.jwt_expiry` {#auth.jwt_expiry} How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 seconds (one week).
### `auth.enable_signup` {#auth.enable_signup} Allow/disallow new user signups to your project.
### `auth.email.enable_signup` {#auth.email.enable_signup} Allow/disallow new user signups via email to your project.
### `auth.email.double_confirm_changes` {#auth.email.double_confirm_changes} If enabled, a user will be required to confirm any email change on both the old, and new email addresses. If disabled, only the new email is required to confirm.
### `auth.email.enable_confirmations` {#auth.email.enable_confirmations} If enabled, users need to confirm their email address before signing in.
### `auth.external..enabled` {#auth.external.provider.enabled} Use an external OAuth provider. The full list of providers are: - `apple` - `azure` - `bitbucket` - `discord` - `facebook` - `github` - `gitlab` - `google` - `twitch` - `twitter` - `slack` - `spotify`
### `auth.external..client_id` {#auth.external.provider.client_id} Client ID for the external OAuth provider.
### `auth.external..secret` {#auth.external.provider.secret} Client secret for the external OAuth provider.
## API Settings {#api} ### `api.port` {#api.port} Port to use for the API URL.
### `api.extra_search_path` {#api.extra_search_path} Extra schemas to add to the `search_path` of every request.
### `api.max_rows` {#api.max_rows} The maximum number of rows returned from a view, table, or stored procedure. Limits payload size for accidental or malicious requests.
## Database Settings {#database} ### `db.port` {#db.port} Port to use for the local database URL.
### `db.major_version` {#db.major_version} The database major version to use. This has to be the same as your remote database's. Run `SHOW server_version;` on the remote database to check.
## Dashboard Settings {#dashboard} ### `studio.port` {#studio.port} Port to use for Supabase Studio.
  • Required: true
  • Default: 54323

## Local Development {#local} ### `inbucket.port` {#inbucket.port} Port to use for the email testing server web interface. Emails sent with the local dev setup are not actually sent - rather, they are monitored, and you can view the emails that would have been sent from the web interface.