Supabase Auth

You can implement various types of auth:

• Standard Supabase Auth

  • JavaScript example

  • Dart/Flutter example

  • Kotlin example

• Anonymous Sign-Ins

  • JavaScript Example

• Fully custom auth

  • Example

• Experimental: We’ve also heard from the community that Supabase’s newly released support for external auth providers works, but we don’t have any examples for this yet.

​

Enabling Supabase Auth

To implement either Supabase Auth or Anonymous Sign-Ins, enable the relevant setting on the PowerSync instance, and provide your Supabase JWT Secret. Internally, this setting allows PowerSync to verify and use Supabase JWTs directly using HS256 and the provided secret.

​

PowerSync Cloud instances:

1. In the PowerSync Dashboard, right-click on your instance to edit it.

2. Under the “Client Auth” tab, enable “Use Supabase Auth” and enter your Supabase JWT Secret (the secret can be copied from your Supabase project’s API Settings):

3. Click “Save and deploy” to deploy the updates to your instance.

​

Self-hosted instances:

This can be enabled via your config.yaml:

client_auth:
  # Enable this if using Supabase Auth*
  supabase: true
  supabase_jwt_secret: your-jwt-secret

​

Sync Rules

The Supabase user UUID will be available as request.user_id() in Sync Rules. To use a different identifier as the user ID in sync rules (for example user email), use Custom authentication.