Home

Self-Hosting Auth

The Supabase Auth Server (GoTrue) is a JSON Web Token (JWT)-based API for managing users and issuing access tokens.

GoTrue is an open-source API written in Golang, that acts as a self-standing API service for handling user registration and authentication for JAM projects. It's based on OAuth2 and JWT and handles user signup, authentication, and custom user data.

Client libraries#

Generates an email action link.

postapiv0/admin/generate_link

Responses

The response object for generate link.

Get a user.

getapiv0/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The current user.

Update a user.

putapiv0/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The current user.

Deletes a user.

deleteapiv0/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The updated user.

List all users.

getapiv0/admin/users

Responses

The list of users.

Returns the created user.

postapiv0/admin/users

Responses

The current user.

Redirects the user to the 3rd-party OAuth provider to start the OAuth1.0 or OAuth2.0 authentication process.

getapiv0/authorize

Query Parameters
  • redirect_to
    Optional
    no type

    The redirect url to return the user to after the `/callback` endpoint has completed.

Responses

Redirects user to the 3rd-party OAuth provider

Receives the redirect from an external provider during the OAuth authentication process. Starts the process of creating an access and refresh token.

getapiv0/callback

Responses

Redirects user to the redirect url specified in `/authorize`. If no `redirect_url` is provided, the user will be redirected to the `SITE_URL`.

The healthcheck endpoint for gotrue. Returns the current gotrue version.

getapiv0/health

Responses

Sends an invite link to the user.

postapiv0/invite

Responses

Logs out the user.

postapiv0/logout

Responses

Passwordless sign-in method for email or phone.

postapiv0/otp

Responses

Sends a password recovery email link to the user's email.

postapiv0/recover

Responses

Returns the configuration settings for the gotrue server.

getapiv0/settings

Responses

Password-based signup with either email or phone.

postapiv0/signup

Responses

The current user.

Signs in a user with a password.

postapiv0/token?grant_type=password

Responses

Refreshes a user's refresh token.

postapiv0/token?grant_type=refresh_token

Responses

Get information for the logged-in user.

getapiv0/user

Responses

The current user.

Returns the updated user.

putapiv0/user

Responses

The current user.

Verifies a sign up.

getapiv0/verify

Query Parameters
  • type
    Optional
    string

    nodescription

  • token
    Optional
    string

    nodescription

  • email
    Optional
    string

    nodescription

  • phone
    Optional
    string

    nodescription

  • redirect_to
    Optional
    string

    nodescription

Verifies a sign up.

getapiv0/verify

Query Parameters
  • type
    Optional
    string

    nodescription

  • token
    Optional
    string

    nodescription

  • email
    Optional
    string

    nodescription

  • phone
    Optional
    string

    nodescription

  • redirect_to
    Optional
    string

    nodescription

Need some help?

Not to worry, our specialist engineers are here to help. Submit a support ticket through the Dashboard.

Supabase 2022ContributingChangelogAuthor StyleguideOpen SourceSupaSquad