Home

Self-Hosting Auth

The Supabase Auth Server (GoTrue) is a JSON Web Token (JWT)-based API for managing users and issuing access tokens.

GoTrue is an open-source API written in Golang, that acts as a self-standing API service for handling user registration and authentication for JAM projects. It's based on OAuth2 and JWT and handles user signup, authentication, and custom user data.

Client libraries#

Generates an email action link.

post/admin/generate_link

Responses

The response object for generate link.

Get a user.

get/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The current user.

Update a user.

put/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The current user.

Deletes a user.

delete/admin/user/{user_id}

Path Parameters
  • user_id
    REQUIRED
    no type

    The user's id

Responses

The updated user.

List all users.

get/admin/users

Responses

The list of users.

Returns the created user.

post/admin/users

Responses

The current user.

Redirects the user to the 3rd-party OAuth provider to start the OAuth1.0 or OAuth2.0 authentication process.

get/authorize

Query Parameters
  • redirect_to
    Optional
    no type

    The redirect url to return the user to after the `/callback` endpoint has completed.

Responses

Redirects user to the 3rd-party OAuth provider

Receives the redirect from an external provider during the OAuth authentication process. Starts the process of creating an access and refresh token.

get/callback

Responses

Redirects user to the redirect url specified in `/authorize`. If no `redirect_url` is provided, the user will be redirected to the `SITE_URL`.

The healthcheck endpoint for gotrue. Returns the current gotrue version.

get/health

Responses

Sends an invite link to the user.

post/invite

Responses

Logs out the user.

post/logout

Responses

Passwordless sign-in method for email or phone.

post/otp

Responses

Sends a password recovery email link to the user's email.

post/recover

Responses

Returns the configuration settings for the gotrue server.

get/settings

Responses

Password-based signup with either email or phone.

post/signup

Responses

The current user.

Signs in a user with a password.

post/token?grant_type=password

Responses

Refreshes a user's refresh token.

post/token?grant_type=refresh_token

Responses

Get information for the logged-in user.

get/user

Responses

The current user.

Returns the updated user.

put/user

Responses

The current user.

Verifies a sign up.

get/verify

Query Parameters
  • type
    Optional
    string
  • token
    Optional
    string
  • email
    Optional
    string
  • phone
    Optional
    string
  • redirect_to
    Optional
    string
© Supabase IncContributingAuthor StyleguideOpen SourceSupaSquad