SupascaleSupascale
Sign Up

Auth Providers

Configure OAuth providers for Supabase authentication.

Enable social login by configuring OAuth providers for your Supabase projects.

Supported Providers

Supascale supports all Supabase Auth providers:

ProviderDocumentation
GoogleGoogle OAuth Setup
GitHubGitHub OAuth Apps
GitLabGitLab Applications
DiscordDiscord Developer Portal
TwitterTwitter Developer Portal
FacebookFacebook Developers
AppleApple Developer
AzureAzure Portal
BitbucketBitbucket Settings
SlackSlack API
SpotifySpotify Developer
TwitchTwitch Developer
LinkedInLinkedIn Developer
NotionNotion Developers
ZoomZoom App Marketplace

Viewing Configured Providers

Via Web UI

  1. Click on a project
  2. Go to Auth Providers tab
  3. See configured and available providers

Via API

curl https://supascale.example.com/api/v1/projects/my-project/auth-providers \
  -H "X-API-Key: your-api-key"

Response:

{
  "configured": [
    {
      "provider": "google",
      "enabled": true,
      "clientId": "xxx...xxx",
      "clientSecret": "****"
    }
  ],
  "available": [
    {
      "provider": "github",
      "displayName": "GitHub",
      "configFields": ["clientId", "clientSecret"]
    }
  ]
}

Configuring a Provider

General Setup Steps

  1. Create OAuth application with the provider
  2. Set the callback URL: https://your-project-api/auth/v1/callback
  3. Copy Client ID and Client Secret
  4. Configure in Supascale

Via Web UI

  1. Click on a project
  2. Go to Auth Providers tab
  3. Click Add Provider
  4. Select the provider
  5. Enter Client ID and Secret
  6. Click Save
  7. Restart the project

Via API

curl -X PUT https://supascale.example.com/api/v1/projects/my-project/auth-providers \
  -H "X-API-Key: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "providers": [
      {
        "provider": "google",
        "enabled": true,
        "clientId": "your-google-client-id",
        "clientSecret": "your-google-client-secret"
      }
    ]
  }'

Provider-Specific Setup

Google

  1. Go to Google Cloud Console
  2. Create a new project or select existing
  3. Go to APIs & Services > Credentials
  4. Click Create Credentials > OAuth 2.0 Client ID
  5. Select Web application
  6. Add authorized redirect URI: https://your-api-url/auth/v1/callback
  7. Copy Client ID and Secret
{
  "provider": "google",
  "enabled": true,
  "clientId": "xxxxx.apps.googleusercontent.com",
  "clientSecret": "GOCSPX-xxxxx"
}

GitHub

  1. Go to GitHub Developer Settings
  2. Click New OAuth App
  3. Set Homepage URL to your app
  4. Set Authorization callback URL: https://your-api-url/auth/v1/callback
  5. Copy Client ID and generate Client Secret
{
  "provider": "github",
  "enabled": true,
  "clientId": "your-github-client-id",
  "clientSecret": "your-github-client-secret"
}

Discord

  1. Go to Discord Developer Portal
  2. Click New Application
  3. Go to OAuth2 section
  4. Add redirect: https://your-api-url/auth/v1/callback
  5. Copy Client ID and Secret
{
  "provider": "discord",
  "enabled": true,
  "clientId": "your-discord-client-id",
  "clientSecret": "your-discord-client-secret"
}

Apple

  1. Go to Apple Developer
  2. Create an App ID with Sign In with Apple enabled
  3. Create a Services ID
  4. Configure domains and return URLs
  5. Create and download a key
{
  "provider": "apple",
  "enabled": true,
  "clientId": "your-services-id",
  "clientSecret": "your-secret-key",
  "additionalConfig": {
    "teamId": "your-team-id",
    "keyId": "your-key-id"
  }
}

Enabling/Disabling Providers

Toggle provider without removing configuration:

curl -X PUT https://supascale.example.com/api/v1/projects/my-project/auth-providers \
  -H "X-API-Key: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "providers": [
      {
        "provider": "google",
        "enabled": false,
        "clientId": "existing-client-id",
        "clientSecret": "existing-client-secret"
      }
    ]
  }'

Callback URL

All providers use the same callback URL format:

https://[YOUR-PROJECT-API-URL]/auth/v1/callback

Example: https://api.myapp.com/auth/v1/callback

Client Usage

After configuring providers, use them in your application:

import { createClient } from '@supabase/supabase-js'

const supabase = createClient(apiUrl, anonKey)

// Sign in with Google
const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'google',
  options: {
    redirectTo: 'https://myapp.com/auth/callback'
  }
})

// Sign in with GitHub
const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'github'
})

Troubleshooting

"Invalid redirect URI"

  1. Verify callback URL matches exactly
  2. Check for trailing slashes
  3. Ensure HTTPS is used in production

"Client ID not found"

  1. Verify Client ID is correct
  2. Check the OAuth app is published/active
  3. Restart the project after changes

User Can't Sign In

  1. Verify provider is enabled
  2. Check provider app permissions/scopes
  3. Review auth service logs

Best Practices

  1. Use HTTPS for production callback URLs
  2. Secure credentials - never expose client secrets
  3. Test thoroughly before enabling in production
  4. Document which providers are enabled for your team