Supabase Auth Features
- JWT token validation via Supabase Auth
- Automatic session management
- Row Level Security (RLS) integration
- Built-in PKCE flow protection
Callback
Processing OAuth callback...
Please wait while we complete your authentication.
Loading authentication callback Supabase Authentication Callback
Section titled “Supabase Authentication Callback”The Supabase callback handles the authentication flow after users complete login through various providers (GitHub, Google, Discord, etc.). This endpoint processes the authentication tokens and establishes secure user sessions.
Provider Support
- GitHub OAuth integration
- Google OAuth integration
- Discord OAuth integration
- Magic link authentication
Session Handling
- Automatic token refresh
- Server-side session validation
- Cookie-based persistence
- Secure httpOnly cookies
Supabase Integration
- Direct user profile creation
- Automatic user metadata sync
- Real-time subscription setup
- Database trigger activation
Supabase Configuration
Section titled “Supabase Configuration”Required Supabase Environment Variables
Section titled “Required Supabase Environment Variables”Configure these environment variables for Supabase authentication:
PUBLIC_SUPABASE_URL- Your Supabase project URLPUBLIC_SUPABASE_ANON_KEY- Your Supabase anon/public keySUPABASE_SERVICE_KEY- Your Supabase service role key (server-side only)SUPABASE_JWT_SECRET- JWT secret for token verification
Supabase Callback Flow
Section titled “Supabase Callback Flow”- Provider Authentication: User completes OAuth with GitHub/Google/Discord
- Supabase Redirect: Provider redirects to your Supabase callback URL
- Token Processing: Supabase Auth exchanges code for access/refresh tokens
- User Creation: Supabase automatically creates user record in auth.users
- Session Establishment: Client receives session with JWT tokens
- Profile Sync: User metadata synced to your profiles table via triggers