Authentication
The only authentication documentation page you need if you just want to setup the mobile application.
In this page, we will see :
- how to setup your database for authentication
- how to setup
apps/mobilefor authentication
This feature is implemented with the @kit/auth package and the Supabase Auth features.
If you want to setup the authentication in another application, you must implement all the code that consume the @kit/auth package in apps/mobile.
Password
Go to you supabase/config.toml file.
To enable the email provider, make sure that the auth.email section matches the following code.
[auth.email]
# Allow/disallow new user signups via email to your project.
enable_signup = true
# If enabled, a user will be required to confirm any email change on both the old, and new email
# addresses. If disabled, only the new email is required to confirm.
double_confirm_changes = true
# If enabled, users need to confirm their email address before signing in.
enable_confirmations = trueSet your apps/mobile/config/auth.config.ts file to fit use the password provider.
import { parseAuthConfig } from '@kit/auth/config'; import { Href } from 'expo-router'; const urls = { dashboard: '/', // use Href for native env callback: '/auth/callback', signIn: '/auth/sign-in', signUp: '/auth/sign-up', forgottenPassword: "/auth/password-reset", verifyMfa: "/auth/verify", } satisfies Record<string,Href>; export const authConfig = parseAuthConfig({ environment: 'native', urls, // whether to display the terms checkbox during sign-up displayTermsCheckbox: true, // NB: Enable the providers below in the Supabase Console // in your production project providers: { password: true, }, passwordRequirements: { minLength: 3, maxLength: 99, specialChars: false, numbers: false, uppercase: false, }, });
Authentication emails
The password provider requires emails to work. As Supabase will send a Confirm signup email to the user.
Local dev uses an "in bucket" port for showing what would be sent in email.
Go to http://localhost:54324/ to see the emails sent by Supabase.
oAuth providers
By default only Google oAuth provider is set, as the @react-native-google-signin/google-signin package requires native code to run, it won't work in Expo Go.
Go to you supabase/config.toml file.
Add an external OAuth provider for the development environment. You can find all the supported oAuth providers in the here.
For the example, we will add the Google provider.
[auth.external.google]
enabled = true
client_id = "env(SUPABASE_AUTH_EXTERNAL_GOOGLE_CLIENT_ID)"
secret = "env(SUPABASE_AUTH_EXTERNAL_GOOGLE_SECRET)"
redirect_uri = "env(SUPABASE_AUTH_EXTERNAL_REDIRECT_URI)"Go to the Google Developer Console and create a new OAuth client ID.
Allow to access the following fields :
.../auth/userinfo.email.../auth/userinfo.profile
Create a new api key for iOS or android application to get the client id and ios url schema.
Set the environement variables in the database .env file at supabase/.env.
EXPO_PUBLIC_SUPABASE_GOOGLE_CLIENT_ID="your-google-client-id"
EXPO_PUBLIC_IOS_URL_SCHEMA="your-ios-url-schema"Set your apps/mobile/config/auth.config.ts file to fit use the new oAuth provider.
import { parseAuthConfig } from '@kit/auth/config'; import { Href } from 'expo-router'; const urls = { dashboard: '/', // use Href for native env callback: '/auth/callback', signIn: '/auth/sign-in', signUp: '/auth/sign-up', forgottenPassword: "/auth/password-reset", verifyMfa: "/auth/verify", } satisfies Record<string,Href>; export const authConfig = parseAuthConfig({ environment: 'native', urls, // whether to display the terms checkbox during sign-up displayTermsCheckbox: true, // NB: Enable the providers below in the Supabase Console // in your production project providers: { password: true, oAuth: ['google'], }, passwordRequirements: { minLength: 3, maxLength: 99, specialChars: false, numbers: false, uppercase: false, }, });
Database management for the creatorem saas kit.
How to implement the authentication feature in an existing application.
How is this guide?
Last updated on 1/18/2026