Authentication and user management against Supabase Auth.
Supports password, OAuth, OTP, SSO, ID-token, Web3 and anonymous sign-in, plus user retrieval and sign-up.
(require '[supabase.core.client :as client]
'[supabase.auth :as auth])
(def c (client/make-client "https://abc.supabase.co" "anon-key"))
(auth/sign-up c {:email "user@example.com" :password "secure-password"})
(auth/sign-in-with-password c {:email "user@example.com" :password "secure-password"})
Each function returns {:status :body :headers} on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-api
Authentication and user management against Supabase Auth.
Supports password, OAuth, OTP, SSO, ID-token, Web3 and anonymous sign-in,
plus user retrieval and sign-up.
## Example
(require '[supabase.core.client :as client]
'[supabase.auth :as auth])
(def c (client/make-client "https://abc.supabase.co" "anon-key"))
(auth/sign-up c {:email "user@example.com" :password "secure-password"})
(auth/sign-in-with-password c {:email "user@example.com" :password "secure-password"})
Each function returns `{:status :body :headers}` on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-api(get-user client access-token)Retrieves the user profile associated with access-token.
Returns {:status 200 :body {...}} with the user payload, or an anomaly
map on failure (invalid client, expired token, etc.).
(get-user client "eyJhbG...")
Retrieves the user profile associated with `access-token`.
Returns `{:status 200 :body {...}}` with the user payload, or an anomaly
map on failure (invalid client, expired token, etc.).
## Example
(get-user client "eyJhbG...")(sign-in-anonymously client credentials)Signs in a user anonymously. Anonymous users can later be converted to permanent users by linking an identity.
client — Supabase clientcredentials — optional:
:data — additional data attached to the user:captcha-token — CAPTCHA challenge token(sign-in-anonymously client {})
(sign-in-anonymously client {:data {:locale "en-US"}})
Signs in a user anonymously. Anonymous users can later be converted to
permanent users by linking an identity.
## Parameters
* `client` — Supabase client
* `credentials` — optional:
* `:data` — additional data attached to the user
* `:captcha-token` — CAPTCHA challenge token
## Example
(sign-in-anonymously client {})
(sign-in-anonymously client {:data {:locale "en-US"}})(sign-in-with-id-token client credentials)Signs in with an ID token issued by an external provider.
Supported providers: "google", "apple", "azure", "facebook",
"kakao".
client — Supabase clientcredentials:
:provider — provider name (required):token — OIDC ID token issued by the provider (required):access-token — optional, if the ID token contains an at_hash claim:nonce — optional, if the ID token contains a nonce claim:options — optional:
:captcha-token — CAPTCHA challenge token(sign-in-with-id-token client {:provider "google" :token "eyJ..."})
Signs in with an ID token issued by an external provider.
Supported providers: `"google"`, `"apple"`, `"azure"`, `"facebook"`,
`"kakao"`.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:provider` — provider name (required)
* `:token` — OIDC ID token issued by the provider (required)
* `:access-token` — optional, if the ID token contains an `at_hash` claim
* `:nonce` — optional, if the ID token contains a `nonce` claim
* `:options` — optional:
* `:captcha-token` — CAPTCHA challenge token
## Example
(sign-in-with-id-token client {:provider "google" :token "eyJ..."})(sign-in-with-oauth client credentials)Builds the OAuth provider redirect URL. Does not issue an HTTP request —
the caller navigates the user-agent to :url.
Supported providers include "github", "google", "apple", "azure",
"discord", "facebook", "gitlab", "linkedin", "slack",
"twitch", "twitter", and others.
client — Supabase clientcredentials:
:provider — OAuth provider (required):options — optional:
:redirect-to — URL to redirect after authentication:scopes — vector of OAuth scopes:query-params — additional query params for the OAuth URL:skip-browser-redirect — skip browser redirect(sign-in-with-oauth client
{:provider "github"
:options {:redirect-to "https://example.com/callback"}})
;; => {:provider "github"
;; :flow-type "implicit"
;; :url "https://abc.supabase.co/auth/v1/authorize?provider=github&redirect_to=..."}
Builds the OAuth provider redirect URL. Does not issue an HTTP request —
the caller navigates the user-agent to `:url`.
Supported providers include `"github"`, `"google"`, `"apple"`, `"azure"`,
`"discord"`, `"facebook"`, `"gitlab"`, `"linkedin"`, `"slack"`,
`"twitch"`, `"twitter"`, and others.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:provider` — OAuth provider (required)
* `:options` — optional:
* `:redirect-to` — URL to redirect after authentication
* `:scopes` — vector of OAuth scopes
* `:query-params` — additional query params for the OAuth URL
* `:skip-browser-redirect` — skip browser redirect
## Example
(sign-in-with-oauth client
{:provider "github"
:options {:redirect-to "https://example.com/callback"}})
;; => {:provider "github"
;; :flow-type "implicit"
;; :url "https://abc.supabase.co/auth/v1/authorize?provider=github&redirect_to=..."}(sign-in-with-otp client credentials)Sends a one-time password to the user's email or phone.
The user completes sign-in by calling verify-otp with the code.
client — Supabase clientcredentials:
:email — user's email (required if :phone not provided):phone — user's phone (required if :email not provided):options — optional:
:data — additional data:email-redirect-to — URL to redirect after email verification:captcha-token — CAPTCHA challenge token:channel — "sms" or "whatsapp" for phone OTPs:should-create-user — create the user if they don't exist(sign-in-with-otp client {:email "user@example.com"})
(sign-in-with-otp client {:phone "+15555550100"
:options {:channel "sms"}})
Sends a one-time password to the user's email or phone.
The user completes sign-in by calling `verify-otp` with the code.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:email` — user's email (required if `:phone` not provided)
* `:phone` — user's phone (required if `:email` not provided)
* `:options` — optional:
* `:data` — additional data
* `:email-redirect-to` — URL to redirect after email verification
* `:captcha-token` — CAPTCHA challenge token
* `:channel` — `"sms"` or `"whatsapp"` for phone OTPs
* `:should-create-user` — create the user if they don't exist
## Example
(sign-in-with-otp client {:email "user@example.com"})
(sign-in-with-otp client {:phone "+15555550100"
:options {:channel "sms"}})(sign-in-with-password client credentials)Authenticates a user with email/phone and password.
client — Supabase clientcredentials:
:email — user's email (required if :phone not provided):phone — user's phone (required if :email not provided):password — user's password (required):options — optional:
:captcha-token — CAPTCHA challenge token:data — additional data(sign-in-with-password client {:email "user@example.com" :password "secure-password"})
Authenticates a user with email/phone and password.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:email` — user's email (required if `:phone` not provided)
* `:phone` — user's phone (required if `:email` not provided)
* `:password` — user's password (required)
* `:options` — optional:
* `:captcha-token` — CAPTCHA challenge token
* `:data` — additional data
## Example
(sign-in-with-password client {:email "user@example.com" :password "secure-password"})(sign-in-with-sso client credentials)Initiates SAML single sign-on. Returns a response whose body contains the SSO redirect URL.
client — Supabase clientcredentials:
:provider-id — SSO provider ID (required if :domain not provided):domain — SSO provider domain (required if :provider-id not provided):options — optional:
:redirect-to — URL to redirect after authentication:captcha-token — CAPTCHA challenge token(sign-in-with-sso client {:domain "example.org"})
(sign-in-with-sso client {:provider-id "sso-provider-id"})
Initiates SAML single sign-on. Returns a response whose body contains the
SSO redirect URL.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:provider-id` — SSO provider ID (required if `:domain` not provided)
* `:domain` — SSO provider domain (required if `:provider-id` not provided)
* `:options` — optional:
* `:redirect-to` — URL to redirect after authentication
* `:captcha-token` — CAPTCHA challenge token
## Example
(sign-in-with-sso client {:domain "example.org"})
(sign-in-with-sso client {:provider-id "sso-provider-id"})(sign-in-with-web3 client credentials)Signs in with a Web3 wallet (Ethereum or Solana).
The message must be signed client-side; Supabase Auth verifies the signature.
client — Supabase clientcredentials:
:chain — "ethereum" or "solana" (required):message — SIWE/SIWS message that was signed (required):signature — wallet signature of the message (required):options — optional:
:captcha-token — CAPTCHA challenge token(sign-in-with-web3 client {:chain "ethereum"
:message "example.com wants you to sign in..."
:signature "0xabc..."})
Signs in with a Web3 wallet (Ethereum or Solana).
The message must be signed client-side; Supabase Auth verifies the signature.
## Parameters
* `client` — Supabase client
* `credentials`:
* `:chain` — `"ethereum"` or `"solana"` (required)
* `:message` — SIWE/SIWS message that was signed (required)
* `:signature` — wallet signature of the message (required)
* `:options` — optional:
* `:captcha-token` — CAPTCHA challenge token
## Example
(sign-in-with-web3 client {:chain "ethereum"
:message "example.com wants you to sign in..."
:signature "0xabc..."})(sign-up client credentials)Creates a new user with email/phone and password.
client — Supabase clientcredentials — sign-up details:
:email — user's email address (required if :phone not provided):phone — user's phone number (required if :email not provided):password — user's password (required):options — optional:
:email-redirect-to — URL to redirect after email confirmation:data — additional data attached to the user:captcha-token — verification token from CAPTCHA challenge(sign-up client {:email "user@example.com" :password "secure-password"})
Creates a new user with email/phone and password.
## Parameters
* `client` — Supabase client
* `credentials` — sign-up details:
* `:email` — user's email address (required if `:phone` not provided)
* `:phone` — user's phone number (required if `:email` not provided)
* `:password` — user's password (required)
* `:options` — optional:
* `:email-redirect-to` — URL to redirect after email confirmation
* `:data` — additional data attached to the user
* `:captcha-token` — verification token from CAPTCHA challenge
## Example
(sign-up client {:email "user@example.com" :password "secure-password"})cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |