Authentication and user management against Supabase Auth.
Supports password, OAuth, OTP, SSO, ID-token, Web3 and anonymous sign-in,
user retrieval and sign-up, the full session/identity lifecycle
(verify-otp, refresh-session, update-user, resend,
reset-password-for-email, exchange-code-for-session, reauthenticate,
get-claims, identity linking) and server observability
(get-server-health, get-server-settings).
See supabase.auth.admin for the service-role admin API.
(require '[supabase.core.client :as client]
'[supabase.auth :as auth])
(def c (client/make-client "https://abc.supabase.co" "anon-key"))
(auth/sign-up c {:email "user@example.com" :password "secure-password"})
(auth/sign-in-with-password c {:email "user@example.com" :password "secure-password"})
Each function returns {:status :body :headers} on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-api
Authentication and user management against Supabase Auth.
Supports password, OAuth, OTP, SSO, ID-token, Web3 and anonymous sign-in,
user retrieval and sign-up, the full session/identity lifecycle
(`verify-otp`, `refresh-session`, `update-user`, `resend`,
`reset-password-for-email`, `exchange-code-for-session`, `reauthenticate`,
`get-claims`, identity linking) and server observability
(`get-server-health`, `get-server-settings`).
See `supabase.auth.admin` for the service-role admin API.
## Example
(require '[supabase.core.client :as client]
'[supabase.auth :as auth])
(def c (client/make-client "https://abc.supabase.co" "anon-key"))
(auth/sign-up c {:email "user@example.com" :password "secure-password"})
(auth/sign-in-with-password c {:email "user@example.com" :password "secure-password"})
Each function returns `{:status :body :headers}` on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-apiServer-side admin operations against the Supabase Auth API.
Every function here requires a client configured with the project's
service-role key (not the anon key) as its access token — these
endpoints bypass Row-Level Security and must never be exposed to a browser.
(require '[supabase.core.client :as client]
'[supabase.auth.admin :as admin])
(def c (client/make-client "https://abc.supabase.co" "service-role-key"))
(admin/create-user c {:email "user@example.com" :password "secret"
:email-confirm true})
(admin/list-users c {:page 1 :per-page 50})
Each function returns {:status :body :headers} on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-admin-api
Server-side admin operations against the Supabase Auth API.
Every function here requires a `client` configured with the project's
**service-role** key (not the anon key) as its access token — these
endpoints bypass Row-Level Security and must never be exposed to a browser.
## Example
(require '[supabase.core.client :as client]
'[supabase.auth.admin :as admin])
(def c (client/make-client "https://abc.supabase.co" "service-role-key"))
(admin/create-user c {:email "user@example.com" :password "secret"
:email-confirm true})
(admin/list-users c {:page 1 :per-page 50})
Each function returns `{:status :body :headers}` on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-admin-apiLocal JWT decoding and asymmetric signature verification for Supabase Auth.
Supabase issues JWTs signed with either a symmetric secret (HS256, the
legacy default — not verifiable client-side) or an asymmetric key
(RS256 / ES256). For asymmetric algorithms the public keys are
published at <auth-url>/.well-known/jwks.json; this namespace fetches
and caches that JWKS and verifies signatures using the JDK's built-in
crypto, with no third-party dependency.
Callers should use supabase.auth/get-claims rather than these helpers
directly.
Local JWT decoding and asymmetric signature verification for Supabase Auth. Supabase issues JWTs signed with either a symmetric secret (`HS256`, the legacy default — not verifiable client-side) or an asymmetric key (`RS256` / `ES256`). For asymmetric algorithms the public keys are published at `<auth-url>/.well-known/jwks.json`; this namespace fetches and caches that JWKS and verifies signatures using the JDK's built-in crypto, with no third-party dependency. Callers should use [[supabase.auth/get-claims]] rather than these helpers directly.
Malli schemas for Supabase Auth entities and operations.
Used internally to validate API responses and operation inputs. Schemas follow the Supabase Auth API specification: https://supabase.com/docs/reference/javascript/auth-api
Malli schemas for Supabase Auth entities and operations. Used internally to validate API responses and operation inputs. Schemas follow the Supabase Auth API specification: https://supabase.com/docs/reference/javascript/auth-api
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |