Liking cljdoc? Tell your friends :D

supabase.auth.admin

Server-side admin operations against the Supabase Auth API.

Every function here requires a client configured with the project's service-role key (not the anon key) as its access token — these endpoints bypass Row-Level Security and must never be exposed to a browser.

Example

(require '[supabase.core.client :as client]
         '[supabase.auth.admin :as admin])

(def c (client/make-client "https://abc.supabase.co" "service-role-key"))

(admin/create-user c {:email "user@example.com" :password "secret"
                      :email-confirm true})
(admin/list-users c {:page 1 :per-page 50})

Each function returns {:status :body :headers} on success or an anomaly map on failure. See https://supabase.com/docs/reference/javascript/auth-admin-api

Server-side admin operations against the Supabase Auth API.

Every function here requires a `client` configured with the project's
**service-role** key (not the anon key) as its access token — these
endpoints bypass Row-Level Security and must never be exposed to a browser.

## Example

    (require '[supabase.core.client :as client]
             '[supabase.auth.admin :as admin])

    (def c (client/make-client "https://abc.supabase.co" "service-role-key"))

    (admin/create-user c {:email "user@example.com" :password "secret"
                          :email-confirm true})
    (admin/list-users c {:page 1 :per-page 50})

Each function returns `{:status :body :headers}` on success or an anomaly
map on failure. See https://supabase.com/docs/reference/javascript/auth-admin-api
raw docstring

create-userclj

(create-user client attrs)

Creates a user directly, bypassing sign-up flows. Set :email-confirm / :phone-confirm to mark contacts as already verified.

Parameters

  • client — service-role client
  • attrs — any of :email, :phone, :password, :email-confirm, :phone-confirm, :user-metadata, :app-metadata, :ban-duration, :role

Example

(create-user client {:email "a@b.com" :password "secret" :email-confirm true})
Creates a user directly, bypassing sign-up flows. Set `:email-confirm` /
`:phone-confirm` to mark contacts as already verified.

## Parameters

* `client` — service-role client
* `attrs` — any of `:email`, `:phone`, `:password`, `:email-confirm`,
  `:phone-confirm`, `:user-metadata`, `:app-metadata`, `:ban-duration`,
  `:role`

## Example

    (create-user client {:email "a@b.com" :password "secret" :email-confirm true})
sourceraw docstring

delete-factorclj

(delete-factor client id factor-id)

Deletes the MFA factor factor-id from user id. Permanent.

Example

(delete-factor client "<user-id>" "<factor-id>")
Deletes the MFA factor `factor-id` from user `id`. Permanent.

## Example

    (delete-factor client "<user-id>" "<factor-id>")
sourceraw docstring

delete-userclj

(delete-user client id)
(delete-user client id {:keys [soft?]})

Deletes the user id. Pass :soft? true to soft-delete (retain the row, marked deleted) instead of a hard delete.

Example

(delete-user client "<user-id>")
(delete-user client "<user-id>" {:soft? true})
Deletes the user `id`. Pass `:soft? true` to soft-delete (retain the row,
marked deleted) instead of a hard delete.

## Example

    (delete-user client "<user-id>")
    (delete-user client "<user-id>" {:soft? true})
sourceraw docstring

(generate-link client params)

Generates an email action link (and the underlying user) without sending an email, so the caller can deliver it through its own channel.

Parameters

  • client — service-role client
  • params:
    • :type"signup", "invite", "magiclink", "recovery", "email_change_current", or "email_change_new" (required)
    • :email — target email (required)
    • :password — required for "signup"
    • :new-email — required for the email-change types
    • :data — user metadata (signup/invite only)
    • :options:
      • :redirect-to — URL the link points to

Example

(generate-link client {:type "signup" :email "a@b.com" :password "secret"})
Generates an email action link (and the underlying user) without sending
an email, so the caller can deliver it through its own channel.

## Parameters

* `client` — service-role client
* `params`:
  * `:type` — `"signup"`, `"invite"`, `"magiclink"`, `"recovery"`,
    `"email_change_current"`, or `"email_change_new"` (required)
  * `:email` — target email (required)
  * `:password` — required for `"signup"`
  * `:new-email` — required for the email-change types
  * `:data` — user metadata (signup/invite only)
  * `:options`:
    * `:redirect-to` — URL the link points to

## Example

    (generate-link client {:type "signup" :email "a@b.com" :password "secret"})
sourceraw docstring

get-user-by-idclj

(get-user-by-id client id)

Fetches a single user by id.

Example

(get-user-by-id client "<user-id>")
Fetches a single user by `id`.

## Example

    (get-user-by-id client "<user-id>")
sourceraw docstring

invite-user-by-emailclj

(invite-user-by-email client email)
(invite-user-by-email client email options)

Sends an invite email to email, creating the user in an unconfirmed state.

Parameters

  • client — service-role client
  • email — invitee address (required)
  • options (optional):
    • :data — user metadata attached to the new user
    • :redirect-to — URL the invite link points to

Example

(invite-user-by-email client "new@example.com" {:data {:role "member"}})
Sends an invite email to `email`, creating the user in an unconfirmed state.

## Parameters

* `client` — service-role client
* `email` — invitee address (required)
* `options` (optional):
  * `:data` — user metadata attached to the new user
  * `:redirect-to` — URL the invite link points to

## Example

    (invite-user-by-email client "new@example.com" {:data {:role "member"}})
sourceraw docstring

list-factorsclj

(list-factors client id)

Lists the MFA factors enrolled for user id.

Example

(list-factors client "<user-id>")
Lists the MFA factors enrolled for user `id`.

## Example

    (list-factors client "<user-id>")
sourceraw docstring

list-usersclj

(list-users client)
(list-users client opts)

Lists users, paginated. The link response header carries next/prev page cursors.

Parameters

  • client — service-role client
  • opts (optional): :page (1-based) and :per-page

Example

(list-users client)
(list-users client {:page 2 :per-page 100})
Lists users, paginated. The `link` response header carries next/prev page
cursors.

## Parameters

* `client` — service-role client
* `opts` (optional): `:page` (1-based) and `:per-page`

## Example

    (list-users client)
    (list-users client {:page 2 :per-page 100})
sourceraw docstring

sign-outclj

(sign-out client access-token)
(sign-out client access-token scope)

Revokes sessions for the user identified by access-token.

scope selects which sessions to revoke:

  • "global" (default) — all sessions
  • "local" — only the current session
  • "others" — all sessions except the current one

Example

(sign-out client "<access-token>")
(sign-out client "<access-token>" "others")
Revokes sessions for the user identified by `access-token`.

`scope` selects which sessions to revoke:

  - `"global"` (default) — all sessions
  - `"local"`            — only the current session
  - `"others"`          — all sessions except the current one

## Example

    (sign-out client "<access-token>")
    (sign-out client "<access-token>" "others")
sourceraw docstring

update-user-by-idclj

(update-user-by-id client id attrs)

Updates the user id with attrs (same keys as create-user, plus :nonce).

Example

(update-user-by-id client "<user-id>" {:role "admin"})
Updates the user `id` with `attrs` (same keys as `create-user`, plus
`:nonce`).

## Example

    (update-user-by-id client "<user-id>" {:role "admin"})
sourceraw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts
Ctrl+kJump to recent docs
Move to previous article
Move to next article
Ctrl+/Jump to the search field
× close