How to restrict table access to authenticated users, row level policies, and email domain based access.
When you deploy a new Supabase project, we deploy a new instance of this server alongside your database, and also inject your database with the required
It makes it super easy to, for example, send magic link emails which your users can use to login:
Gotrue is responsible for issuing access tokens for your users, sends confirmation, magic-link, and password recovery emails (by default we send these from a Supabase SMTP server, but you can easily plug in your own inside the dashboard at Auth > Settings) and also transacting with third party OAuth providers to get basic user data.
The community even recently built in the functionality to request custom OAuth scopes, if your users need to interact more closely with the provider. See the scopes parameter here: https://github.com/supabase/gotrue#get-authorize.
So let's say you want to send emails on behalf of a user via gmail, you might request the gmail.send scope by directing them to:
You'll have to make sure your google app is verified of course in order to request these advanced scopes.
But all the functionality of gotrue-js is also available in supabase-js, which uses gotrue-js internally when you do things like:
If you want to request a feature, or contribute to the project directly, just head to https://github.com/supabase/gotrue and open some issues/PRs, we're always open to help.
In the next guide we'll be looking at how to setup external OAuth providers: Watch Part Five: Google Oauth
- JWT debugger: https://jwt.io