Javascript Reference v2.0

Send a password reauthentication nonce

Sends a reauthentication OTP to the user's email or phone number. Requires the user to be signed-in.

  • This method is used together with updateUser() when a user's password needs to be updated.
  • If you require your user to reauthenticate before updating their password, you need to enable the Secure password change option in your project's email provider settings.
  • A user is only require to reauthenticate before updating their password if Secure password change is enabled and the user hasn't recently signed in. A user is deemed recently signed in if the session was created in the last 24 hours.
  • This method will send a nonce to the user's email. If the user doesn't have a confirmed email address, the method will send the nonce to the user's confirmed phone number instead.

const { error } = await supabase.auth.reauthenticate()