Skip to main content

signIn()

Log in an existing user, or login via a third-party provider.

const { user, session, error } = await supabase.auth.signIn({
email: 'example@email.com',
password: 'example-password',
})

Parameters#

  • __namedParametersrequiredUserCredentials

    No description provided.

  • optionsrequiredobject

    No description provided.

      Properties
    • redirectTooptionalstring

      No description provided.

    • scopesoptionalstring

      No description provided.

Notes#

  • A user can sign up either via email or OAuth.
  • If you provide email without a password, the user will be sent a magic link.
  • The magic link's destination URL is determined by the SITE_URL config variable. To change this, you can go to Authentication -> Settings on app.supabase.io
  • Specifying a provider will open the browser to the relevant login page.

Examples#

Sign in with email.#

const { user, session, error } = await supabase.auth.signIn({
email: 'example@email.com',
password: 'example-password',
})

Sign in with magic link.#

If no password is provided, the user will be sent a "magic link" to their email address, which they can click to open your application with a valid session. By default, a given user can only request a Magic Link once every 60 seconds.

const { user, session, error } = await supabase.auth.signIn({
email: 'example@email.com'
})

Sign in using third-party providers.#

Supabase supports OAuth logins.

const { user, session, error } = await supabase.auth.signIn({
// provider can be 'github', 'google', 'gitlab', or 'bitbucket'
provider: 'github'
})

Sign in with redirect.#

Sometimes you want to control where the user is redirected to after they are logged in. Supabase supports this for any URL path on your website (the base domain must be the same as the domain in your Auth settings).

const { user, session, error } = await supabase.auth.signIn({
provider: 'github'
}, {
redirectTo: 'https://example.com/welcome'
})

Sign in with scopes.#

If you need additional data from an OAuth provider, you can include a space-separated list of scopes in your request to get back an OAuth provider token. You may also need to specify the scopes in the provider's OAuth app settings, depending on the provider.

const { user, session, error } = await supabase.auth.signIn({
provider: 'github'
}, {
scopes: 'repo gist notifications'
})
const oAuthToken = session.provider_token // use to access provider API

Sign in using a refresh token (e.g. in React Native).#

If you are completing a sign up or login in a React Native app you can pass the refresh token obtained from the provider to obtain a session.

// An example using Expo's `AuthSession`
const redirectUri = AuthSession.makeRedirectUri({ useProxy: false });
const provider = 'google';
AuthSession.startAsync({
authUrl: `https://MYSUPABASEAPP.supabase.co/auth/v1/authorize?provider=${provider}&redirect_to=${redirectUri}`,
returnUrl: redirectUri,
}).then(async (response: any) => {
if (!response) return;
const { user, session, error } = await supabase.auth.signIn({
refreshToken: response.params?.refresh_token,
});
});