Previous featureNext feature
authentication

Auth Hooks

Customize authentication flows with serverless functions.

Stage:
Beta
Available on self-hosted:
Yes

Auth Hooks are customizable serverless functions that run at specific points in the authentication lifecycle. Implement as Postgres functions or HTTP webhooks to add custom logic to authentication flows.

Key benefits

  1. Custom JWT claims: Add roles, permissions, or metadata to access tokens.
  2. Custom SMS provider: Integrate your preferred SMS service.
  3. Custom email sending: Use external email services for auth emails.
  4. Custom MFA verification: Implement custom multi-factor authentication flows.
  5. Business logic integration: Add custom validation or processing to auth events.

Hook types

Custom Access Token Hook modifies JWT claims before issuance. Send SMS Hook customizes SMS sending. Send Email Hook customizes email sending. MFA Verification Hook adds custom MFA verification logic.

Auth Hooks are valuable for:

  • Adding custom claims for authorization
  • Integrating custom communication providers
  • Implementing custom MFA flows
  • Adding business logic to authentication
  • Customizing auth emails and SMS messages

Auth Hooks provide the flexibility to customize authentication while leveraging Supabase Auth's foundation.

Read Documentation
Share
Analytics Buckets (with Iceberg)Authorization via Row Level Security

Build in a weekend, scale to millions

Start your projectRequest a demo