Circle V2 API Docs
    Preparing search index...

    Class SupabaseAuthClient

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    logger options

    Methods

    exchangeCodeForSession passwordReset passwordUpdate setSession signInWithGoogle signInWithOTP signInWithPassword signUpWithEmailAndPassword

    Constructors

    • Parameters

      • options: {
            autoRefreshToken?: boolean;
            debug?: boolean | ((message: string, ...args: any[]) => void);
            detectSessionInUrl?:
                | boolean
                | ((url: URL, params: { [parameter: string]: string }) => boolean);
            flowType?: AuthFlowType;
            lock?: LockFunc;
            persistSession?: boolean;
            storage?: SupportedStorage;
            storageKey?: string;
            throwOnError?: boolean;
            userStorage?: SupportedStorage;
        } & {
            cookieEncoding?: "base64url"
            | "raw";
            cookieOptions?: CookieOptionsWithName;
            cookies: Cookies;
            oauthRedirectUrl: string;
            passwordResetRedirectUrl: string;
        }
        • OptionalautoRefreshToken?: boolean

          Automatically refreshes the token for logged-in users. Defaults to true.

        • Optionaldebug?: boolean | ((message: string, ...args: any[]) => void)

          If debug messages for authentication client are emitted. Can be used to inspect the behavior of the library.

        • OptionaldetectSessionInUrl?: boolean | ((url: URL, params: { [parameter: string]: string }) => boolean)

          Detect a session from the URL. Used for OAuth login callbacks. Defaults to true.

          Can be set to a function to provide custom logic for determining if a URL contains a Supabase auth callback. The function receives the current URL and parsed parameters, and should return true if the URL should be processed as a Supabase auth callback.

          This is useful when your app uses other OAuth providers (e.g., Facebook Login) that also return access_token in the URL fragment, which would otherwise be incorrectly intercepted by Supabase Auth.

          detectSessionInUrl: (url, params) => {
            // Ignore Facebook OAuth redirects
            if (url.pathname === '/facebook/redirect') return false
            // Use default detection for other URLs
            return Boolean(params.access_token || params.error_description)
          }
        • OptionalflowType?: AuthFlowType

          OAuth flow to use - defaults to implicit flow. PKCE is recommended for mobile and server-side applications.

        • Optional Experimentallock?: LockFunc

          Provide your own locking mechanism based on the environment. By default no locking is done at this time.

        • OptionalpersistSession?: boolean

          Whether to persist a logged-in session to storage. Defaults to true.

        • Optionalstorage?: SupportedStorage

          A storage provider. Used to store the logged-in session.

        • OptionalstorageKey?: string

          Optional key name used for storing tokens in local storage.

        • OptionalthrowOnError?: boolean

          If there is an error with the query, throwOnError will reject the promise by throwing the error instead of returning it as part of a successful response.

        • Optional ExperimentaluserStorage?: SupportedStorage

          A storage provider to store the user profile separately from the session. Useful when you need to store the session information in cookies, without bloating the data with the redundant user object.

        • OptionalcookieEncoding?: "base64url" | "raw"
        • OptionalcookieOptions?: CookieOptionsWithName
        • cookies: Cookies
        • oauthRedirectUrl: string
        • passwordResetRedirectUrl: string

      Returns SupabaseAuthClient

    Properties

    logger: StructuredLogger = ...
    options: {
        autoRefreshToken?: boolean;
        debug?: boolean | ((message: string, ...args: any[]) => void);
        detectSessionInUrl?:
            | boolean
            | ((url: URL, params: { [parameter: string]: string }) => boolean);
        flowType?: AuthFlowType;
        lock?: LockFunc;
        persistSession?: boolean;
        storage?: SupportedStorage;
        storageKey?: string;
        throwOnError?: boolean;
        userStorage?: SupportedStorage;
    } & {
        cookieEncoding?: "base64url"
        | "raw";
        cookieOptions?: CookieOptionsWithName;
        cookies: Cookies;
        oauthRedirectUrl: string;
        passwordResetRedirectUrl: string;
    }

    Type Declaration

    • OptionalautoRefreshToken?: boolean

      Automatically refreshes the token for logged-in users. Defaults to true.

    • Optionaldebug?: boolean | ((message: string, ...args: any[]) => void)

      If debug messages for authentication client are emitted. Can be used to inspect the behavior of the library.

    • OptionaldetectSessionInUrl?: boolean | ((url: URL, params: { [parameter: string]: string }) => boolean)

      Detect a session from the URL. Used for OAuth login callbacks. Defaults to true.

      Can be set to a function to provide custom logic for determining if a URL contains a Supabase auth callback. The function receives the current URL and parsed parameters, and should return true if the URL should be processed as a Supabase auth callback.

      This is useful when your app uses other OAuth providers (e.g., Facebook Login) that also return access_token in the URL fragment, which would otherwise be incorrectly intercepted by Supabase Auth.

      detectSessionInUrl: (url, params) => {
        // Ignore Facebook OAuth redirects
        if (url.pathname === '/facebook/redirect') return false
        // Use default detection for other URLs
        return Boolean(params.access_token || params.error_description)
      }
    • OptionalflowType?: AuthFlowType

      OAuth flow to use - defaults to implicit flow. PKCE is recommended for mobile and server-side applications.

    • Optional Experimentallock?: LockFunc

      Provide your own locking mechanism based on the environment. By default no locking is done at this time.

    • OptionalpersistSession?: boolean

      Whether to persist a logged-in session to storage. Defaults to true.

    • Optionalstorage?: SupportedStorage

      A storage provider. Used to store the logged-in session.

    • OptionalstorageKey?: string

      Optional key name used for storing tokens in local storage.

    • OptionalthrowOnError?: boolean

      If there is an error with the query, throwOnError will reject the promise by throwing the error instead of returning it as part of a successful response.

    • Optional ExperimentaluserStorage?: SupportedStorage

      A storage provider to store the user profile separately from the session. Useful when you need to store the session information in cookies, without bloating the data with the redundant user object.

    • OptionalcookieEncoding?: "base64url" | "raw"
    • OptionalcookieOptions?: CookieOptionsWithName
    • cookies: Cookies
    • oauthRedirectUrl: string
    • passwordResetRedirectUrl: string

    Methods

    • Parameters

      • email: string

      Returns Promise<void>

    • Parameters

      • password: string

      Returns Promise<void>

    • Establishes a Supabase session from raw tokens. This is Supabase-specific (not on BaseAuthClient) and is used for invite acceptance where we receive tokens directly instead of a PKCE code.

      Parameters

      • accessToken: string
      • refreshToken: string

      Returns Promise<void>

    • Returns Promise<{ url: string }>

    • Parameters

      • email: string
      • password: string

      Returns Promise<void>

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods