Authentication

OAuth

Get started with social authentication.

Supabase supports almost 20 (!) different OAuth providers. They can be easily configured and enabled in the kit without any additional configuration needed.

Everything configured!

TurboStarter provides you with all the configuration required to handle OAuth providers responses from your app:

  • redirects
  • middleware
  • confirmation API routes

You just need to configure one of the below providers on their side and pass correct credentials to Supabase.

OAuth providers

IMPORTANT: The configuration is done on Supabase's side - not on TurboStarter's side.

Third Party providers need to be configured, managed and enabled fully on the provider's and Supabase's side. TurboStarter does not need any configuration (beyond setting the provider to be displayed in the UI).

Please read Supabase's documentation on how to set up third-party providers.

For local development, also check out Supabase's documentation on how to set up OAuth providers locally.

Local development secrets

For local development, you would need to set the environment variables for OAuth providers in packages/db/.env.local - this is the place from where the local Supabase instance reads the environment variables.

packages/db/.env.local
# Google OAuth credentials used by Supabase
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
 
# Github OAuth credentials used by Supabase
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=

After changing values in .env.local, you need to restart Docker containers using pnpm db:stop and pnpm db:start to apply the changes.

Remember to add redirect URL

As for the web app, we need to define some redirect url where the user is redirected after authentication. For mobile app, we don't have a classic URL, but an app scheme, which we're using to deep link user to specified screen in the app.

To find your app scheme, take a look at apps/mobile/app.config.ts file:

apps/mobile/app.config.ts
export default ({ config }: ConfigContext): ExpoConfig => ({
    ...
    scheme: "turbostarter",
    ...
});

Then, for local development, ensure it's added to additional_redirect_urls array in packages/db/supabase/config.toml file:

packages/db/supabase/config.toml
...
 
[auth]
site_url = "http://localhost:3000"
...
additional_redirect_urls = ["http://localhost:54321/auth/v1/callback", "turbostarter://**"]
 
...

For the cloud instance, make sure to add in your project dashboard under Authentication -> URL Configuration -> Redirect URLs.

Supabase Redirect URLs

Read more about redirect URLs in Supabase's documentation.

Also, we included some native integrations (Apple for iOS and Google for Android) to make the sign-in process smoother and faster for the user.

Apple

Configure native Apple OAuth for your application.

Google

Configure native Google OAuth for your application.

Last updated on

Previous

User flow

Next

Apple

On this page

No Headings
Ship your startup everywhere. In minutes.Get TurboStarter