Options
All
  • Public
  • Public/Protected
  • All
Menu

Index

References

Enumerations

Classes

Interfaces

Type Aliases

Variables

Functions

References

Re-exports QueryData
Re-exports QueryError
Re-exports QueryResult
Renames and re-exports AuthSession
Re-exports SupabaseClientOptions
Renames and re-exports AuthUser

Type Aliases

AuthChangeEvent: "INITIAL_SESSION" | "PASSWORD_RECOVERY" | "SIGNED_IN" | "SIGNED_OUT" | "TOKEN_REFRESHED" | "USER_UPDATED" | AuthChangeEventMFA
AuthChangeEventMFA: "MFA_CHALLENGE_VERIFIED"
AuthFlowType: "implicit" | "pkce"
AuthMFAAdminDeleteFactorParams: { id: string; userId: string }
expermental

Type declaration

  • id: string

    ID of the MFA factor to delete.

  • userId: string

    ID of the user whose factor is being deleted.

AuthMFAAdminDeleteFactorResponse: { data: { id: string }; error: null } | { data: null; error: AuthError }
expermental
AuthMFAAdminListFactorsParams: { userId: string }
expermental

Type declaration

  • userId: string

    ID of the user.

AuthMFAAdminListFactorsResponse: { data: { factors: Factor[] }; error: null } | { data: null; error: AuthError }
expermental
AuthMFAChallengeResponse: { data: { expires_at: number; id: string; type: "totp" | "phone" }; error: null } | { data: null; error: AuthError }
AuthMFAEnrollResponse: AuthMFAEnrollTOTPResponse | AuthMFAEnrollPhoneResponse
AuthMFAGetAuthenticatorAssuranceLevelResponse: { data: { currentAuthenticationMethods: AMREntry[]; currentLevel: AuthenticatorAssuranceLevels | null; nextLevel: AuthenticatorAssuranceLevels | null }; error: null } | { data: null; error: AuthError }
AuthMFAListFactorsResponse: { data: { all: Factor[]; phone: Factor[]; totp: Factor[] }; error: null } | { data: null; error: AuthError }
AuthMFAUnenrollResponse: { data: { id: string }; error: null } | { data: null; error: AuthError }
AuthMFAVerifyResponse: { data: { access_token: string; expires_in: number; refresh_token: string; token_type: string; user: AuthUser }; error: null } | { data: null; error: AuthError }
AuthOtpResponse: { data: { messageId?: string | null; session: null; user: null }; error: null } | { data: { messageId?: string | null; session: null; user: null }; error: AuthError }

AuthOtpResponse is returned when OTP is used.

{@see AuthResponse}

AuthResponse: { data: { session: AuthSession | null; user: AuthUser | null }; error: null } | { data: { session: null; user: null }; error: AuthError }
AuthResponsePassword: { data: { session: AuthSession | null; user: AuthUser | null; weak_password?: WeakPassword | null }; error: null } | { data: { session: null; user: null }; error: AuthError }
AuthTokenResponse: { data: { session: AuthSession; user: AuthUser }; error: null } | { data: { session: null; user: null }; error: AuthError }
AuthTokenResponsePassword: { data: { session: AuthSession; user: AuthUser; weakPassword?: WeakPassword }; error: null } | { data: { session: null; user: null; weakPassword?: null }; error: AuthError }
AuthenticatorAssuranceLevels: "aal1" | "aal2"
CallRefreshTokenResult: { error: null; session: AuthSession } | { error: AuthError; session: null }
EmailOtpType: "signup" | "invite" | "magiclink" | "recovery" | "email_change" | "email"
FunctionInvokeOptions: { body?: File | Blob | ArrayBuffer | FormData | ReadableStream<Uint8Array> | Record<string, any> | string; headers?: {}; method?: "POST" | "GET" | "PUT" | "PATCH" | "DELETE"; region?: FunctionRegion }

Type declaration

  • Optional body?: File | Blob | ArrayBuffer | FormData | ReadableStream<Uint8Array> | Record<string, any> | string

    The body of the request.

  • Optional headers?: {}

    Object representing the headers to send with the request.

    • [key: string]: string
  • Optional method?: "POST" | "GET" | "PUT" | "PATCH" | "DELETE"

    The HTTP verb of the request

  • Optional region?: FunctionRegion

    The Region to invoke the function in.

GenerateEmailChangeLinkParams: { email: string; newEmail: string; options?: Pick<GenerateLinkOptions, "redirectTo">; type: "email_change_current" | "email_change_new" }

Type declaration

  • email: string

    The user's email

  • newEmail: string

    The user's new email. Only required if type is 'email_change_current' or 'email_change_new'.

  • Optional options?: Pick<GenerateLinkOptions, "redirectTo">
  • type: "email_change_current" | "email_change_new"
GenerateInviteOrMagiclinkParams: { email: string; options?: Pick<GenerateLinkOptions, "data" | "redirectTo">; type: "invite" | "magiclink" }

Type declaration

  • email: string

    The user's email

  • Optional options?: Pick<GenerateLinkOptions, "data" | "redirectTo">
  • type: "invite" | "magiclink"
GenerateLinkProperties: { action_link: string; email_otp: string; hashed_token: string; redirect_to: string; verification_type: GenerateLinkType }

The properties related to the email link generated

Type declaration

  • action_link: string

    The email link to send to the user. The action_link follows the following format: auth/v1/verify?type={verification_type}&token={hashed_token}&redirect_to={redirect_to}

  • email_otp: string

    The raw email OTP. You should send this in the email if you want your users to verify using an OTP instead of the action link.

  • hashed_token: string

    The hashed token appended to the action link.

  • redirect_to: string

    The URL appended to the action link.

  • verification_type: GenerateLinkType

    The verification type that the email link is associated to.

GenerateLinkResponse: { data: { properties: GenerateLinkProperties; user: AuthUser }; error: null } | { data: { properties: null; user: null }; error: AuthError }
GenerateLinkType: "signup" | "invite" | "magiclink" | "recovery" | "email_change_current" | "email_change_new"
GenerateRecoveryLinkParams: { email: string; options?: Pick<GenerateLinkOptions, "redirectTo">; type: "recovery" }

Type declaration

  • email: string

    The user's email

  • Optional options?: Pick<GenerateLinkOptions, "redirectTo">
  • type: "recovery"
GenerateSignupLinkParams: { email: string; options?: Pick<GenerateLinkOptions, "data" | "redirectTo">; password: string; type: "signup" }

Type declaration

  • email: string
  • Optional options?: Pick<GenerateLinkOptions, "data" | "redirectTo">
  • password: string
  • type: "signup"
GoTrueClientOptions: { autoRefreshToken?: boolean; debug?: boolean | ((message: string, ...args: any[]) => void); detectSessionInUrl?: boolean; fetch?: Fetch; flowType?: AuthFlowType; hasCustomAuthorizationHeader?: boolean; headers?: {}; lock?: LockFunc; persistSession?: boolean; storage?: SupportedStorage; storageKey?: string; url?: string }

Type declaration

  • Optional autoRefreshToken?: boolean
  • Optional debug?: boolean | ((message: string, ...args: any[]) => void)
  • Optional detectSessionInUrl?: boolean
  • Optional fetch?: Fetch
  • Optional flowType?: AuthFlowType
  • Optional hasCustomAuthorizationHeader?: boolean

    Set to "true" if there is a custom authorization header set globally.

    experimental
  • Optional headers?: {}
    • [key: string]: string
  • Optional lock?: LockFunc

    Provide your own locking mechanism based on the environment. By default no locking is done at this time.

    experimental
  • Optional persistSession?: boolean
  • Optional storage?: SupportedStorage
  • Optional storageKey?: string
  • Optional url?: string
InitializeResult: { error: AuthError | null }

Type declaration

LockFunc: (<R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)) => Promise<R>)

Type declaration

    • <R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)): Promise<R>
    • Provide your own global lock implementation instead of the default implementation. The function should acquire a lock for the duration of the fn async function, such that no other client instances will be able to hold it at the same time.

      experimental

      Type Parameters

      • R

      Parameters

      • name: string

        Name of the lock to be acquired.

      • acquireTimeout: number

        If negative, no timeout should occur. If positive it should throw an Error with an isAcquireTimeout property set to true if the operation fails to be acquired after this much time (ms).

      • fn: (() => Promise<R>)

        The operation to execute when the lock is acquired.

          • (): Promise<R>
          • Returns Promise<R>

      Returns Promise<R>

MFAChallengeAndVerifyParams: { code: string; factorId: string }

Type declaration

  • code: string

    Verification code provided by the user.

  • factorId: string

    ID of the factor being verified. Returned in enroll().

MFAChallengeParams: { channel?: "sms" | "whatsapp"; factorId: string }

Type declaration

  • Optional channel?: "sms" | "whatsapp"

    Messaging channel to use (e.g. whatsapp or sms). Only relevant for phone factors

  • factorId: string

    ID of the factor to be challenged. Returned in enroll().

MFAEnrollParams: MFAEnrollTOTPParams | MFAEnrollPhoneParams
MFAUnenrollParams: { factorId: string }

Type declaration

  • factorId: string

    ID of the factor being unenrolled.

MFAVerifyParams: { challengeId: string; code: string; factorId: string }

Type declaration

  • challengeId: string

    ID of the challenge being verified. Returned in challenge().

  • code: string

    Verification code provided by the user.

  • factorId: string

    ID of the factor being verified. Returned in enroll().

MobileOtpType: "sms" | "phone_change"
OAuthResponse: { data: { provider: Provider; url: string }; error: null } | { data: { provider: Provider; url: null }; error: AuthError }
PageParams: { page?: number; perPage?: number }

Type declaration

  • Optional page?: number

    The page number

  • Optional perPage?: number

    Number of items returned per page

Pagination: { lastPage: number; nextPage: number | null; total: number }

Type declaration

  • [key: string]: any
  • lastPage: number
  • nextPage: number | null
  • total: number
PostgrestMaybeSingleResponse<T>: PostgrestSingleResponse<T | null>

Type Parameters

  • T

PostgrestResponse<T>: PostgrestSingleResponse<T[]>

Type Parameters

  • T

PostgrestSingleResponse<T>: PostgrestResponseSuccess<T> | PostgrestResponseFailure

Type Parameters

  • T

Provider: "apple" | "azure" | "bitbucket" | "discord" | "facebook" | "figma" | "github" | "gitlab" | "google" | "kakao" | "keycloak" | "linkedin" | "linkedin_oidc" | "notion" | "slack" | "slack_oidc" | "spotify" | "twitch" | "twitter" | "workos" | "zoom" | "fly"

One of the providers supported by GoTrue.

RealtimeChannelOptions: { config: { broadcast?: { ack?: boolean; self?: boolean }; presence?: { key?: string }; private?: boolean } }

Type declaration

  • config: { broadcast?: { ack?: boolean; self?: boolean }; presence?: { key?: string }; private?: boolean }
    • Optional broadcast?: { ack?: boolean; self?: boolean }

      self option enables client to receive message it broadcast ack option instructs server to acknowledge that broadcast message was received

      • Optional ack?: boolean
      • Optional self?: boolean
    • Optional presence?: { key?: string }

      key option is used to track presence payload across clients

      • Optional key?: string
    • Optional private?: boolean

      defines if the channel is private or not and if RLS policies will be used to check data

RealtimeChannelSendResponse: "ok" | "timed out" | "error"
RealtimeClientOptions: { decode?: Function; encode?: Function; fetch?: Fetch; headers?: {}; heartbeatIntervalMs?: number; log_level?: "info" | "debug" | "warn" | "error"; logger?: Function; params?: {}; reconnectAfterMs?: Function; timeout?: number; transport?: WebSocketLikeConstructor; worker?: boolean; workerUrl?: string; accessToken?: any }

Type declaration

  • Optional decode?: Function
  • Optional encode?: Function
  • Optional fetch?: Fetch
  • Optional headers?: {}
    • [key: string]: string
  • Optional heartbeatIntervalMs?: number
  • Optional log_level?: "info" | "debug" | "warn" | "error"
  • Optional logger?: Function
  • Optional params?: {}
    • [key: string]: any
  • Optional reconnectAfterMs?: Function
  • Optional timeout?: number
  • Optional transport?: WebSocketLikeConstructor
  • Optional worker?: boolean
  • Optional workerUrl?: string
  • accessToken?:function
    • accessToken(): Promise<null | string>
    • Returns Promise<null | string>

RealtimeMessage: { event: string; join_ref?: string; payload: any; ref: string; topic: string }

Type declaration

  • event: string
  • Optional join_ref?: string
  • payload: any
  • ref: string
  • topic: string
RealtimePostgresChangesFilter<T>: { event: T; filter?: string; schema: string; table?: string }

Type Parameters

Type declaration

  • event: T

    The type of database change to listen to.

  • Optional filter?: string

    Receive database changes when filter is matched.

  • schema: string

    The database schema to listen to.

  • Optional table?: string

    The database table to listen to.

Type Parameters

  • T extends {}

RealtimePostgresDeletePayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${DELETE}`; new: {}; old: Partial<T> }

Type Parameters

  • T extends {}

RealtimePostgresInsertPayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${INSERT}`; new: T; old: {} }

Type Parameters

  • T extends {}

RealtimePostgresUpdatePayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${UPDATE}`; new: T; old: Partial<T> }

Type Parameters

  • T extends {}

RealtimePresenceJoinPayload<T>: { currentPresences: Presence<T>[]; event: `${JOIN}`; key: string; newPresences: Presence<T>[] }

Type Parameters

  • T extends {}

Type declaration

  • currentPresences: Presence<T>[]
  • event: `${JOIN}`
  • key: string
  • newPresences: Presence<T>[]
RealtimePresenceLeavePayload<T>: { currentPresences: Presence<T>[]; event: `${LEAVE}`; key: string; leftPresences: Presence<T>[] }

Type Parameters

  • T extends {}

Type declaration

  • currentPresences: Presence<T>[]
  • event: `${LEAVE}`
  • key: string
  • leftPresences: Presence<T>[]
RealtimePresenceState<T>: {}

Type Parameters

  • T extends {} = {}

Type declaration

  • [key: string]: Presence<T>[]
RealtimeRemoveChannelResponse: "ok" | "timed out" | "error"
ResendParams: { email: string; options?: { captchaToken?: string; emailRedirectTo?: string }; type: Extract<EmailOtpType, "signup" | "email_change"> } | { options?: { captchaToken?: string }; phone: string; type: Extract<MobileOtpType, "sms" | "phone_change"> }
SSOResponse: { data: { url: string }; error: null } | { data: null; error: AuthError }
SignInAnonymouslyCredentials: { options?: { captchaToken?: string; data?: object } }

Type declaration

  • Optional options?: { captchaToken?: string; data?: object }
    • Optional captchaToken?: string

      Verification token received when the user completes the captcha on the site.

    • Optional data?: object

      A custom data object to store the user's metadata. This maps to the auth.users.raw_user_meta_data column.

      The data should be a JSON object that includes user-specific info, such as their first and last name.

SignInWithIdTokenCredentials: { access_token?: string; nonce?: string; options?: { captchaToken?: string }; provider: "google" | "apple" | "azure" | "facebook" | "kakao" | string & {}; token: string }

Type declaration

  • Optional access_token?: string

    If the ID token contains an at_hash claim, then the hash of this value is compared to the value in the ID token.

  • Optional nonce?: string

    If the ID token contains a nonce claim, then the hash of this value is compared to the value in the ID token.

  • Optional options?: { captchaToken?: string }
    • Optional captchaToken?: string

      Verification token received when the user completes the captcha on the site.

  • provider: "google" | "apple" | "azure" | "facebook" | "kakao" | string & {}

    Provider name or OIDC iss value identifying which provider should be used to verify the provided token. Supported names: google, apple, azure, facebook, kakao, keycloak (deprecated).

  • token: string

    OIDC ID token issued by the specified provider. The iss claim in the ID token must match the supplied provider. Some ID tokens contain an at_hash which require that you provide an access_token value to be accepted properly. If the token contains a nonce claim you must supply the nonce used to obtain the ID token.

SignInWithOAuthCredentials: { options?: { queryParams?: {}; redirectTo?: string; scopes?: string; skipBrowserRedirect?: boolean }; provider: Provider }

Type declaration

  • Optional options?: { queryParams?: {}; redirectTo?: string; scopes?: string; skipBrowserRedirect?: boolean }
    • Optional queryParams?: {}

      An object of query params

      • [key: string]: string
    • Optional redirectTo?: string

      A URL to send the user to after they are confirmed.

    • Optional scopes?: string

      A space-separated list of scopes granted to the OAuth application.

    • Optional skipBrowserRedirect?: boolean

      If set to true does not immediately redirect the current browser context to visit the OAuth authorization page for the provider.

  • provider: Provider

    One of the providers supported by GoTrue.

SignInWithPasswordCredentials: { email: string; options?: { captchaToken?: string }; password: string } | { options?: { captchaToken?: string }; password: string; phone: string }
SignInWithPasswordlessCredentials: { email: string; options?: { captchaToken?: string; data?: object; emailRedirectTo?: string; shouldCreateUser?: boolean } } | { options?: { captchaToken?: string; channel?: "sms" | "whatsapp"; data?: object; shouldCreateUser?: boolean }; phone: string }
SignInWithSSO: { options?: { captchaToken?: string; redirectTo?: string }; providerId: string } | { domain: string; options?: { captchaToken?: string; redirectTo?: string } }
SignOut: { scope?: "global" | "local" | "others" }

Type declaration

  • Optional scope?: "global" | "local" | "others"

    Determines which sessions should be logged out. Global means all sessions by this account. Local means only this session. Others means all other sessions except the current one. When using others, there is no sign-out event fired on the current session!

SignUpWithPasswordCredentials: { email: string; options?: { captchaToken?: string; data?: object; emailRedirectTo?: string }; password: string } | { options?: { captchaToken?: string; channel?: "sms" | "whatsapp"; data?: object }; password: string; phone: string }
SupportedStorage: PromisifyMethods<Pick<Storage, "getItem" | "setItem" | "removeItem">> & { isServer?: boolean }
UserResponse: { data: { user: AuthUser }; error: null } | { data: { user: null }; error: AuthError }
WeakPassword: { message: string; reasons: WeakPasswordReasons[] }

Type declaration

WeakPasswordReasons: "length" | "characters" | "pwned" | string & {}

Variables

AuthAdminApi: typeof GoTrueAdminApi
AuthClient: typeof GoTrueClient
REALTIME_CHANNEL_STATES: typeof CHANNEL_STATES
lockInternals: { debug: boolean }
experimental

Type declaration

  • debug: boolean
    experimental

Functions

  • createClient<Database, SchemaName, Schema>(supabaseUrl: string, supabaseKey: string, options?: SupabaseClientOptions<SchemaName>): SupabaseClient<Database, SchemaName, Schema>
  • Creates a new Supabase Client.

    Type Parameters

    • Database = any

    • SchemaName extends string = "public" extends keyof Database ? "public" : string & keyof Database

    • Schema extends GenericSchema = Database[SchemaName] extends GenericSchema ? any[any] : any

    Parameters

    Returns SupabaseClient<Database, SchemaName, Schema>

  • Parameters

    • error: unknown

    Returns error is AuthApiError

  • isAuthError(error: unknown): error is AuthError
  • Parameters

    • error: unknown

    Returns error is AuthError

  • Parameters

    • error: unknown

    Returns error is AuthRetryableFetchError

  • Parameters

    • error: any

    Returns error is AuthSessionMissingError

  • Parameters

    • error: unknown

    Returns error is AuthWeakPasswordError

  • navigatorLock<R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)): Promise<R>
  • Implements a global exclusive lock using the Navigator LockManager API. It is available on all browsers released after 2022-03-15 with Safari being the last one to release support. If the API is not available, this function will throw. Make sure you check availablility before configuring GoTrueClient.

    You can turn on debugging by setting the supabase.gotrue-js.locks.debug local storage item to true.

    Internals:

    Since the LockManager API does not preserve stack traces for the async function passed in the request method, a trick is used where acquiring the lock releases a previously started promise to run the operation in the fn function. The lock waits for that promise to finish (with or without error), while the function will finally wait for the result anyway.

    Type Parameters

    • R

    Parameters

    • name: string

      Name of the lock to be acquired.

    • acquireTimeout: number

      If negative, no timeout. If 0 an error is thrown if the lock can't be acquired without waiting. If positive, the lock acquire will time out after so many milliseconds. An error is a timeout if it has isAcquireTimeout set to true.

    • fn: (() => Promise<R>)

      The operation to run once the lock is acquired.

        • (): Promise<R>
        • Returns Promise<R>

    Returns Promise<R>

Generated using TypeDoc