Options
All
  • Public
  • Public/Protected
  • All
Menu

Module index

Index

References

Enumerations

Classes

Interfaces

Type Aliases

Variables

Functions

References

QueryData

Re-exports QueryData

QueryError

Re-exports QueryError

QueryResult

Re-exports QueryResult

Session

Renames and re-exports AuthSession

SupabaseClientOptions

Re-exports SupabaseClientOptions

User

Renames and re-exports AuthUser

Type Aliases

AuthChangeEvent

AuthChangeEvent: "INITIAL_SESSION" | "PASSWORD_RECOVERY" | "SIGNED_IN" | "SIGNED_OUT" | "TOKEN_REFRESHED" | "USER_UPDATED" | AuthChangeEventMFA

AuthChangeEventMFA

AuthChangeEventMFA: "MFA_CHALLENGE_VERIFIED"

AuthFlowType

AuthFlowType: "implicit" | "pkce"

AuthMFAAdminDeleteFactorParams

AuthMFAAdminDeleteFactorParams: { id: string; userId: string }
expermental

Type declaration

  • id: string

    ID of the MFA factor to delete.

  • userId: string

    ID of the user whose factor is being deleted.

AuthMFAAdminDeleteFactorResponse

AuthMFAAdminDeleteFactorResponse: { data: { id: string }; error: null } | { data: null; error: AuthError }
expermental

AuthMFAAdminListFactorsParams

AuthMFAAdminListFactorsParams: { userId: string }
expermental

Type declaration

  • userId: string

    ID of the user.

AuthMFAAdminListFactorsResponse

AuthMFAAdminListFactorsResponse: { data: { factors: Factor[] }; error: null } | { data: null; error: AuthError }
expermental

AuthMFAChallengeResponse

AuthMFAChallengeResponse: { data: { expires_at: number; id: string; type: "totp" | "phone" }; error: null } | { data: null; error: AuthError }

AuthMFAEnrollResponse

AuthMFAEnrollResponse: AuthMFAEnrollTOTPResponse | AuthMFAEnrollPhoneResponse

AuthMFAGetAuthenticatorAssuranceLevelResponse

AuthMFAGetAuthenticatorAssuranceLevelResponse: { data: { currentAuthenticationMethods: AMREntry[]; currentLevel: AuthenticatorAssuranceLevels | null; nextLevel: AuthenticatorAssuranceLevels | null }; error: null } | { data: null; error: AuthError }

AuthMFAListFactorsResponse

AuthMFAListFactorsResponse: { data: { all: Factor[]; phone: Factor[]; totp: Factor[] }; error: null } | { data: null; error: AuthError }

AuthMFAUnenrollResponse

AuthMFAUnenrollResponse: { data: { id: string }; error: null } | { data: null; error: AuthError }

AuthMFAVerifyResponse

AuthMFAVerifyResponse: { data: { access_token: string; expires_in: number; refresh_token: string; token_type: string; user: AuthUser }; error: null } | { data: null; error: AuthError }

AuthOtpResponse

AuthOtpResponse: { data: { messageId?: string | null; session: null; user: null }; error: null } | { data: { messageId?: string | null; session: null; user: null }; error: AuthError }

AuthOtpResponse is returned when OTP is used.

{@see AuthResponse}

AuthResponse

AuthResponse: { data: { session: AuthSession | null; user: AuthUser | null }; error: null } | { data: { session: null; user: null }; error: AuthError }

AuthResponsePassword

AuthResponsePassword: { data: { session: AuthSession | null; user: AuthUser | null; weak_password?: WeakPassword | null }; error: null } | { data: { session: null; user: null }; error: AuthError }

AuthTokenResponse

AuthTokenResponse: { data: { session: AuthSession; user: AuthUser }; error: null } | { data: { session: null; user: null }; error: AuthError }

AuthTokenResponsePassword

AuthTokenResponsePassword: { data: { session: AuthSession; user: AuthUser; weakPassword?: WeakPassword }; error: null } | { data: { session: null; user: null; weakPassword?: null }; error: AuthError }

AuthenticatorAssuranceLevels

AuthenticatorAssuranceLevels: "aal1" | "aal2"

CallRefreshTokenResult

CallRefreshTokenResult: { error: null; session: AuthSession } | { error: AuthError; session: null }

EmailOtpType

EmailOtpType: "signup" | "invite" | "magiclink" | "recovery" | "email_change" | "email"

FunctionInvokeOptions

FunctionInvokeOptions: { body?: File | Blob | ArrayBuffer | FormData | ReadableStream<Uint8Array> | Record<string, any> | string; headers?: {}; method?: "POST" | "GET" | "PUT" | "PATCH" | "DELETE"; region?: FunctionRegion }

Type declaration

  • Optional body?: File | Blob | ArrayBuffer | FormData | ReadableStream<Uint8Array> | Record<string, any> | string

    The body of the request.

  • Optional headers?: {}

    Object representing the headers to send with the request.

    • [key: string]: string
  • Optional method?: "POST" | "GET" | "PUT" | "PATCH" | "DELETE"

    The HTTP verb of the request

  • Optional region?: FunctionRegion

    The Region to invoke the function in.

GenerateEmailChangeLinkParams

GenerateEmailChangeLinkParams: { email: string; newEmail: string; options?: Pick<GenerateLinkOptions, "redirectTo">; type: "email_change_current" | "email_change_new" }

Type declaration

  • email: string

    The user's email

  • newEmail: string

    The user's new email. Only required if type is 'email_change_current' or 'email_change_new'.

  • Optional options?: Pick<GenerateLinkOptions, "redirectTo">
  • type: "email_change_current" | "email_change_new"

GenerateInviteOrMagiclinkParams

GenerateInviteOrMagiclinkParams: { email: string; options?: Pick<GenerateLinkOptions, "data" | "redirectTo">; type: "invite" | "magiclink" }

Type declaration

  • email: string

    The user's email

  • Optional options?: Pick<GenerateLinkOptions, "data" | "redirectTo">
  • type: "invite" | "magiclink"

GenerateLinkParams

GenerateLinkParams: GenerateSignupLinkParams | GenerateInviteOrMagiclinkParams | GenerateRecoveryLinkParams | GenerateEmailChangeLinkParams

GenerateLinkProperties

GenerateLinkProperties: { action_link: string; email_otp: string; hashed_token: string; redirect_to: string; verification_type: GenerateLinkType }

The properties related to the email link generated

Type declaration

  • action_link: string

    The email link to send to the user. The action_link follows the following format: auth/v1/verify?type={verification_type}&token={hashed_token}&redirect_to={redirect_to}

  • email_otp: string

    The raw email OTP. You should send this in the email if you want your users to verify using an OTP instead of the action link.

  • hashed_token: string

    The hashed token appended to the action link.

  • redirect_to: string

    The URL appended to the action link.

  • verification_type: GenerateLinkType

    The verification type that the email link is associated to.

GenerateLinkResponse

GenerateLinkResponse: { data: { properties: GenerateLinkProperties; user: AuthUser }; error: null } | { data: { properties: null; user: null }; error: AuthError }

GenerateLinkType

GenerateLinkType: "signup" | "invite" | "magiclink" | "recovery" | "email_change_current" | "email_change_new"

GenerateRecoveryLinkParams

GenerateRecoveryLinkParams: { email: string; options?: Pick<GenerateLinkOptions, "redirectTo">; type: "recovery" }

Type declaration

  • email: string

    The user's email

  • Optional options?: Pick<GenerateLinkOptions, "redirectTo">
  • type: "recovery"

GenerateSignupLinkParams

GenerateSignupLinkParams: { email: string; options?: Pick<GenerateLinkOptions, "data" | "redirectTo">; password: string; type: "signup" }

Type declaration

  • email: string
  • Optional options?: Pick<GenerateLinkOptions, "data" | "redirectTo">
  • password: string
  • type: "signup"

GoTrueClientOptions

GoTrueClientOptions: { autoRefreshToken?: boolean; debug?: boolean | ((message: string, ...args: any[]) => void); detectSessionInUrl?: boolean; fetch?: Fetch; flowType?: AuthFlowType; hasCustomAuthorizationHeader?: boolean; headers?: {}; lock?: LockFunc; persistSession?: boolean; storage?: SupportedStorage; storageKey?: string; url?: string }

Type declaration

  • Optional autoRefreshToken?: boolean
  • Optional debug?: boolean | ((message: string, ...args: any[]) => void)
  • Optional detectSessionInUrl?: boolean
  • Optional fetch?: Fetch
  • Optional flowType?: AuthFlowType
  • Optional hasCustomAuthorizationHeader?: boolean

    Set to "true" if there is a custom authorization header set globally.

    experimental
  • Optional headers?: {}
    • [key: string]: string
  • Optional lock?: LockFunc

    Provide your own locking mechanism based on the environment. By default no locking is done at this time.

    experimental
  • Optional persistSession?: boolean
  • Optional storage?: SupportedStorage
  • Optional storageKey?: string
  • Optional url?: string

InitializeResult

InitializeResult: { error: AuthError | null }

Type declaration

LockFunc

LockFunc: (<R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)) => Promise<R>)

Type declaration

    • <R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)): Promise<R>

    • Provide your own global lock implementation instead of the default implementation. The function should acquire a lock for the duration of the fn async function, such that no other client instances will be able to hold it at the same time.

      experimental

      Type Parameters

      • R

      Parameters

      • name: string

        Name of the lock to be acquired.

      • acquireTimeout: number

        If negative, no timeout should occur. If positive it should throw an Error with an isAcquireTimeout property set to true if the operation fails to be acquired after this much time (ms).

      • fn: (() => Promise<R>)

        The operation to execute when the lock is acquired.

          • (): Promise<R>

          • Returns Promise<R>

      Returns Promise<R>

MFAChallengeAndVerifyParams

MFAChallengeAndVerifyParams: { code: string; factorId: string }

Type declaration

  • code: string

    Verification code provided by the user.

  • factorId: string

    ID of the factor being verified. Returned in enroll().

MFAChallengeParams

MFAChallengeParams: { channel?: "sms" | "whatsapp"; factorId: string }

Type declaration

  • Optional channel?: "sms" | "whatsapp"

    Messaging channel to use (e.g. whatsapp or sms). Only relevant for phone factors

  • factorId: string

    ID of the factor to be challenged. Returned in enroll().

MFAEnrollParams

MFAEnrollParams: MFAEnrollTOTPParams | MFAEnrollPhoneParams

MFAUnenrollParams

MFAUnenrollParams: { factorId: string }

Type declaration

  • factorId: string

    ID of the factor being unenrolled.

MFAVerifyParams

MFAVerifyParams: { challengeId: string; code: string; factorId: string }

Type declaration

  • challengeId: string

    ID of the challenge being verified. Returned in challenge().

  • code: string

    Verification code provided by the user.

  • factorId: string

    ID of the factor being verified. Returned in enroll().

MobileOtpType

MobileOtpType: "sms" | "phone_change"

OAuthResponse

OAuthResponse: { data: { provider: Provider; url: string }; error: null } | { data: { provider: Provider; url: null }; error: AuthError }

PageParams

PageParams: { page?: number; perPage?: number }

Type declaration

  • Optional page?: number

    The page number

  • Optional perPage?: number

    Number of items returned per page

Pagination

Pagination: { lastPage: number; nextPage: number | null; total: number }

Type declaration

  • [key: string]: any
  • lastPage: number
  • nextPage: number | null
  • total: number

PostgrestMaybeSingleResponse

PostgrestMaybeSingleResponse<T>: PostgrestSingleResponse<T | null>

Type Parameters

  • T

PostgrestResponse

PostgrestResponse<T>: PostgrestSingleResponse<T[]>

Type Parameters

  • T

PostgrestSingleResponse

PostgrestSingleResponse<T>: PostgrestResponseSuccess<T> | PostgrestResponseFailure

Type Parameters

  • T

Provider

Provider: "apple" | "azure" | "bitbucket" | "discord" | "facebook" | "figma" | "github" | "gitlab" | "google" | "kakao" | "keycloak" | "linkedin" | "linkedin_oidc" | "notion" | "slack" | "slack_oidc" | "spotify" | "twitch" | "twitter" | "workos" | "zoom" | "fly"

One of the providers supported by GoTrue.

RealtimeChannelOptions

RealtimeChannelOptions: { config: { broadcast?: { ack?: boolean; self?: boolean }; presence?: { key?: string }; private?: boolean } }

Type declaration

  • config: { broadcast?: { ack?: boolean; self?: boolean }; presence?: { key?: string }; private?: boolean }
    • Optional broadcast?: { ack?: boolean; self?: boolean }

      self option enables client to receive message it broadcast ack option instructs server to acknowledge that broadcast message was received

      • Optional ack?: boolean
      • Optional self?: boolean
    • Optional presence?: { key?: string }

      key option is used to track presence payload across clients

      • Optional key?: string
    • Optional private?: boolean

      defines if the channel is private or not and if RLS policies will be used to check data

RealtimeChannelSendResponse

RealtimeChannelSendResponse: "ok" | "timed out" | "error"

RealtimeClientOptions

RealtimeClientOptions: { decode?: Function; encode?: Function; fetch?: Fetch; headers?: {}; heartbeatIntervalMs?: number; log_level?: "info" | "debug" | "warn" | "error"; logger?: Function; params?: {}; reconnectAfterMs?: Function; timeout?: number; transport?: WebSocketLikeConstructor; worker?: boolean; workerUrl?: string }

Type declaration

  • Optional decode?: Function
  • Optional encode?: Function
  • Optional fetch?: Fetch
  • Optional headers?: {}
    • [key: string]: string
  • Optional heartbeatIntervalMs?: number
  • Optional log_level?: "info" | "debug" | "warn" | "error"
  • Optional logger?: Function
  • Optional params?: {}
    • [key: string]: any
  • Optional reconnectAfterMs?: Function
  • Optional timeout?: number
  • Optional transport?: WebSocketLikeConstructor
  • Optional worker?: boolean
  • Optional workerUrl?: string

RealtimeMessage

RealtimeMessage: { event: string; join_ref?: string; payload: any; ref: string; topic: string }

Type declaration

  • event: string
  • Optional join_ref?: string
  • payload: any
  • ref: string
  • topic: string

RealtimePostgresChangesFilter

RealtimePostgresChangesFilter<T>: { event: T; filter?: string; schema: string; table?: string }

Type Parameters

Type declaration

  • event: T

    The type of database change to listen to.

  • Optional filter?: string

    Receive database changes when filter is matched.

  • schema: string

    The database schema to listen to.

  • Optional table?: string

    The database table to listen to.

RealtimePostgresChangesPayload

RealtimePostgresChangesPayload<T>: RealtimePostgresInsertPayload<T> | RealtimePostgresUpdatePayload<T> | RealtimePostgresDeletePayload<T>

Type Parameters

  • T extends {}

RealtimePostgresDeletePayload

RealtimePostgresDeletePayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${DELETE}`; new: {}; old: Partial<T> }

Type Parameters

  • T extends {}

RealtimePostgresInsertPayload

RealtimePostgresInsertPayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${INSERT}`; new: T; old: {} }

Type Parameters

  • T extends {}

RealtimePostgresUpdatePayload

RealtimePostgresUpdatePayload<T>: RealtimePostgresChangesPayloadBase & { eventType: `${UPDATE}`; new: T; old: Partial<T> }

Type Parameters

  • T extends {}

RealtimePresenceJoinPayload

RealtimePresenceJoinPayload<T>: { currentPresences: Presence<T>[]; event: `${JOIN}`; key: string; newPresences: Presence<T>[] }

Type Parameters

  • T extends {}

Type declaration

  • currentPresences: Presence<T>[]
  • event: `${JOIN}`
  • key: string
  • newPresences: Presence<T>[]

RealtimePresenceLeavePayload

RealtimePresenceLeavePayload<T>: { currentPresences: Presence<T>[]; event: `${LEAVE}`; key: string; leftPresences: Presence<T>[] }

Type Parameters

  • T extends {}

Type declaration

  • currentPresences: Presence<T>[]
  • event: `${LEAVE}`
  • key: string
  • leftPresences: Presence<T>[]

RealtimePresenceState

RealtimePresenceState<T>: {}

Type Parameters

  • T extends {} = {}

Type declaration

  • [key: string]: Presence<T>[]

RealtimeRemoveChannelResponse

RealtimeRemoveChannelResponse: "ok" | "timed out" | "error"

ResendParams

ResendParams: { email: string; options?: { captchaToken?: string; emailRedirectTo?: string }; type: Extract<EmailOtpType, "signup" | "email_change"> } | { options?: { captchaToken?: string }; phone: string; type: Extract<MobileOtpType, "sms" | "phone_change"> }

SSOResponse

SSOResponse: { data: { url: string }; error: null } | { data: null; error: AuthError }

SignInAnonymouslyCredentials

SignInAnonymouslyCredentials: { options?: { captchaToken?: string; data?: object } }

Type declaration

  • Optional options?: { captchaToken?: string; data?: object }
    • Optional captchaToken?: string

      Verification token received when the user completes the captcha on the site.

    • Optional data?: object

      A custom data object to store the user's metadata. This maps to the auth.users.raw_user_meta_data column.

      The data should be a JSON object that includes user-specific info, such as their first and last name.

SignInWithIdTokenCredentials

SignInWithIdTokenCredentials: { access_token?: string; nonce?: string; options?: { captchaToken?: string }; provider: "google" | "apple" | "azure" | "facebook" | "kakao" | string; token: string }

Type declaration

  • Optional access_token?: string

    If the ID token contains an at_hash claim, then the hash of this value is compared to the value in the ID token.

  • Optional nonce?: string

    If the ID token contains a nonce claim, then the hash of this value is compared to the value in the ID token.

  • Optional options?: { captchaToken?: string }
    • Optional captchaToken?: string

      Verification token received when the user completes the captcha on the site.

  • provider: "google" | "apple" | "azure" | "facebook" | "kakao" | string

    Provider name or OIDC iss value identifying which provider should be used to verify the provided token. Supported names: google, apple, azure, facebook, kakao, keycloak (deprecated).

  • token: string

    OIDC ID token issued by the specified provider. The iss claim in the ID token must match the supplied provider. Some ID tokens contain an at_hash which require that you provide an access_token value to be accepted properly. If the token contains a nonce claim you must supply the nonce used to obtain the ID token.

SignInWithOAuthCredentials

SignInWithOAuthCredentials: { options?: { queryParams?: {}; redirectTo?: string; scopes?: string; skipBrowserRedirect?: boolean }; provider: Provider }

Type declaration

  • Optional options?: { queryParams?: {}; redirectTo?: string; scopes?: string; skipBrowserRedirect?: boolean }
    • Optional queryParams?: {}

      An object of query params

      • [key: string]: string
    • Optional redirectTo?: string

      A URL to send the user to after they are confirmed.

    • Optional scopes?: string

      A space-separated list of scopes granted to the OAuth application.

    • Optional skipBrowserRedirect?: boolean

      If set to true does not immediately redirect the current browser context to visit the OAuth authorization page for the provider.

  • provider: Provider

    One of the providers supported by GoTrue.

SignInWithPasswordCredentials

SignInWithPasswordCredentials: { email: string; options?: { captchaToken?: string }; password: string } | { options?: { captchaToken?: string }; password: string; phone: string }

SignInWithPasswordlessCredentials

SignInWithPasswordlessCredentials: { email: string; options?: { captchaToken?: string; data?: object; emailRedirectTo?: string; shouldCreateUser?: boolean } } | { options?: { captchaToken?: string; channel?: "sms" | "whatsapp"; data?: object; shouldCreateUser?: boolean }; phone: string }

SignInWithSSO

SignInWithSSO: { options?: { captchaToken?: string; redirectTo?: string }; providerId: string } | { domain: string; options?: { captchaToken?: string; redirectTo?: string } }

SignOut

SignOut: { scope?: "global" | "local" | "others" }

Type declaration

  • Optional scope?: "global" | "local" | "others"

    Determines which sessions should be logged out. Global means all sessions by this account. Local means only this session. Others means all other sessions except the current one. When using others, there is no sign-out event fired on the current session!

SignUpWithPasswordCredentials

SignUpWithPasswordCredentials: { email: string; options?: { captchaToken?: string; data?: object; emailRedirectTo?: string }; password: string } | { options?: { captchaToken?: string; channel?: "sms" | "whatsapp"; data?: object }; password: string; phone: string }

SupportedStorage

SupportedStorage: PromisifyMethods<Pick<Storage, "getItem" | "setItem" | "removeItem">> & { isServer?: boolean }

UserResponse

UserResponse: { data: { user: AuthUser }; error: null } | { data: { user: null }; error: AuthError }

VerifyOtpParams

VerifyOtpParams: VerifyMobileOtpParams | VerifyEmailOtpParams | VerifyTokenHashParams

WeakPassword

WeakPassword: { message: string; reasons: WeakPasswordReasons[] }

Type declaration

WeakPasswordReasons

WeakPasswordReasons: "length" | "characters" | "pwned" | string

Variables

Const AuthAdminApi

AuthAdminApi: typeof GoTrueAdminApi

Const AuthClient

AuthClient: typeof GoTrueClient

Const REALTIME_CHANNEL_STATES

REALTIME_CHANNEL_STATES: typeof CHANNEL_STATES

Const lockInternals

lockInternals: { debug: boolean }
experimental

Type declaration

  • debug: boolean
    experimental

Functions

createClient

  • createClient<Database, SchemaName, Schema>(supabaseUrl: string, supabaseKey: string, options?: SupabaseClientOptions<SchemaName>): SupabaseClient<Database, SchemaName, Schema>

  • Creates a new Supabase Client.

    Type Parameters

    • Database = any

    • SchemaName extends string = "public" extends keyof Database ? "public" : string & keyof Database

    • Schema extends GenericSchema = Database[SchemaName] extends GenericSchema ? any[any] : any

    Parameters

    Returns SupabaseClient<Database, SchemaName, Schema>

isAuthApiError

  • Parameters

    • error: unknown

    Returns error is AuthApiError

isAuthError

  • isAuthError(error: unknown): error is AuthError

  • Parameters

    • error: unknown

    Returns error is AuthError

isAuthRetryableFetchError

  • Parameters

    • error: unknown

    Returns error is AuthRetryableFetchError

isAuthSessionMissingError

  • Parameters

    • error: any

    Returns error is AuthSessionMissingError

isAuthWeakPasswordError

  • Parameters

    • error: unknown

    Returns error is AuthWeakPasswordError

navigatorLock

  • navigatorLock<R>(name: string, acquireTimeout: number, fn: (() => Promise<R>)): Promise<R>

  • Implements a global exclusive lock using the Navigator LockManager API. It is available on all browsers released after 2022-03-15 with Safari being the last one to release support. If the API is not available, this function will throw. Make sure you check availablility before configuring GoTrueClient.

    You can turn on debugging by setting the supabase.gotrue-js.locks.debug local storage item to true.

    Internals:

    Since the LockManager API does not preserve stack traces for the async function passed in the request method, a trick is used where acquiring the lock releases a previously started promise to run the operation in the fn function. The lock waits for that promise to finish (with or without error), while the function will finally wait for the result anyway.

    Type Parameters

    • R

    Parameters

    • name: string

      Name of the lock to be acquired.

    • acquireTimeout: number

      If negative, no timeout. If 0 an error is thrown if the lock can't be acquired without waiting. If positive, the lock acquire will time out after so many milliseconds. An error is a timeout if it has isAcquireTimeout set to true.

    • fn: (() => Promise<R>)

      The operation to run once the lock is acquired.

        • (): Promise<R>

        • Returns Promise<R>

    Returns Promise<R>

Generated using TypeDoc