# JavaScript Client Library Reference
This reference documents every object and method available in Supabase's isomorphic JavaScript library, `supabase-js`. You can use `supabase-js` to interact with your Postgres database, listen to database changes, invoke Deno Edge Functions, build login and user management functionality, and manage large files.
To convert SQL queries to `supabase-js` calls, use the [SQL to REST API translator](https://supabase.com/docs/guides/api/sql-to-rest).
## Installing
### Install as package
You can install @supabase/supabase-js via the terminal.
```sh Terminal
npm install @supabase/supabase-js
```
```sh Terminal
yarn add @supabase/supabase-js
```
```sh Terminal
pnpm add @supabase/supabase-js
```
### Install via CDN
You can install @supabase/supabase-js via CDN links.
```js
//or
```
### Use at runtime in Deno
You can use supabase-js in the Deno runtime via [JSR](https://jsr.io/@supabase/supabase-js):
```ts
import { createClient } from 'npm:@supabase/supabase-js@2'
```
### Enable Data API access
supabase-js uses the Data API to query and mutate your Postgres data. You first need to grant Data API roles permissions to access your tables and functions.
In [Data API integrations settings](https://supabase.com/dashboard/project/_/integrations/data_api/settings), expose the specific tables and functions you want to access. To automatically grant access for new tables and functions in `public`, enable **Default privileges for new entities**.
Alternatively, use SQL to grant the required permissions:
```sql
-- Before granting access to client roles, make sure RLS is enabled
-- and create the policies required for each role's allowed operations.
alter table public.your_table enable row level security;
-- create policy ... on public.your_table ...;
-- Grant least-privilege access to tables after RLS and policies are in place
grant select on public.your_table to anon;
grant select, insert, update, delete on public.your_table to authenticated;
grant all on public.your_table to service_role;
-- Grant execute on functions after verifying any table access they rely on
grant execute on function public.your_function to authenticated, service_role;
```
## Initializing
Create a new client for use in the browser.
### Examples
#### Creating a client
```js
import { createClient } from '@supabase/supabase-js'
// Create a single supabase client for interacting with your database
const supabase = createClient('https://xyzcompany.supabase.co', 'your-publishable-key')
```
#### With a custom domain
```js
import { createClient } from '@supabase/supabase-js'
// Use a custom domain as the supabase URL
const supabase = createClient('https://my-custom-domain.com', 'your-publishable-key')
```
#### With additional parameters
```js
import { createClient } from '@supabase/supabase-js'
const options = {
db: {
schema: 'public',
},
auth: {
autoRefreshToken: true,
persistSession: true,
detectSessionInUrl: true
},
global: {
headers: { 'x-my-custom-header': 'my-app-name' },
},
}
const supabase = createClient("https://xyzcompany.supabase.co", "your-publishable-key", options)
```
#### With custom schemas
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('https://xyzcompany.supabase.co', 'your-publishable-key', {
// Provide a custom schema. Defaults to "public".
db: { schema: 'other_schema' }
})
```
#### Custom fetch implementation
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('https://xyzcompany.supabase.co', 'your-publishable-key', {
global: { fetch: fetch.bind(globalThis) }
})
```
#### React Native options with AsyncStorage
```js
import 'react-native-url-polyfill/auto'
import { createClient } from '@supabase/supabase-js'
import AsyncStorage from "@react-native-async-storage/async-storage";
const supabase = createClient("https://xyzcompany.supabase.co", "your-publishable-key", {
auth: {
storage: AsyncStorage,
autoRefreshToken: true,
persistSession: true,
detectSessionInUrl: false,
},
});
```
#### React Native options with Expo SecureStore
```ts
import 'react-native-url-polyfill/auto'
import { createClient } from '@supabase/supabase-js'
import AsyncStorage from '@react-native-async-storage/async-storage';
import * as SecureStore from 'expo-secure-store';
import * as aesjs from 'aes-js';
import 'react-native-get-random-values';
// As Expo's SecureStore does not support values larger than 2048
// bytes, an AES-256 key is generated and stored in SecureStore, while
// it is used to encrypt/decrypt values stored in AsyncStorage.
class LargeSecureStore {
private async _encrypt(key: string, value: string) {
const encryptionKey = crypto.getRandomValues(new Uint8Array(256 / 8));
const cipher = new aesjs.ModeOfOperation.ctr(encryptionKey, new aesjs.Counter(1));
const encryptedBytes = cipher.encrypt(aesjs.utils.utf8.toBytes(value));
await SecureStore.setItemAsync(key, aesjs.utils.hex.fromBytes(encryptionKey));
return aesjs.utils.hex.fromBytes(encryptedBytes);
}
private async _decrypt(key: string, value: string) {
const encryptionKeyHex = await SecureStore.getItemAsync(key);
if (!encryptionKeyHex) {
return encryptionKeyHex;
}
const cipher = new aesjs.ModeOfOperation.ctr(aesjs.utils.hex.toBytes(encryptionKeyHex), new aesjs.Counter(1));
const decryptedBytes = cipher.decrypt(aesjs.utils.hex.toBytes(value));
return aesjs.utils.utf8.fromBytes(decryptedBytes);
}
async getItem(key: string) {
const encrypted = await AsyncStorage.getItem(key);
if (!encrypted) { return encrypted; }
return await this._decrypt(key, encrypted);
}
async removeItem(key: string) {
await AsyncStorage.removeItem(key);
await SecureStore.deleteItemAsync(key);
}
async setItem(key: string, value: string) {
const encrypted = await this._encrypt(key, value);
await AsyncStorage.setItem(key, encrypted);
}
}
const supabase = createClient("https://xyzcompany.supabase.co", "your-publishable-key", {
auth: {
storage: new LargeSecureStore(),
autoRefreshToken: true,
persistSession: true,
detectSessionInUrl: false,
},
});
```
#### With a database query
```ts
import { createClient } from '@supabase/supabase-js'
const supabase = createClient('https://xyzcompany.supabase.co', 'your-publishable-key')
const { data } = await supabase.from('profiles').select('*')
```
#### With OpenTelemetry tracing
```ts
import { createClient } from '@supabase/supabase-js'
import { trace } from '@opentelemetry/api'
const supabase = createClient('https://xyzcompany.supabase.co', 'your-publishable-key', {
tracePropagation: true,
})
const tracer = trace.getTracer('my-app')
await tracer.startActiveSpan('fetch-users', async (span) => {
// Outgoing request carries the active trace context.
const { data, error } = await supabase.from('users').select('*')
span.end()
})
```
## TypeScript support
`supabase-js` has TypeScript support for type inference, autocompletion, type-safe queries, and more.
With TypeScript, `supabase-js` detects things like `not null` constraints and [generated columns](https://www.postgresql.org/docs/current/ddl-generated-columns.html). Nullable columns are typed as `T | null` when you select the column. Generated columns will show a type error when you insert to it.
`supabase-js` also detects relationships between tables. A referenced table with one-to-many relationship is typed as `T[]`. Likewise, a referenced table with many-to-one relationship is typed as `T | null`.
## Generating TypeScript Types
You can use the Supabase CLI to [generate the types](https://supabase.com/docs/reference/cli/supabase-gen-types). You can also generate the types [from the dashboard](https://supabase.com/dashboard/project/_/api?page=tables-intro).
```bash Terminal
supabase gen types typescript --project-id abcdefghijklmnopqrst > database.types.ts
```
These types are generated from your database schema. Given a table `public.movies`, the generated types will look like:
```sql
create table public.movies (
id bigint generated always as identity primary key,
name text not null,
data jsonb null
);
```
```ts ./database.types.ts
export type Json = string | number | boolean | null | { [key: string]: Json | undefined } | Json[]
export interface Database {
public: {
Tables: {
movies: {
Row: { // the data expected from .select()
id: number
name: string
data: Json | null
}
Insert: { // the data to be passed to .insert()
id?: never // generated columns must not be supplied
name: string // `not null` columns with no default must be supplied
data?: Json | null // nullable columns can be omitted
}
Update: { // the data to be passed to .update()
id?: never
name?: string // `not null` columns are optional on .update()
data?: Json | null
}
}
}
}
}
```
## Using TypeScript type definitions
You can supply the type definitions to `supabase-js` like so:
```ts ./index.tsx
import { createClient } from '@supabase/supabase-js'
import { Database } from './database.types'
const supabase = createClient(
process.env.SUPABASE_URL,
process.env.SUPABASE_PUBLISHABLE_KEY
)
```
## Helper types for Tables and Joins
You can use the following helper types to make the generated TypeScript types easier to use.
Sometimes the generated types are not what you expect. For example, a view's column may show up as nullable when you expect it to be `not null`. Using [type-fest](https://github.com/sindresorhus/type-fest), you can override the types like so:
```ts ./database-generated.types.ts
export type Json = // ...
export interface Database {
// ...
}
```
```ts ./database.types.ts
import { MergeDeep } from 'type-fest'
import { Database as DatabaseGenerated } from './database-generated.types'
export { Json } from './database-generated.types'
// Override the type for a specific column in a view:
export type Database = MergeDeep<
DatabaseGenerated,
{
public: {
Views: {
movies_view: {
Row: {
// id is a primary key in public.movies, so it must be `not null`
id: number
}
}
}
}
}
>
```
You can also override the type of an individual successful response if needed:
```ts
// Partial type override allows you to only override some of the properties in your results
const { data } = await supabase.from('countries').select().overrideTypes>()
// For a full replacement of the original return type use the `{ merge: false }` property as second argument
const { data } = await supabase
.from('countries')
.select()
.overrideTypes, { merge: false }>()
// Use it with `maybeSingle` or `single`
const { data } = await supabase.from('countries').select().single().overrideTypes<{ id: string }>()
```
The generated types provide shorthands for accessing tables and enums.
```ts ./index.ts
import { Database, Tables, Enums } from "./database.types.ts";
// Before đ
let movie: Database['public']['Tables']['movies']['Row'] = // ...
// After đ
let movie: Tables<'movies'>
```
### Response types for complex queries
`supabase-js` always returns a `data` object (for success), and an `error` object (for unsuccessful requests).
These helper types provide the result types from any query, including nested types for database joins.
Given the following schema with a relation between cities and countries, we can get the nested `CountriesWithCities` type:
```sql
create table countries (
"id" serial primary key,
"name" text
);
create table cities (
"id" serial primary key,
"name" text,
"country_id" int references "countries"
);
```
```ts
import { QueryResult, QueryData, QueryError } from '@supabase/supabase-js'
const countriesWithCitiesQuery = supabase
.from("countries")
.select(`
id,
name,
cities (
id,
name
)
`);
type CountriesWithCities = QueryData;
const { data, error } = await countriesWithCitiesQuery;
if (error) throw error;
const countriesWithCities: CountriesWithCities = data;
```
## Database
## delete
Perform a DELETE on the table or view.
By default, deleted rows are not returned. To return it, chain the call
with `.select()` after filters.
### Examples
#### Delete a single record
```ts
const response = await supabase
.from('countries')
.delete()
.eq('id', 1)
```
#### Handling errors
```js
const { error } = await supabase.from('countries').delete().eq('id', 1)
if (error) console.error(error)
```
#### Delete a record and return it
```ts
const { data, error } = await supabase
.from('countries')
.delete()
.eq('id', 1)
.select()
```
#### Delete multiple records
```ts
const response = await supabase
.from('countries')
.delete()
.in('id', [1, 2, 3])
```
## from
Perform a query on a table or a view.
## insert
Perform an INSERT into the table or view.
By default, inserted rows are not returned. To return it, chain the call
with `.select()`.
### Examples
#### Create a record
```ts
const { error } = await supabase
.from('countries')
.insert({ id: 1, name: 'Mordor' })
```
#### Handling errors
```js
const { error } = await supabase.from('countries').insert({ id: 1, name: 'Mordor' })
if (error) console.error(error)
```
#### Create a record and return it
```ts
const { data, error } = await supabase
.from('countries')
.insert({ id: 1, name: 'Mordor' })
.select()
```
#### Bulk create
```ts
const { error } = await supabase
.from('countries')
.insert([
{ id: 1, name: 'Mordor' },
{ id: 1, name: 'The Shire' },
])
```
## rpc
Perform a function call.
### Examples
#### Example 1
```ts
// For cross-schema functions where type inference fails, use overrideTypes:
const { data } = await supabase
.schema('schema_b')
.rpc('function_a', {})
.overrideTypes<{ id: string; user_id: string }[]>()
```
#### Call a Postgres function without arguments
```ts
const { data, error } = await supabase.rpc('hello_world')
```
#### Call a Postgres function with arguments
```ts
const { data, error } = await supabase.rpc('echo', { say: 'đ' })
```
#### Bulk processing
```ts
const { data, error } = await supabase.rpc('add_one_each', { arr: [1, 2, 3] })
```
#### Call a Postgres function with filters
```ts
const { data, error } = await supabase
.rpc('list_stored_countries')
.eq('id', 1)
.single()
```
#### Call a read-only Postgres function
```ts
const { data, error } = await supabase.rpc('hello_world', undefined, { get: true })
```
## schema
Select a schema to query or perform an function (rpc) call.
The schema needs to be on the list of exposed schemas inside Supabase.
## select
Perform a SELECT query on the table or view.
### Examples
#### Getting your data
```js
const { data, error } = await supabase
.from('characters')
.select()
```
#### Handling errors
```js
const { data, error } = await supabase.from('characters').select()
if (error) {
// Logs the full error: message, code, details, and hint.
console.error(error)
return
}
```
#### Selecting specific columns
```js
const { data, error } = await supabase
.from('characters')
.select('name')
```
#### Query referenced tables
```js
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments (
name
)
`)
```
#### Query referenced tables with spaces in their names
```js
const { data, error } = await supabase
.from('orchestral sections')
.select(`
name,
"musical instruments" (
name
)
`)
```
#### Query referenced tables through a join table
```ts
const { data, error } = await supabase
.from('users')
.select(`
name,
teams (
name
)
`)
```
#### Query the same referenced table multiple times
```ts
const { data, error } = await supabase
.from('messages')
.select(`
content,
from:sender_id(name),
to:receiver_id(name)
`)
// To infer types, use the name of the table (in this case `users`) and
// the name of the foreign key constraint.
const { data, error } = await supabase
.from('messages')
.select(`
content,
from:users!messages_sender_id_fkey(name),
to:users!messages_receiver_id_fkey(name)
`)
```
#### Filtering through referenced tables
```ts
const { data, error } = await supabase
.from('instruments')
.select('name, orchestral_sections(*)')
.eq('orchestral_sections.name', 'percussion')
```
#### Querying referenced table with count
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`*, instruments(count)`)
```
#### Querying with count option
```ts
const { count, error } = await supabase
.from('characters')
.select('*', { count: 'exact', head: true })
```
#### Querying JSON data
```ts
const { data, error } = await supabase
.from('users')
.select(`
id, name,
address->city
`)
```
#### Querying referenced table with inner join
```ts
const { data, error } = await supabase
.from('instruments')
.select('name, orchestral_sections!inner(name)')
.eq('orchestral_sections.name', 'woodwinds')
.limit(1)
```
#### Switching schemas per query
```ts
const { data, error } = await supabase
.schema('myschema')
.from('mytable')
.select()
```
## update
Perform an UPDATE on the table or view.
By default, updated rows are not returned. To return it, chain the call
with `.select()` after filters.
### Examples
#### Updating your data
```ts
const { error } = await supabase
.from('instruments')
.update({ name: 'piano' })
.eq('id', 1)
```
#### Handling errors
```js
const { error } = await supabase.from('instruments').update({ name: 'piano' }).eq('id', 1)
if (error) console.error(error)
```
#### Update a record and return it
```ts
const { data, error } = await supabase
.from('instruments')
.update({ name: 'piano' })
.eq('id', 1)
.select()
```
#### Updating JSON data
```ts
const { data, error } = await supabase
.from('users')
.update({
address: {
street: 'Melrose Place',
postcode: 90210
}
})
.eq('address->postcode', 90210)
.select()
```
## upsert
Perform an UPSERT on the table or view. Depending on the column(s) passed
to `onConflict`, `.upsert()` allows you to perform the equivalent of
`.insert()` if a row with the corresponding `onConflict` columns doesn't
exist, or if it does exist, perform an alternative action depending on
`ignoreDuplicates`.
By default, upserted rows are not returned. To return it, chain the call
with `.select()`.
### Examples
#### Upsert a single row using a unique key
```ts
// Upserting a single row, overwriting based on the 'username' unique column
const { data, error } = await supabase
.from('users')
.upsert({ username: 'supabot' }, { onConflict: 'username' })
// Example response:
// {
// data: [
// { id: 4, message: 'bar', username: 'supabot' }
// ],
// error: null
// }
```
#### Upsert with conflict resolution and exact row counting
```ts
// Upserting and returning exact count
const { data, error, count } = await supabase
.from('users')
.upsert(
{
id: 3,
message: 'foo',
username: 'supabot'
},
{
onConflict: 'username',
count: 'exact'
}
)
// Example response:
// {
// data: [
// {
// id: 42,
// handle: "saoirse",
// display_name: "Saoirse"
// }
// ],
// count: 1,
// error: null
// }
```
#### Upsert your data
```ts
const { data, error } = await supabase
.from('instruments')
.upsert({ id: 1, name: 'piano' })
.select()
```
#### Handling errors
```js
const { data, error } = await supabase.from('instruments').upsert({ id: 1, name: 'piano' }).select()
if (error) console.error(error)
```
#### Bulk Upsert your data
```ts
const { data, error } = await supabase
.from('instruments')
.upsert([
{ id: 1, name: 'piano' },
{ id: 2, name: 'harp' },
])
.select()
```
#### Upserting into tables with constraints
```ts
const { data, error } = await supabase
.from('users')
.upsert({ id: 42, handle: 'saoirse', display_name: 'Saoirse' })
.select()
```
## Using Filters
Filters allow you to only return rows that match certain conditions.
Filters can be used on `select()`, `update()`, `upsert()`, and `delete()` queries.
If a Postgres function returns a table response, you can also apply filters.
### Examples
#### Applying Filters
```ts
const { data, error } = await supabase
.from('instruments')
.select('name, section_id')
.eq('name', 'violin') // Correct
const { data, error } = await supabase
.from('instruments')
.eq('name', 'violin') // Incorrect
.select('name, section_id')
```
#### Chaining
```ts
const { data, error } = await supabase
.from('cities')
.select('name, country_id')
.gte('population', 1000)
.lt('population', 10000)
```
#### Conditional Chaining
```ts
const filterByName = null
const filterPopLow = 1000
const filterPopHigh = 10000
let query = supabase
.from('cities')
.select('name, country_id')
if (filterByName) { query = query.eq('name', filterByName) }
if (filterPopLow) { query = query.gte('population', filterPopLow) }
if (filterPopHigh) { query = query.lt('population', filterPopHigh) }
const { data, error } = await query
```
#### Filter by values within a JSON column
```ts
const { data, error } = await supabase
.from('users')
.select()
.eq('address->postcode', 90210)
```
#### Filter referenced tables
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments!inner (
name
)
`)
.eq('instruments.name', 'flute')
```
## Using Filters
Filters allow you to only return rows that match certain conditions.
Filters can be used on `select()`, `update()`, `upsert()`, and `delete()` queries.
If a Postgres function returns a table response, you can also apply filters.
### Examples
#### Applying Filters
```ts
const { data, error } = await supabase
.from('instruments')
.select('name, section_id')
.eq('name', 'violin') // Correct
const { data, error } = await supabase
.from('instruments')
.eq('name', 'violin') // Incorrect
.select('name, section_id')
```
#### Chaining
```ts
const { data, error } = await supabase
.from('cities')
.select('name, country_id')
.gte('population', 1000)
.lt('population', 10000)
```
#### Conditional Chaining
```ts
const filterByName = null
const filterPopLow = 1000
const filterPopHigh = 10000
let query = supabase
.from('cities')
.select('name, country_id')
if (filterByName) { query = query.eq('name', filterByName) }
if (filterPopLow) { query = query.gte('population', filterPopLow) }
if (filterPopHigh) { query = query.lt('population', filterPopHigh) }
const { data, error } = await query
```
#### Filter by values within a JSON column
```ts
const { data, error } = await supabase
.from('users')
.select()
.eq('address->postcode', 90210)
```
#### Filter referenced tables
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments!inner (
name
)
`)
.eq('instruments.name', 'flute')
```
## containedBy
Only relevant for jsonb, array, and range columns. Match only rows where
every element appearing in `column` is contained by `value`.
### Examples
#### On array columns
```ts
const { data, error } = await supabase
.from('classes')
.select('name')
.containedBy('days', ['monday', 'tuesday', 'wednesday', 'friday'])
```
#### On range columns
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.containedBy('during', '[2000-01-01 00:00, 2000-01-01 23:59)')
```
#### On `jsonb` columns
```ts
const { data, error } = await supabase
.from('users')
.select('name')
.containedBy('address', {})
```
## contains
Only relevant for jsonb, array, and range columns. Match only rows where
`column` contains every element appearing in `value`.
### Examples
#### On array columns
```ts
const { data, error } = await supabase
.from('issues')
.select()
.contains('tags', ['is:open', 'priority:low'])
```
#### On range columns
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.contains('during', '[2000-01-01 13:00, 2000-01-01 13:30)')
```
#### On `jsonb` columns
```ts
const { data, error } = await supabase
.from('users')
.select('name')
.contains('address', { postcode: 90210 })
```
## eq
Match only rows where `column` is equal to `value`.
To check if the value of `column` is NULL, you should use `.is()` instead.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.eq('name', 'Leia')
```
## filter
Match only rows which satisfy the filter. This is an escape hatch - you
should use the specific filter methods wherever possible.
Unlike most filters, `opearator` and `value` are used as-is and need to
follow [PostgREST
syntax](https://postgrest.org/en/stable/api.html#operators). You also need
to make sure they are properly sanitized.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.filter('name', 'in', '("Han","Yoda")')
```
#### On a referenced table
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments!inner (
name
)
`)
.filter('instruments.name', 'eq', 'flute')
```
## gt
Match only rows where `column` is greater than `value`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.gt('id', 2)
```
## gte
Match only rows where `column` is greater than or equal to `value`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.gte('id', 2)
```
## ilike
Match only rows where `column` matches `pattern` case-insensitively.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.ilike('name', '%lu%')
```
## ilikeAllOf
Match only rows where `column` matches all of `patterns` case-insensitively.
## ilikeAnyOf
Match only rows where `column` matches any of `patterns` case-insensitively.
## in
Match only rows where `column` is included in the `values` array.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.in('name', ['Leia', 'Han'])
```
## is
Match only rows where `column` IS `value`.
For non-boolean columns, this is only relevant for checking if the value of
`column` is NULL by setting `value` to `null`.
For boolean columns, you can also set `value` to `true` or `false` and it
will behave the same way as `.eq()`.
### Examples
#### Checking for nullness, true or false
```ts
const { data, error } = await supabase
.from('countries')
.select()
.is('name', null)
```
## like
Match only rows where `column` matches `pattern` case-sensitively.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.like('name', '%Lu%')
```
## likeAllOf
Match only rows where `column` matches all of `patterns` case-sensitively.
## likeAnyOf
Match only rows where `column` matches any of `patterns` case-sensitively.
## lt
Match only rows where `column` is less than `value`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.lt('id', 2)
```
## lte
Match only rows where `column` is less than or equal to `value`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.lte('id', 2)
```
## match
Match only rows where each column in `query` keys is equal to its
associated value. Shorthand for multiple `.eq()`s.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.match({ id: 2, name: 'Leia' })
```
## neq
Match only rows where `column` is not equal to `value`.
This filter does not include rows where `column` is `NULL`. To match null
values, use `.is(column, null)` instead.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.neq('name', 'Leia')
```
## not
Match only rows which doesn't satisfy the filter.
Unlike most filters, `opearator` and `value` are used as-is and need to
follow [PostgREST
syntax](https://postgrest.org/en/stable/api.html#operators). You also need
to make sure they are properly sanitized.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('countries')
.select()
.not('name', 'is', null)
```
## or
Match only rows which satisfy at least one of the filters.
Unlike most filters, `filters` is used as-is and needs to follow [PostgREST
syntax](https://postgrest.org/en/stable/api.html#operators). You also need
to make sure it's properly sanitized.
It's currently not possible to do an `.or()` filter across multiple tables.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.or('id.eq.2,name.eq.Han')
```
#### Use `or` with `and`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.or('id.gt.3,and(id.eq.1,name.eq.Luke)')
```
#### Use `or` on referenced tables
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments!inner (
name
)
`)
.or('section_id.eq.1,name.eq.guzheng', { referencedTable: 'instruments' })
```
## overlaps
Only relevant for array and range columns. Match only rows where
`column` and `value` have an element in common.
### Examples
#### On array columns
```ts
const { data, error } = await supabase
.from('issues')
.select('title')
.overlaps('tags', ['is:closed', 'severity:high'])
```
#### On range columns
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.overlaps('during', '[2000-01-01 12:45, 2000-01-01 13:15)')
```
## rangeAdjacent
Only relevant for range columns. Match only rows where `column` is
mutually exclusive to `range` and there can be no element between the two
ranges.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.rangeAdjacent('during', '[2000-01-01 12:00, 2000-01-01 13:00)')
```
## rangeGt
Only relevant for range columns. Match only rows where every element in
`column` is greater than any element in `range`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.rangeGt('during', '[2000-01-02 08:00, 2000-01-02 09:00)')
```
## rangeGte
Only relevant for range columns. Match only rows where every element in
`column` is either contained in `range` or greater than any element in
`range`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.rangeGte('during', '[2000-01-02 08:30, 2000-01-02 09:30)')
```
## rangeLt
Only relevant for range columns. Match only rows where every element in
`column` is less than any element in `range`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.rangeLt('during', '[2000-01-01 15:00, 2000-01-01 16:00)')
```
## rangeLte
Only relevant for range columns. Match only rows where every element in
`column` is either contained in `range` or less than any element in
`range`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('reservations')
.select()
.rangeLte('during', '[2000-01-01 14:00, 2000-01-01 16:00)')
```
## textSearch
Only relevant for text and tsvector columns. Match only rows where
`column` matches the query string in `query`.
### Examples
#### Text search
```ts
const result = await supabase
.from("texts")
.select("content")
.textSearch("content", `'eggs' & 'ham'`, {
config: "english",
});
```
#### Basic normalization
```ts
const { data, error } = await supabase
.from('quotes')
.select('catchphrase')
.textSearch('catchphrase', `'fat' & 'cat'`, {
type: 'plain',
config: 'english'
})
```
#### Full normalization
```ts
const { data, error } = await supabase
.from('quotes')
.select('catchphrase')
.textSearch('catchphrase', `'fat' & 'cat'`, {
type: 'phrase',
config: 'english'
})
```
#### Websearch
```ts
const { data, error } = await supabase
.from('quotes')
.select('catchphrase')
.textSearch('catchphrase', `'fat or cat'`, {
type: 'websearch',
config: 'english'
})
```
## Using modifiers
Filters work on the row levelâthey allow you to return rows that only match certain conditions without changing the shape of the rows. Modifiers are everything that don't fit that definitionâallowing you to change the format of the response (e.g., returning a CSV string).
Modifiers must be specified after filters. Some modifiers only apply for queries that return rows (e.g., `select()` or `rpc()` on a function that returns a table response).
## Using modifiers
Filters work on the row levelâthey allow you to return rows that only match certain conditions without changing the shape of the rows. Modifiers are everything that don't fit that definitionâallowing you to change the format of the response (e.g., returning a CSV string).
Modifiers must be specified after filters. Some modifiers only apply for queries that return rows (e.g., `select()` or `rpc()` on a function that returns a table response).
## abortSignal
Set the AbortSignal for the fetch request.
### Examples
#### Aborting requests in-flight
```ts
const ac = new AbortController()
const { data, error } = await supabase
.from('very_big_table')
.select()
.abortSignal(ac.signal)
// Abort the request after 100 ms
setTimeout(() => ac.abort(), 100)
```
#### Set a timeout
```ts
const { data, error } = await supabase
.from('very_big_table')
.select()
.abortSignal(AbortSignal.timeout(1000 /* ms */))
```
## csv
Return `data` as a string in CSV format.
### Examples
#### Return data as CSV
```ts
const { data, error } = await supabase
.from('characters')
.select()
.csv()
```
## explain
Return `data` as the EXPLAIN plan for the query.
You need to enable the
[db_plan_enabled](https://supabase.com/docs/guides/database/debugging-performance#enabling-explain)
setting before using this method.
### Examples
#### Get the execution plan
```ts
const { data, error } = await supabase
.from('characters')
.select()
.explain()
```
#### Get the execution plan with analyze and verbose
```ts
const { data, error } = await supabase
.from('characters')
.select()
.explain({analyze:true,verbose:true})
```
## geojson
Return `data` as an object in [GeoJSON](https://geojson.org) format.
## limit
Limit the query result by `rows`.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.limit(1)
```
#### On a referenced table
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments (
name
)
`)
.limit(1, { referencedTable: 'instruments' })
```
## maxAffected
Set the maximum number of rows that can be affected by the query.
Only available in PostgREST v13+ and only works with PATCH and DELETE methods.
## maybeSingle
Return `data` as a single object instead of an array of objects.
Query result must be zero or one row (e.g. using `.limit(1)`), otherwise
this returns an error.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.eq('name', 'Katniss')
.maybeSingle()
```
## order
Order the query result by `column`.
You can call this method multiple times to order by multiple columns.
You can order referenced tables, but it only affects the ordering of the
parent table if you use `!inner` in the query.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('id, name')
.order('id', { ascending: false })
```
#### On a referenced table
```ts
const { data, error } = await supabase
.from('orchestral_sections')
.select(`
name,
instruments (
name
)
`)
.order('name', { referencedTable: 'instruments', ascending: false })
```
#### Order parent table by a referenced table
```ts
const { data, error } = await supabase
.from('instruments')
.select(`
name,
section:orchestral_sections (
name
)
`)
.order('section(name)', { ascending: true })
```
## overrideTypes
Override the type of the returned `data` field in the response.
### Examples
#### Example 1
```typescript
// Merge with existing types (default behavior)
const query = supabase
.from('users')
.select()
.overrideTypes<{ custom_field: string }>()
// Replace existing types completely
const replaceQuery = supabase
.from('users')
.select()
.overrideTypes<{ id: number; name: string }, { merge: false }>()
```
#### Complete Override type of successful response
```ts
const { data } = await supabase
.from('countries')
.select()
.overrideTypes, { merge: false }>()
```
#### Complete Override type of object response
```ts
const { data } = await supabase
.from('countries')
.select()
.maybeSingle()
.overrideTypes()
```
#### Partial Override type of successful response
```ts
const { data } = await supabase
.from('countries')
.select()
.overrideTypes>()
```
#### Partial Override type of object response
```ts
const { data } = await supabase
.from('countries')
.select()
.maybeSingle()
.overrideTypes<{ status: "A" | "B" }>()
```
#### Merge vs replace existing types
```typescript
// Merge with existing types (default behavior)
const query = supabase
.from('users')
.select()
.overrideTypes<{ custom_field: string }>()
// Replace existing types completely
const replaceQuery = supabase
.from('users')
.select()
.overrideTypes<{ id: number; name: string }, { merge: false }>()
```
## range
Limit the query result by starting at an offset `from` and ending at the offset `to`.
Only records within this range are returned.
This respects the query order and if there is no order clause the range could behave unexpectedly.
The `from` and `to` values are 0-based and inclusive: `range(1, 3)` will include the second, third
and fourth rows of the query.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.range(0, 1)
```
## retry
### Examples
#### Example 1
```ts
// Disable retries for a specific query
const { data, error } = await supabase
.from('users')
.select()
.retry(false)
```
## returns
Override the type of the returned `data`.
## rollback
Dry-run this request: execute the query but discard the changes.
Server-side, PostgREST runs the query inside a transaction and rolls it back
instead of committing. The response still contains the data that *would* have
been returned â `RETURNING` clauses execute and RLS, triggers, and constraints
are all evaluated â but no row is actually inserted, updated, or deleted.
This affects only the single request it is chained to. The JS caller has no
handle on the transaction: supabase-js does not group multiple queries into
one transaction. For multi-statement transactional logic, use a database
function (`supabase.rpc(...)`).
Sets the `Prefer: tx=rollback` header. See PostgREST's docs on transaction
preferences for the underlying mechanism.
### Examples
#### Validate an insert without persisting
```ts
const { data, error } = await supabase
.from('countries')
.insert({ name: 'France' })
.select()
.rollback()
// `data` shows what would have been inserted; nothing is saved.
```
## select
Perform a SELECT on the query result.
By default, `.insert()`, `.update()`, `.upsert()`, and `.delete()` do not
return modified rows. By calling this method, modified rows are returned in
`data`.
### Examples
#### With `upsert()`
```ts
const { data, error } = await supabase
.from('characters')
.upsert({ id: 1, name: 'Han Solo' })
.select()
```
## setHeader
Set an HTTP header on this single PostgREST request, overriding any header
with the same name set on the client.
This is an advanced escape hatch for one-off needs (passing a custom
`Authorization` for a single query, attaching a tracing header, etc.).
Most callers do not need it: configure client-wide headers via the
`headers` option when constructing the client, and authentication via
Supabase Auth.
## single
Return `data` as a single object instead of an array of objects.
Query result must be one row (e.g. using `.limit(1)`), otherwise this
returns an error.
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select('name')
.limit(1)
.single()
```
## stripNulls
Strip null values from the response data. Properties with `null` values
will be omitted from the returned JSON objects.
Requires PostgREST 11.2.0+.
https://docs.postgrest.org/en/stable/references/api/resource_representation.html#stripped-nulls
### Examples
#### With `select()`
```ts
const { data, error } = await supabase
.from('characters')
.select()
.stripNulls()
```
## throwOnError
If there's an error with the query, throwOnError will reject the promise by
throwing the error instead of returning it as part of a successful response.
https://github.com/supabase/supabase-js/issues/92
## Auth
## Overview
- The auth methods can be accessed via the `supabase.auth` namespace.
- By default, the supabase client sets `persistSession` to true and attempts to store the session in local storage. When using the supabase client in an environment that doesn't support local storage, you might notice the following warning message being logged:
> No storage option exists to persist the session, which may result in unexpected behavior when using auth. If you want to set `persistSession` to true, please provide a storage option or you may set `persistSession` to false to disable this warning.
This warning message can be safely ignored if you're not using auth on the server-side. If you are using auth and you want to set `persistSession` to true, you will need to provide a custom storage implementation that follows [this interface](https://github.com/supabase/supabase-js/blob/master/packages/core/auth-js/src/lib/types.ts#L1053).
- Any email links and one-time passwords (OTPs) sent have a default expiry of 24 hours. We have the following [rate limits](https://supabase.com/docs/guides/platform/going-into-prod#auth-rate-limits) in place to guard against brute force attacks.
- The expiry of an access token can be set in the "JWT expiry limit" field in [your project's auth settings](https://supabase.com/dashboard/project/_/auth/providers). A refresh token never expires and can only be used once.
### Examples
#### Create auth client
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(supabase_url, publishable_key)
```
#### Create auth client (server-side)
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(supabase_url, publishable_key, {
auth: {
autoRefreshToken: false,
persistSession: false,
detectSessionInUrl: false
}
})
```
## dispose
Tears down the client's background work: stops the auto-refresh interval,
removes the `visibilitychange` listener, closes the cross-tab
`BroadcastChannel`, and clears registered `onAuthStateChange` subscribers.
Call this from cleanup hooks when the client is being replaced before
its JS realm is destroyed. React Strict Mode and HMR are the common
cases. Any in-flight `fetch` calls continue to completion and may still
write to storage; dispose doesn't abort them or erase storage.
Lifecycle caveat: because in-flight refreshes are not aborted, a
disposed instance can still persist a rotated session to storage after
`dispose()` returns. A subsequent `createClient` against the same
`storageKey` will pick up that session on its next read. If you need
strict isolation between client lifecycles, await any pending auth
operation before calling `dispose()` (or change the `storageKey` for
the replacement client).
Safe to call repeatedly.
### Examples
#### Cleanup on React unmount
```ts
useEffect(() => {
const client = createClient(...)
return () => { client.auth.dispose() }
}, [])
```
## exchangeCodeForSession
Log in an existing user by exchanging an Auth Code issued during the PKCE flow.
### Examples
#### Exchange Auth Code
```js
supabase.auth.exchangeCodeForSession('34e770dd-9ff9-416c-87fa-43b31d7ef225')
```
## getClaims
Extracts the JWT claims present in the access token by first verifying the
JWT against the server's JSON Web Key Set endpoint
`/.well-known/jwks.json` which is often cached, resulting in significantly
faster responses. Prefer this method over #getUser which always
sends a request to the Auth server for each JWT.
If the project is not using an asymmetric JWT signing key (like ECC or
RSA) it always sends a request to the Auth server (similar to #getUser) to verify the JWT.
### Examples
#### Get JWT claims, header and signature
```js
const { data, error } = await supabase.auth.getClaims()
```
## getSession
Returns the session, refreshing it if necessary.
The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.
**IMPORTANT:** This method loads values directly from the storage attached
to the client. If that storage is based on request cookies for example,
the values in it may not be authentic and therefore it's strongly advised
against using this method and its results in such circumstances. A warning
will be emitted if this is detected. Use #getUser() instead.
### Examples
#### Get the session data
```js
const { data, error } = await supabase.auth.getSession()
```
## getUser
Gets the current user details if there is an existing session. This method
performs a network request to the Supabase Auth server, so the returned
value is authentic and can be used to base authorization rules on.
### Examples
#### Get the logged in user with the current existing session
```js
const { data: { user } } = await supabase.auth.getUser()
```
#### Get the logged in user with a custom access token jwt
```js
const { data: { user } } = await supabase.auth.getUser(jwt)
```
## getUserIdentities
Gets all the identities linked to a user.
### Examples
#### Returns a list of identities linked to the user
```js
const { data, error } = await supabase.auth.getUserIdentities()
```
## initialize
Initialize the auth client by loading the session from storage or
detecting it from the URL after an OAuth, magic-link, or password-recovery
redirect.
**Most callers do not need to invoke this directly.** The client calls it
automatically during construction, and to react to sign-in events (including
post-redirect events) you should subscribe to `onAuthStateChange` rather
than awaiting `initialize()`.
You only need to call it manually when you have opted out of the automatic
call by passing `skipAutoInitialize: true` â for example, in an SSR context
where you need to control initialization timing. In that case, awaiting
`initialize()` returns the resolved session result (or any error encountered
while detecting it from the URL).
## linkIdentity
Links an oauth identity to an existing user.
This method supports the PKCE flow.
### Examples
#### Link an identity to a user
```js
const { data, error } = await supabase.auth.linkIdentity({
provider: 'github'
})
```
## onAuthStateChange
Receive a notification every time an auth event happens.
Safe to use without an async function as callback.
### Examples
#### Listen to auth changes
```js
const { data } = supabase.auth.onAuthStateChange((event, session) => {
console.log(event, session)
if (event === 'INITIAL_SESSION') {
// handle initial session
} else if (event === 'SIGNED_IN') {
// handle sign in event
} else if (event === 'SIGNED_OUT') {
// handle sign out event
} else if (event === 'PASSWORD_RECOVERY') {
// handle password recovery event
} else if (event === 'TOKEN_REFRESHED') {
// handle token refreshed event
} else if (event === 'USER_UPDATED') {
// handle user updated event
}
})
// call unsubscribe to remove the callback
data.subscription.unsubscribe()
```
#### Listen to sign out
```js
supabase.auth.onAuthStateChange((event, session) => {
if (event === 'SIGNED_OUT') {
console.log('SIGNED_OUT', session)
// clear local and session storage
[
window.localStorage,
window.sessionStorage,
].forEach((storage) => {
Object.entries(storage)
.forEach(([key]) => {
storage.removeItem(key)
})
})
}
})
```
#### Store OAuth provider tokens on sign in
```js
// Register this immediately after calling createClient!
// Because signInWithOAuth causes a redirect, you need to fetch the
// provider tokens from the callback.
supabase.auth.onAuthStateChange((event, session) => {
if (session && session.provider_token) {
window.localStorage.setItem('oauth_provider_token', session.provider_token)
}
if (session && session.provider_refresh_token) {
window.localStorage.setItem('oauth_provider_refresh_token', session.provider_refresh_token)
}
if (event === 'SIGNED_OUT') {
window.localStorage.removeItem('oauth_provider_token')
window.localStorage.removeItem('oauth_provider_refresh_token')
}
})
```
#### Use React Context for the User's session
```js
const SessionContext = React.createContext(null)
function main() {
const [session, setSession] = React.useState(null)
React.useEffect(() => {
const {data: { subscription }} = supabase.auth.onAuthStateChange(
(event, session) => {
if (event === 'SIGNED_OUT') {
setSession(null)
} else if (session) {
setSession(session)
}
})
return () => {
subscription.unsubscribe()
}
}, [])
return (
)
}
```
#### Listen to password recovery events
```js
supabase.auth.onAuthStateChange((event, session) => {
if (event === 'PASSWORD_RECOVERY') {
console.log('PASSWORD_RECOVERY', session)
// show screen to update user's password
showPasswordResetScreen(true)
}
})
```
#### Listen to sign in
```js
supabase.auth.onAuthStateChange((event, session) => {
if (event === 'SIGNED_IN') console.log('SIGNED_IN', session)
})
```
#### Listen to token refresh
```js
supabase.auth.onAuthStateChange((event, session) => {
if (event === 'TOKEN_REFRESHED') console.log('TOKEN_REFRESHED', session)
})
```
#### Listen to user updates
```js
supabase.auth.onAuthStateChange((event, session) => {
if (event === 'USER_UPDATED') console.log('USER_UPDATED', session)
})
```
## reauthenticate
Sends a reauthentication OTP to the user's email or phone number.
Requires the user to be signed-in.
### Examples
#### Send reauthentication nonce
```js
const { error } = await supabase.auth.reauthenticate()
```
## refreshSession
Returns a new session, regardless of expiry status.
Takes in an optional current session. If not passed in, then refreshSession() will attempt to retrieve it from getSession().
If the current session's refresh token is invalid, an error will be thrown.
### Examples
#### Refresh session using the current session
```js
const { data, error } = await supabase.auth.refreshSession()
const { session, user } = data
```
#### Refresh session using a refresh token
```js
const { data, error } = await supabase.auth.refreshSession({ refresh_token })
const { session, user } = data
```
## registerPasskey
Register a passkey for the current authenticated user. Handles the full WebAuthn ceremony:
1. Fetches registration challenge from server
2. Prompts user via navigator.credentials.create()
3. Verifies credential with server
Requires an active session. Requires `auth.experimental.passkey: true`.
## resend
Resends an existing signup confirmation email, email change email, SMS OTP or phone change OTP.
### Examples
#### Resend an email signup confirmation
```js
const { error } = await supabase.auth.resend({
type: 'signup',
email: 'email@example.com',
options: {
emailRedirectTo: 'https://example.com/welcome'
}
})
```
#### Resend a phone signup confirmation
```js
const { error } = await supabase.auth.resend({
type: 'sms',
phone: '1234567890'
})
```
#### Resend email change email
```js
const { error } = await supabase.auth.resend({
type: 'email_change',
email: 'email@example.com'
})
```
#### Resend phone change OTP
```js
const { error } = await supabase.auth.resend({
type: 'phone_change',
phone: '1234567890'
})
```
## resetPasswordForEmail
Sends a password reset request to an email address. This method supports the PKCE flow.
### Examples
#### Reset password
```js
const { data, error } = await supabase.auth.resetPasswordForEmail(email, {
redirectTo: 'https://example.com/update-password',
})
```
#### Reset password (React)
```js
/**
* Step 1: Send the user an email to get a password reset token.
* This email contains a link which sends the user back to your application.
*/
const { data, error } = await supabase.auth
.resetPasswordForEmail('user@email.com')
/**
* Step 2: Once the user is redirected back to your application,
* ask the user to reset their password.
*/
useEffect(() => {
supabase.auth.onAuthStateChange(async (event, session) => {
if (event == "PASSWORD_RECOVERY") {
const newPassword = prompt("What would you like your new password to be?");
const { data, error } = await supabase.auth
.updateUser({ password: newPassword })
if (data) alert("Password updated successfully!")
if (error) alert("There was an error updating your password.")
}
})
}, [])
```
## setSession
Sets the session data from the current session. If the current session is expired, setSession will take care of refreshing it to obtain a new session.
If the refresh token or access token in the current session is invalid, an error will be thrown.
### Examples
#### Set the session
```js
const { data, error } = await supabase.auth.setSession({
access_token,
refresh_token
})
```
## signInAnonymously
Creates a new anonymous user.
### Examples
#### Create an anonymous user
```js
const { data, error } = await supabase.auth.signInAnonymously({
options: {
captchaToken
}
});
```
#### Create an anonymous user with custom user metadata
```js
const { data, error } = await supabase.auth.signInAnonymously({
options: {
data
}
})
```
## signInWithIdToken
Allows signing in with an OIDC ID token. The authentication provider used
should be enabled and configured.
### Examples
#### Sign In using ID Token
```js
const { data, error } = await supabase.auth.signInWithIdToken({
provider: 'google',
token: 'your-id-token'
})
```
## signInWithOAuth
Log in an existing user via a third-party provider.
This method supports the PKCE flow.
### Examples
#### Sign in using a third-party provider
```js
const { data, error } = await supabase.auth.signInWithOAuth({
provider: 'github'
})
```
#### Sign in using a third-party provider with redirect
```js
const { data, error } = await supabase.auth.signInWithOAuth({
provider: 'github',
options: {
redirectTo: 'https://example.com/welcome'
}
})
```
#### Sign in with scopes and access provider tokens
```js
// Register this immediately after calling createClient!
// Because signInWithOAuth causes a redirect, you need to fetch the
// provider tokens from the callback.
supabase.auth.onAuthStateChange((event, session) => {
if (session && session.provider_token) {
window.localStorage.setItem('oauth_provider_token', session.provider_token)
}
if (session && session.provider_refresh_token) {
window.localStorage.setItem('oauth_provider_refresh_token', session.provider_refresh_token)
}
if (event === 'SIGNED_OUT') {
window.localStorage.removeItem('oauth_provider_token')
window.localStorage.removeItem('oauth_provider_refresh_token')
}
})
// Call this on your Sign in with GitHub button to initiate OAuth
// with GitHub with the requested elevated scopes.
await supabase.auth.signInWithOAuth({
provider: 'github',
options: {
scopes: 'repo gist notifications'
}
})
```
## signInWithOtp
Log in a user using magiclink or a one-time password (OTP).
If the `{{ .ConfirmationURL }}` variable is specified in the email template, a magiclink will be sent.
If the `{{ .Token }}` variable is specified in the email template, an OTP will be sent.
If you're using phone sign-ins, only an OTP will be sent. You won't be able to send a magiclink for phone sign-ins.
Be aware that you may get back an error message that will not distinguish
between the cases where the account does not exist or, that the account
can only be accessed via social login.
Do note that you will need to configure a Whatsapp sender on Twilio
if you are using phone sign in with the 'whatsapp' channel. The whatsapp
channel is not supported on other providers
at this time.
This method supports PKCE when an email is passed.
### Examples
#### Sign in with email
```js
const { data, error } = await supabase.auth.signInWithOtp({
email: 'example@email.com',
options: {
emailRedirectTo: 'https://example.com/welcome'
}
})
```
#### Sign in with SMS OTP
```js
const { data, error } = await supabase.auth.signInWithOtp({
phone: '+13334445555',
})
```
#### Sign in with WhatsApp OTP
```js
const { data, error } = await supabase.auth.signInWithOtp({
phone: '+13334445555',
options: {
channel:'whatsapp',
}
})
```
## signInWithPasskey
Sign in with a passkey. Handles the full WebAuthn ceremony:
1. Fetches authentication challenge from server
2. Prompts user via navigator.credentials.get()
3. Verifies credential with server and creates session
Requires `auth.experimental.passkey: true`.
## signInWithPassword
Log in an existing user with an email and password or phone and password.
Be aware that you may get back an error message that will not distinguish
between the cases where the account does not exist or that the
email/phone and password combination is wrong or that the account can only
be accessed via social login.
### Examples
#### Sign in with email and password
```js
const { data, error } = await supabase.auth.signInWithPassword({
email: 'example@email.com',
password: 'example-password',
})
```
#### Sign in with phone and password
```js
const { data, error } = await supabase.auth.signInWithPassword({
phone: '+13334445555',
password: 'some-password',
})
```
#### Handling errors
```js
const { data, error } = await supabase.auth.signInWithPassword({
email: 'example@email.com',
password: 'example-password',
})
if (error) {
console.error(error)
return
}
```
## signInWithSSO
Attempts a single-sign on using an enterprise Identity Provider. A
successful SSO attempt will redirect the current page to the identity
provider authorization page. The redirect URL is implementation and SSO
protocol specific.
You can use it by providing a SSO domain. Typically you can extract this
domain by asking users for their email address. If this domain is
registered on the Auth instance the redirect will use that organization's
currently active SSO Identity Provider for the login.
If you have built an organization-specific login page, you can use the
organization's SSO Identity Provider UUID directly instead.
### Examples
#### Sign in with email domain
```js
// You can extract the user's email domain and use it to trigger the
// authentication flow with the correct identity provider.
const { data, error } = await supabase.auth.signInWithSSO({
domain: 'company.com'
})
if (data?.url) {
// redirect the user to the identity provider's authentication flow
window.location.href = data.url
}
```
#### Sign in with provider UUID
```js
// Useful when you need to map a user's sign in request according
// to different rules that can't use email domains.
const { data, error } = await supabase.auth.signInWithSSO({
providerId: '21648a9d-8d5a-4555-a9d1-d6375dc14e92'
})
if (data?.url) {
// redirect the user to the identity provider's authentication flow
window.location.href = data.url
}
```
## signInWithWeb3
Signs in a user by verifying a message signed by the user's private key.
Supports Ethereum (via Sign-In-With-Ethereum) & Solana (Sign-In-With-Solana) standards,
both of which derive from the EIP-4361 standard
With slight variation on Solana's side.
### Examples
#### Sign in with Solana or Ethereum (Window API)
```js
// uses window.ethereum for the wallet
const { data, error } = await supabase.auth.signInWithWeb3({
chain: 'ethereum',
statement: 'I accept the Terms of Service at https://example.com/tos'
})
// uses window.solana for the wallet
const { data, error } = await supabase.auth.signInWithWeb3({
chain: 'solana',
statement: 'I accept the Terms of Service at https://example.com/tos'
})
```
#### Sign in with Ethereum (Message and Signature)
```js
const { data, error } = await supabase.auth.signInWithWeb3({
chain: 'ethereum',
message: '',
signature: '',
})
```
#### Sign in with Solana (Brave)
```js
const { data, error } = await supabase.auth.signInWithWeb3({
chain: 'solana',
statement: 'I accept the Terms of Service at https://example.com/tos',
wallet: window.braveSolana
})
```
#### Sign in with Solana (Wallet Adapter)
```jsx
function SignInButton() {
const wallet = useWallet()
return (
<>
{wallet.connected ? (
) : (
)}
)
}
function App() {
const endpoint = clusterApiUrl('devnet')
const wallets = useMemo(() => [], [])
return (
)
}
```
## signOut
Inside a browser context, `signOut()` will remove the logged in user from the browser session and log them out - removing all items from localstorage and then trigger a `"SIGNED_OUT"` event.
For server-side management, you can revoke all refresh tokens for a user by passing a user's JWT through to `auth.api.signOut(JWT: string)`.
There is no way to revoke a user's access token jwt until it expires. It is recommended to set a shorter expiry on the jwt for this reason.
If using `others` scope, no `SIGNED_OUT` event is fired!
**Warning:** the default `scope` is `'global'`. This signs the user out of
**every device they are currently signed in on**, not just the current
tab/session. If you only want to sign the user out of the current session
(the behavior most other auth libraries default to), pass
`{ scope: 'local' }` explicitly.
### Examples
#### Sign out of every device (global â default)
```js
const { error } = await supabase.auth.signOut()
```
#### Sign out only the current session (recommended for most apps)
```js
const { error } = await supabase.auth.signOut({ scope: 'local' })
```
#### Sign out of all other sessions, keep the current one
```js
const { error } = await supabase.auth.signOut({ scope: 'others' })
```
## signUp
Creates a new user.
Be aware that if a user account exists in the system you may get back an
error message that attempts to hide this information from the user.
This method has support for PKCE via email signups. The PKCE flow cannot be used when autoconfirm is enabled.
### Examples
#### Sign up with an email and password
```js
const { data, error } = await supabase.auth.signUp({
email: 'example@email.com',
password: 'example-password',
})
```
#### Sign up with a phone number and password (SMS)
```js
const { data, error } = await supabase.auth.signUp({
phone: '123456789',
password: 'example-password',
options: {
channel: 'sms'
}
})
```
#### Sign up with a phone number and password (whatsapp)
```js
const { data, error } = await supabase.auth.signUp({
phone: '123456789',
password: 'example-password',
options: {
channel: 'whatsapp'
}
})
```
#### Sign up with additional user metadata
```js
const { data, error } = await supabase.auth.signUp(
{
email: 'example@email.com',
password: 'example-password',
options: {
data: {
first_name: 'John',
age: 27,
}
}
}
)
```
#### Sign up with a redirect URL
```js
const { data, error } = await supabase.auth.signUp(
{
email: 'example@email.com',
password: 'example-password',
options: {
emailRedirectTo: 'https://example.com/welcome'
}
}
)
```
## startAutoRefresh
Starts an auto-refresh process in the background. The session is checked
every few seconds. Close to the time of expiration a process is started to
refresh the session. If refreshing fails it will be retried for as long as
necessary.
If you set the GoTrueClientOptions#autoRefreshToken you don't need
to call this function, it will be called for you.
On browsers the refresh process works only when the tab/window is in the
foreground to conserve resources as well as prevent race conditions and
flooding auth with requests. If you call this method any managed
visibility change callback will be removed and you must manage visibility
changes on your own.
On non-browser platforms the refresh process works *continuously* in the
background, which may not be desirable. You should hook into your
platform's foreground indication mechanism and call these methods
appropriately to conserve resources.
#stopAutoRefresh
### Examples
#### Start and stop auto refresh in React Native
```js
import { AppState } from 'react-native'
// make sure you register this only once!
AppState.addEventListener('change', (state) => {
if (state === 'active') {
supabase.auth.startAutoRefresh()
} else {
supabase.auth.stopAutoRefresh()
}
})
```
## stopAutoRefresh
Stops an active auto refresh process running in the background (if any).
If you call this method any managed visibility change callback will be
removed and you must manage visibility changes on your own.
See #startAutoRefresh for more details.
### Examples
#### Start and stop auto refresh in React Native
```js
import { AppState } from 'react-native'
// make sure you register this only once!
AppState.addEventListener('change', (state) => {
if (state === 'active') {
supabase.auth.startAutoRefresh()
} else {
supabase.auth.stopAutoRefresh()
}
})
```
## unlinkIdentity
Unlinks an identity from a user by deleting it. The user will no longer be able to sign in with that identity once it's unlinked.
### Examples
#### Unlink an identity
```js
// retrieve all identities linked to a user
const identities = await supabase.auth.getUserIdentities()
// find the google identity
const googleIdentity = identities.find(
identity => identity.provider === 'google'
)
// unlink the google identity
const { error } = await supabase.auth.unlinkIdentity(googleIdentity)
```
## updateUser
Updates user data for a logged in user.
### Examples
#### Update the email for an authenticated user
```js
const { data, error } = await supabase.auth.updateUser({
email: 'new@email.com'
})
```
#### Update the phone number for an authenticated user
```js
const { data, error } = await supabase.auth.updateUser({
phone: '123456789'
})
```
#### Update the password for an authenticated user
```js
const { data, error } = await supabase.auth.updateUser({
password: 'new password'
})
```
#### Update the user's metadata
```js
const { data, error } = await supabase.auth.updateUser({
data: { hello: 'world' }
})
```
#### Update the user's password with a nonce
```js
const { data, error } = await supabase.auth.updateUser({
password: 'new password',
nonce: '123456'
})
```
## verifyOtp
Log in a user given a User supplied OTP or TokenHash received through mobile or email.
### Examples
#### Verify Signup One-Time Password (OTP)
```js
const { data, error } = await supabase.auth.verifyOtp({ email, token, type: 'email'})
```
#### Verify SMS One-Time Password (OTP)
```js
const { data, error } = await supabase.auth.verifyOtp({ phone, token, type: 'sms'})
```
#### Verify Email Auth (Token Hash)
```js
const { data, error } = await supabase.auth.verifyOtp({ token_hash: tokenHash, type: 'email'})
```
## Overview
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
### Examples
#### Create server-side auth client
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(supabase_url, secret_key, {
auth: {
autoRefreshToken: false,
persistSession: false
}
})
// Access auth admin api
const adminAuthClient = supabase.auth.admin
```
## Overview
- Any method under the `supabase.auth.admin` namespace requires a `secret` key.
- These methods are considered admin methods and should be called on a trusted server. Never expose your `secret` key in the browser.
### Examples
#### Create server-side auth client
```js
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(supabase_url, secret_key, {
auth: {
autoRefreshToken: false,
persistSession: false
}
})
// Access auth admin api
const adminAuthClient = supabase.auth.admin
```
## createProvider
Creates a new custom OIDC/OAuth provider.
For OIDC providers, the server fetches and validates the OpenID Connect discovery document
from the issuer's well-known endpoint (or the provided `discovery_url`) at creation time.
This may return a validation error (`error_code: "validation_failed"`) if the discovery
document is unreachable, not valid JSON, missing required fields, or if the issuer
in the document does not match the expected issuer.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## createUser
Creates a new user.
This function should only be called on a server. Never expose your `service_role` key in the browser.
### Examples
#### With custom user metadata
```js
const { data, error } = await supabase.auth.admin.createUser({
email: 'user@email.com',
password: 'password',
user_metadata: { name: 'Yoda' }
})
```
#### Auto-confirm the user's email
```js
const { data, error } = await supabase.auth.admin.createUser({
email: 'user@email.com',
email_confirm: true
})
```
#### Auto-confirm the user's phone number
```js
const { data, error } = await supabase.auth.admin.createUser({
phone: '1234567890',
phone_confirm: true
})
```
## deleteFactor
Deletes a factor on a user. This will log the user out of all active
sessions if the deleted factor was verified.
### Examples
#### Delete a factor for a user
```js
const { data, error } = await supabase.auth.admin.mfa.deleteFactor({
id: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
userId: 'a89baba7-b1b7-440f-b4bb-91026967f66b',
})
```
## deleteProvider
Deletes a custom provider.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## deleteUser
Delete a user. Requires a `service_role` key.
### Examples
#### Removes a user
```js
const { data, error } = await supabase.auth.admin.deleteUser(
'715ed5db-f090-4b8c-a067-640ecee36aa0'
)
```
## generateLink
Generates email links and OTPs to be sent via a custom email provider.
### Examples
#### Generate a signup link
```js
const { data, error } = await supabase.auth.admin.generateLink({
type: 'signup',
email: 'email@example.com',
password: 'secret'
})
```
#### Generate an invite link
```js
const { data, error } = await supabase.auth.admin.generateLink({
type: 'invite',
email: 'email@example.com'
})
```
#### Generate a magic link
```js
const { data, error } = await supabase.auth.admin.generateLink({
type: 'magiclink',
email: 'email@example.com'
})
```
#### Generate a recovery link
```js
const { data, error } = await supabase.auth.admin.generateLink({
type: 'recovery',
email: 'email@example.com'
})
```
#### Generate links to change current email address
```js
// generate an email change link to be sent to the current email address
const { data, error } = await supabase.auth.admin.generateLink({
type: 'email_change_current',
email: 'current.email@example.com',
newEmail: 'new.email@example.com'
})
// generate an email change link to be sent to the new email address
const { data, error } = await supabase.auth.admin.generateLink({
type: 'email_change_new',
email: 'current.email@example.com',
newEmail: 'new.email@example.com'
})
```
## getProvider
Gets details of a specific custom provider by identifier.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## getUserById
Get user by id.
### Examples
#### Fetch the user object using the access_token jwt
```js
const { data, error } = await supabase.auth.admin.getUserById(1)
```
## inviteUserByEmail
Sends an invite link to an email address.
### Examples
#### Invite a user
```js
const { data, error } = await supabase.auth.admin.inviteUserByEmail('email@example.com')
```
## listFactors
Lists all factors associated to a user.
### Examples
#### List all factors for a user
```js
const { data, error } = await supabase.auth.admin.mfa.listFactors()
```
## listProviders
Lists all custom providers with optional type filter.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## listUsers
Get a list of users.
This function should only be called on a server. Never expose your `service_role` key in the browser.
### Examples
#### Get a page of users
```js
const { data: { users }, error } = await supabase.auth.admin.listUsers()
```
#### Paginated list of users
```js
const { data: { users }, error } = await supabase.auth.admin.listUsers({
page: 1,
perPage: 1000
})
```
## signOut
Removes a logged-in session.
## updateProvider
Updates an existing custom provider.
When `issuer` or `discovery_url` is changed on an OIDC provider, the server re-fetches and
validates the discovery document before persisting. This may return a validation error
(`error_code: "validation_failed"`) if the discovery document is unreachable, invalid, or
the issuer does not match.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## updateUserById
Updates the user data. Changes are applied directly without confirmation flows.
### Examples
#### Example 1
```typescript
// Server-side (Edge Function)
const { data, error } = await supabase.auth.admin.updateUserById(
userId,
{ user_metadata: { preferences: { theme: 'dark' } } }
)
// Client-side (to sync the changes)
const { data, error } = await supabase.auth.refreshSession()
// onAuthStateChange listeners will now be notified with updated user
```
#### Updates a user's email
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'11111111-1111-1111-1111-111111111111',
{ email: 'new@email.com' }
)
```
#### Updates a user's password
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ password: 'new_password' }
)
```
#### Updates a user's metadata
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ user_metadata: { hello: 'world' } }
)
```
#### Updates a user's app_metadata
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ app_metadata: { plan: 'trial' } }
)
```
#### Confirms a user's email address
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ email_confirm: true }
)
```
#### Confirms a user's phone number
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ phone_confirm: true }
)
```
#### Ban a user for 100 years
```js
const { data: user, error } = await supabase.auth.admin.updateUserById(
'6aa5d0d4-2a9f-4483-b6c8-0cf4c6c98ac4',
{ ban_duration: '876000h' }
)
```
## Auth MFA
This section contains methods commonly used for Multi-Factor Authentication (MFA) and are invoked behind the `supabase.auth.mfa` namespace.
Currently, there is support for time-based one-time password (TOTP) and phone verification code as the 2nd factor. Recovery codes are not supported but users can enroll multiple factors, with an upper limit of 10.
Having a 2nd factor for recovery frees the user of the burden of having to store their recovery codes somewhere. It also reduces the attack surface since multiple recovery codes are usually generated compared to just having 1 backup factor.
Learn more about implementing MFA in your application [in the MFA guide](https://supabase.com/docs/guides/auth/auth-mfa#overview).
## Auth MFA
This section contains methods commonly used for Multi-Factor Authentication (MFA) and are invoked behind the `supabase.auth.mfa` namespace.
Currently, there is support for time-based one-time password (TOTP) and phone verification code as the 2nd factor. Recovery codes are not supported but users can enroll multiple factors, with an upper limit of 10.
Having a 2nd factor for recovery frees the user of the burden of having to store their recovery codes somewhere. It also reduces the attack surface since multiple recovery codes are usually generated compared to just having 1 backup factor.
Learn more about implementing MFA in your application [in the MFA guide](https://supabase.com/docs/guides/auth/auth-mfa#overview).
## challenge
Prepares a challenge used to verify that a user has access to a MFA
factor.
### Examples
#### Create a challenge for a factor
```js
const { data, error } = await supabase.auth.mfa.challenge({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225'
})
```
#### Create a challenge for a phone factor
```js
const { data, error } = await supabase.auth.mfa.challenge({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
})
```
#### Create a challenge for a phone factor (WhatsApp)
```js
const { data, error } = await supabase.auth.mfa.challenge({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
channel: 'whatsapp',
})
```
## challengeAndVerify
Helper method which creates a challenge and immediately uses the given code to verify against it thereafter. The verification code is
provided by the user by entering a code seen in their authenticator app.
### Examples
#### Create and verify a challenge for a factor
```js
const { data, error } = await supabase.auth.mfa.challengeAndVerify({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
code: '123456'
})
```
## enroll
Starts the enrollment process for a new Multi-Factor Authentication (MFA)
factor. This method creates a new `unverified` factor.
To verify a factor, present the QR code or secret to the user and ask them to add it to their
authenticator app.
The user has to enter the code from their authenticator app to verify it.
Upon verifying a factor, all other sessions are logged out and the current session's authenticator level is promoted to `aal2`.
### Examples
#### Enroll a time-based, one-time password (TOTP) factor
```js
const { data, error } = await supabase.auth.mfa.enroll({
factorType: 'totp',
friendlyName: 'your_friendly_name'
})
// Use the id to create a challenge.
// The challenge can be verified by entering the code generated from the authenticator app.
// The code will be generated upon scanning the qr_code or entering the secret into the authenticator app.
const { id, type, totp: { qr_code, secret, uri }, friendly_name } = data
const challenge = await supabase.auth.mfa.challenge({ factorId: id });
```
#### Enroll a Phone Factor
```js
const { data, error } = await supabase.auth.mfa.enroll({
factorType: 'phone',
friendlyName: 'your_friendly_name',
phone: '+12345678',
})
// Use the id to create a challenge and send an SMS with a code to the user.
const { id, type, friendly_name, phone } = data
const challenge = await supabase.auth.mfa.challenge({ factorId: id });
```
## getAuthenticatorAssuranceLevel
Returns the Authenticator Assurance Level (AAL) for the active session.
- `aal1` (or `null`) means that the user's identity has been verified only
with a conventional login (email+password, OTP, magic link, social login,
etc.).
- `aal2` means that the user's identity has been verified both with a conventional login and at least one MFA factor.
When called without a JWT parameter, this method is fairly quick (microseconds)
and rarely uses the network. When a JWT is provided (useful in server-side
environments like Edge Functions where no session is stored), this method
will make a network request to validate the user and fetch their MFA factors.
### Examples
#### Get the AAL details of a session
```js
const { data, error } = await supabase.auth.mfa.getAuthenticatorAssuranceLevel()
const { currentLevel, nextLevel, currentAuthenticationMethods } = data
```
#### Get the AAL details for a specific JWT
```js
const { data, error } = await supabase.auth.mfa.getAuthenticatorAssuranceLevel(jwt)
```
## listFactors
Returns the list of MFA factors enabled for this user.
## unenroll
Unenroll removes a MFA factor.
A user has to have an `aal2` authenticator level in order to unenroll a `verified` factor.
### Examples
#### Unenroll a factor
```js
const { data, error } = await supabase.auth.mfa.unenroll({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
})
```
## verify
Verifies a code against a challenge. The verification code is
provided by the user by entering a code seen in their authenticator app.
### Examples
#### Verify a challenge for a factor
```js
const { data, error } = await supabase.auth.mfa.verify({
factorId: '34e770dd-9ff9-416c-87fa-43b31d7ef225',
challengeId: '4034ae6f-a8ce-4fb5-8ee5-69a5863a7c15',
code: '123456'
})
```
## Auth Passkey
This section contains methods for WebAuthn passkey registration, authentication, and management. Methods are invoked behind the `supabase.auth.passkey` namespace.
Passkey support is an experimental feature. Enable it when creating the client:
## Auth Passkey
This section contains methods for WebAuthn passkey registration, authentication, and management. Methods are invoked behind the `supabase.auth.passkey` namespace.
Passkey support is an experimental feature. Enable it when creating the client:
## delete
Deletes a passkey for the currently signed-in user.
## list
Lists all passkeys registered for the currently signed-in user.
## startAuthentication
Starts the passkey authentication ceremony. Fetches an authentication
challenge and credential request options from the server. Used as the
first step of a two-step sign-in flow when the caller wants to handle
`navigator.credentials.get()` themselves.
## startRegistration
Starts the passkey registration ceremony. Fetches a registration challenge
and credential creation options from the server. Used as the first step of
a two-step registration flow when the caller wants to handle
`navigator.credentials.create()` themselves.
## update
Updates a passkey's friendly name.
## verifyAuthentication
Verifies a passkey authentication credential against a previously issued
challenge. Used as the second step of a two-step sign-in flow.
## verifyRegistration
Verifies a passkey registration credential against a previously issued
challenge. Used as the second step of a two-step registration flow.
## OAuth Admin
The OAuth Admin API allows you to manage OAuth clients programmatically. Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. These functions should only be called on a server. Never expose your `secret` key in the browser.
## OAuth Admin
The OAuth Admin API allows you to manage OAuth clients programmatically. Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. These functions should only be called on a server. Never expose your `secret` key in the browser.
## createClient
Creates a new OAuth client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## deleteClient
Deletes an OAuth client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## getClient
Gets details of a specific OAuth client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## listClients
Lists all OAuth clients with optional pagination.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## regenerateClientSecret
Regenerates the secret for an OAuth client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## updateClient
Updates an existing OAuth client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## OAuth Server
The OAuth Server API allows you to build custom OAuth consent screens for your application. Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
## OAuth Server
The OAuth Server API allows you to build custom OAuth consent screens for your application. Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
## approveAuthorization
Approves an OAuth authorization request.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
After approval, the user's consent is stored and an authorization code is generated.
The response contains a complete redirect URL with the authorization code and state.
## denyAuthorization
Denies an OAuth authorization request.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
After denial, the response contains a redirect URL with an OAuth error
(access_denied) to inform the OAuth client that the user rejected the request.
## getAuthorizationDetails
Retrieves details about an OAuth authorization request.
Used to display consent information to the user.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
This method returns one of two response types:
- `OAuthAuthorizationDetails`: User needs to consent - show consent page with client info
- `OAuthRedirect`: User already consented - redirect immediately to the OAuth client
Use type narrowing to distinguish between the responses:
```typescript
if ('authorization_id' in data) {
// Show consent page
} else {
// Redirect to data.redirect_url
}
```
## listGrants
Lists all OAuth grants that the authenticated user has authorized.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
## revokeGrant
Revokes a user's OAuth grant for a specific client.
Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
Revocation marks consent as revoked, deletes active sessions for that OAuth client,
and invalidates associated refresh tokens.
## Passkey admin
Contains passkey administration methods. Requires a secret key.
## Passkey admin
Contains passkey administration methods. Requires a secret key.
## deletePasskey
Deletes a specific passkey for a specific user.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## listPasskeys
Lists all passkeys registered for a specific user.
This function should only be called on a server. Never expose your `service_role` key in the browser.
## Edge Functions
## corsHeaders
## invoke
Invokes a function
### Examples
#### Example 1
```ts
const { data, error } = await functions.invoke('hello-world', {
body: { name: 'Ada' },
})
```
#### Basic invocation
```js
const { data, error } = await supabase.functions.invoke('hello', {
body: { foo: 'bar' }
})
```
#### Error handling
```js
import { FunctionsHttpError, FunctionsRelayError, FunctionsFetchError } from "@supabase/supabase-js";
const { data, error } = await supabase.functions.invoke('hello', {
headers: {
"my-custom-header": 'my-custom-header-value'
},
body: { foo: 'bar' }
})
if (error instanceof FunctionsHttpError) {
const errorMessage = await error.context.json()
console.error('Function returned an error', errorMessage)
} else if (error instanceof FunctionsRelayError) {
console.error('Relay error:', error)
} else if (error instanceof FunctionsFetchError) {
console.error('Fetch error:', error)
}
```
#### Passing custom headers
```js
const { data, error } = await supabase.functions.invoke('hello', {
headers: {
"my-custom-header": 'my-custom-header-value'
},
body: { foo: 'bar' }
})
```
#### Calling with DELETE HTTP verb
```js
const { data, error } = await supabase.functions.invoke('hello', {
headers: {
"my-custom-header": 'my-custom-header-value'
},
body: { foo: 'bar' },
method: 'DELETE'
})
```
#### Invoking a Function in the UsEast1 region
```js
import { createClient, FunctionRegion } from '@supabase/supabase-js'
const { data, error } = await supabase.functions.invoke('hello', {
body: { foo: 'bar' },
region: FunctionRegion.UsEast1
})
```
#### Calling with GET HTTP verb
```js
const { data, error } = await supabase.functions.invoke('hello', {
headers: {
"my-custom-header": 'my-custom-header-value'
},
method: 'GET'
})
```
#### Standalone client invoke
```ts
const { data, error } = await functions.invoke('hello-world', {
body: { name: 'Ada' },
})
```
## setAuth
Updates the authorization header
### Examples
#### Setting the authorization header
```ts
functions.setAuth(session.access_token)
```
## Realtime
## channel
Creates (or reuses) a RealtimeChannel for the provided topic.
Topics are automatically prefixed with `realtime:` to match the Realtime service.
If a channel with the same topic already exists it will be returned instead of creating
a duplicate connection.
## connect
Connects the socket, unless already connected.
## connectionState
Returns the current state of the socket.
## disconnect
Disconnects the socket.
## endpointURL
Returns the URL of the websocket.
## getChannels
Returns all created channels
## getWebSocketConstructor
Returns the best available WebSocket constructor for the current runtime.
### Examples
#### Example with error handling
```ts
try {
const WS = WebSocketFactory.getWebSocketConstructor()
const socket = new WS('wss://example.com/socket')
} catch (error) {
console.error('WebSocket not available in this environment.', error)
}
```
## httpSend
Sends a broadcast message explicitly via REST API.
This method always uses the REST API endpoint regardless of WebSocket connection state.
Useful when you want to guarantee REST delivery or when gradually migrating from implicit REST fallback.
Payloads that are `ArrayBuffer` or `ArrayBufferView` (e.g. `Uint8Array`) are sent as
`application/octet-stream`; all other payloads are JSON-encoded.
## isConnected
Returns `true` is the connection is open.
## isConnecting
Returns `true` if the connection is currently connecting.
## isDisconnecting
Returns `true` if the connection is currently disconnecting.
## isWebSocketSupported
Detects whether the runtime can establish WebSocket connections.
### Examples
#### Example in a Node.js script
```ts
if (!WebSocketFactory.isWebSocketSupported()) {
console.error('WebSockets are required for this script.')
process.exitCode = 1
}
```
## log
Logs the message.
For customized logging, `this.logger` can be overridden in Client constructor.
## on
Creates an event handler that listens to changes.
### Examples
#### Listen to broadcast messages
```js
const channel = supabase.channel("room1")
channel.on("broadcast", { event: "cursor-pos" }, (payload) => {
console.log("Cursor position received!", payload);
}).subscribe((status) => {
if (status === "SUBSCRIBED") {
channel.send({
type: "broadcast",
event: "cursor-pos",
payload: { x: Math.random(), y: Math.random() },
});
}
});
```
#### Listen to presence sync
```js
const channel = supabase.channel('room1')
channel
.on('presence', { event: 'sync' }, () => {
console.log('Synced presence state: ', channel.presenceState())
})
.subscribe(async (status) => {
if (status === 'SUBSCRIBED') {
await channel.track({ online_at: new Date().toISOString() })
}
})
```
#### Listen to presence join
```js
const channel = supabase.channel('room1')
channel
.on('presence', { event: 'join' }, ({ newPresences }) => {
console.log('Newly joined presences: ', newPresences)
})
.subscribe(async (status) => {
if (status === 'SUBSCRIBED') {
await channel.track({ online_at: new Date().toISOString() })
}
})
```
#### Listen to presence leave
```js
const channel = supabase.channel('room1')
channel
.on('presence', { event: 'leave' }, ({ leftPresences }) => {
console.log('Newly left presences: ', leftPresences)
})
.subscribe(async (status) => {
if (status === 'SUBSCRIBED') {
await channel.track({ online_at: new Date().toISOString() })
await channel.untrack()
}
})
```
#### Listen to all database changes
```js
supabase
.channel('room1')
.on('postgres_changes', { event: '*', schema: '*' }, payload => {
console.log('Change received!', payload)
})
.subscribe()
```
#### Listen to a specific table
```js
supabase
.channel('room1')
.on('postgres_changes', { event: '*', schema: 'public', table: 'countries' }, payload => {
console.log('Change received!', payload)
})
.subscribe()
```
#### Listen to inserts
```js
supabase
.channel('room1')
.on('postgres_changes', { event: 'INSERT', schema: 'public', table: 'countries' }, payload => {
console.log('Change received!', payload)
})
.subscribe()
```
#### Listen to updates
```js
supabase
.channel('room1')
.on('postgres_changes', { event: 'UPDATE', schema: 'public', table: 'countries' }, payload => {
console.log('Change received!', payload)
})
.subscribe()
```
#### Listen to deletes
```js
supabase
.channel('room1')
.on('postgres_changes', { event: 'DELETE', schema: 'public', table: 'countries' }, payload => {
console.log('Change received!', payload)
})
.subscribe()
```
#### Listen to multiple events
```js
supabase
.channel('room1')
.on('postgres_changes', { event: 'INSERT', schema: 'public', table: 'countries' }, handleRecordInserted)
.on('postgres_changes', { event: 'DELETE', schema: 'public', table: 'countries' }, handleRecordDeleted)
.subscribe()
```
#### Listen to row level changes
```js
supabase
.channel('room1')
.on('postgres_changes', { event: 'UPDATE', schema: 'public', table: 'countries', filter: 'id=eq.200' }, handleRecordUpdated)
.subscribe()
```
## onHeartbeat
Sets a callback that receives lifecycle events for internal heartbeat messages.
Useful for instrumenting connection health (e.g. sent/ok/timeout/disconnected).
## presenceState
Returns the current presence state for this channel.
The shape is a map keyed by presence key (for example a user id) where each entry contains the
tracked metadata for that user.
## push
Push out a message if the socket is connected.
If the socket is not connected, the message gets enqueued within a local buffer, and sent out when a connection is next established.
## removeAllChannels
Unsubscribes, removes and tears down all channels
## removeChannel
Unsubscribes, removes and tears down a single channel
## send
Sends a message into the channel.
### Examples
#### Send a message via websocket
```js
const channel = supabase.channel('room1')
channel.subscribe((status) => {
if (status === 'SUBSCRIBED') {
channel.send({
type: 'broadcast',
event: 'cursor-pos',
payload: { x: Math.random(), y: Math.random() },
})
}
})
```
#### Send a message via REST
```js
const channel = supabase.channel('room1')
try {
await channel.httpSend('cursor-pos', { x: Math.random(), y: Math.random() })
} finally {
await supabase.removeChannel(channel)
}
```
## sendHeartbeat
Sends a heartbeat message if the socket is connected.
## setAuth
Sets the JWT access token used for channel subscription authorization and Realtime RLS.
If param is null it will use the `accessToken` callback function or the token set on the client.
On callback used, it will set the value of the token internal to the client.
When a token is explicitly provided, it will be preserved across channel operations
(including removeChannel and resubscribe). The `accessToken` callback will not be
invoked until `setAuth()` is called without arguments.
### Examples
#### Example 1
```ts
Setting the authorization header
// Use a manual token (preserved across resubscribes, ignores accessToken callback)
client.realtime.setAuth('my-custom-jwt')
// Switch back to using the accessToken callback
client.realtime.setAuth()
```
## subscribe
Subscribe registers your client with the server.
The optional `callback` receives a `status` and, on failure, an `err` argument.
Log the full `err` so its `cause`, `name`, and any structured fields aren't hidden
behind `err.message`.
### Examples
#### Handling errors
```js
supabase.channel('room1').subscribe((status, err) => {
if (status === 'CHANNEL_ERROR' || status === 'TIMED_OUT') {
// Log the full error: its `cause` often holds the underlying reason.
console.error(status, err)
}
})
```
## teardown
Destroys and stops related timers.
## track
Sends the supplied payload to the presence tracker so other subscribers can see that this
client is online. Use `untrack` to stop broadcasting presence for the same key.
## unsubscribe
Leaves the channel.
Unsubscribes from server events, and instructs channel to terminate on server.
Triggers onClose() hooks.
To receive leave acknowledgements, use the a `receive` hook to bind to the server ack, ie:
channel.unsubscribe().receive("ok", () => alert("left!") )
## untrack
Removes the current presence state for this client.
## updateJoinPayload
Updates the payload that will be sent the next time the channel joins (reconnects).
Useful for rotating access tokens or updating config without re-creating the channel.
## Storage
## Analytics Buckets
This section contains methods for working with Analytics Buckets.
## Analytics Buckets
This section contains methods for working with Analytics Buckets.
## createBucket
Creates a new analytics bucket using Iceberg tables
Analytics buckets are optimized for analytical queries and data processing
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Create analytics bucket
```js
const { data, error } = await supabase
.storage
.analytics
.createBucket('analytics-data')
```
## deleteBucket
Deletes an existing analytics bucket
A bucket can't be deleted with existing objects inside it
You must first empty the bucket before deletion
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Delete analytics bucket
```js
const { data, error } = await supabase
.storage
.analytics
.deleteBucket('analytics-data')
```
## from
Get an Iceberg REST Catalog client configured for a specific analytics bucket
Use this to perform advanced table and namespace operations within the bucket
The returned client provides full access to the Apache Iceberg REST Catalog API
with the Supabase `{ data, error }` pattern for consistent error handling on all operations.
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Get catalog and create table
```js
// First, create an analytics bucket
const { data: bucket, error: bucketError } = await supabase
.storage
.analytics
.createBucket('analytics-data')
// Get the Iceberg catalog for that bucket
const catalog = supabase.storage.analytics.from('analytics-data')
// Create a namespace
const { error: nsError } = await catalog.createNamespace({ namespace: ['default'] })
// Create a table with schema
const { data: tableMetadata, error: tableError } = await catalog.createTable(
{ namespace: ['default'] },
{
name: 'events',
schema: {
type: 'struct',
fields: [
{ id: 1, name: 'id', type: 'long', required: true },
{ id: 2, name: 'timestamp', type: 'timestamp', required: true },
{ id: 3, name: 'user_id', type: 'string', required: false }
],
'schema-id': 0,
'identifier-field-ids': [1]
},
'partition-spec': {
'spec-id': 0,
fields: []
},
'write-order': {
'order-id': 0,
fields: []
},
properties: {
'write.format.default': 'parquet'
}
}
)
```
#### List tables in namespace
```js
const catalog = supabase.storage.analytics.from('analytics-data')
// List all tables in the default namespace
const { data: tables, error: listError } = await catalog.listTables({ namespace: ['default'] })
if (listError) {
if (listError.isNotFound()) {
console.log('Namespace not found')
}
return
}
console.log(tables) // [{ namespace: ['default'], name: 'events' }]
```
#### Working with namespaces
```js
const catalog = supabase.storage.analytics.from('analytics-data')
// List all namespaces
const { data: namespaces } = await catalog.listNamespaces()
// Create namespace with properties
await catalog.createNamespace(
{ namespace: ['production'] },
{ properties: { owner: 'data-team', env: 'prod' } }
)
```
#### Cleanup operations
```js
const catalog = supabase.storage.analytics.from('analytics-data')
// Drop table with purge option (removes all data)
const { error: dropError } = await catalog.dropTable(
{ namespace: ['default'], name: 'events' },
{ purge: true }
)
if (dropError?.isNotFound()) {
console.log('Table does not exist')
}
// Drop namespace (must be empty)
await catalog.dropNamespace({ namespace: ['default'] })
```
## listBuckets
Retrieves the details of all Analytics Storage buckets within an existing project
Only returns buckets of type 'ANALYTICS'
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### List analytics buckets
```js
const { data, error } = await supabase
.storage
.analytics
.listBuckets({
limit: 10,
offset: 0,
sortColumn: 'created_at',
sortOrder: 'desc'
})
```
## File Buckets
This section contains methods for working with File Buckets.
## File Buckets
This section contains methods for working with File Buckets.
## copy
Copies an existing file to a new path in the same bucket.
### Examples
#### Copy file
```js
const { data, error } = await supabase
.storage
.from('avatars')
.copy('public/avatar1.png', 'private/avatar2.png')
```
## createBucket
Creates a new Storage bucket
### Examples
#### Create bucket
```js
const { data, error } = await supabase
.storage
.createBucket('avatars', {
public: false,
allowedMimeTypes: ['image/png'],
fileSizeLimit: 1024
})
```
## createSignedUploadUrl
Creates a signed upload URL.
Signed upload URLs can be used to upload files to the bucket without further authentication.
They are valid for 2 hours.
### Examples
#### Create Signed Upload URL
```js
const { data, error } = await supabase
.storage
.from('avatars')
.createSignedUploadUrl('folder/cat.jpg')
```
## createSignedUrl
Creates a signed URL. Use a signed URL to share a file for a fixed amount of time.
### Examples
#### Create Signed URL
```js
const { data, error } = await supabase
.storage
.from('avatars')
.createSignedUrl('folder/avatar1.png', 60)
```
#### Create a signed URL for an asset with transformations
```js
const { data } = await supabase
.storage
.from('avatars')
.createSignedUrl('folder/avatar1.png', 60, {
transform: {
width: 100,
height: 100,
}
})
```
#### Create a signed URL which triggers the download of the asset
```js
const { data } = await supabase
.storage
.from('avatars')
.createSignedUrl('folder/avatar1.png', 60, {
download: true,
})
```
## createSignedUrls
Creates multiple signed URLs. Use a signed URL to share a file for a fixed amount of time.
### Examples
#### Create Signed URLs
```js
const { data, error } = await supabase
.storage
.from('avatars')
.createSignedUrls(['folder/avatar1.png', 'folder/avatar2.png'], 60)
```
## deleteBucket
Deletes an existing bucket. A bucket can't be deleted with existing objects inside it.
You must first `empty()` the bucket.
### Examples
#### Delete bucket
```js
const { data, error } = await supabase
.storage
.deleteBucket('avatars')
```
## download
Downloads a file from a private bucket. For public buckets, make a request to the URL returned from `getPublicUrl` instead.
### Examples
#### Download file
```js
const { data, error } = await supabase
.storage
.from('avatars')
.download('folder/avatar1.png')
```
#### Download file with transformations
```js
const { data, error } = await supabase
.storage
.from('avatars')
.download('folder/avatar1.png', {
transform: {
width: 100,
height: 100,
quality: 80
}
})
```
#### Download with cache control (useful in Edge Functions)
```js
const { data, error } = await supabase
.storage
.from('avatars')
.download('folder/avatar1.png', {}, { cache: 'no-store' })
```
#### Download with abort signal
```js
const controller = new AbortController()
setTimeout(() => controller.abort(), 5000)
const { data, error } = await supabase
.storage
.from('avatars')
.download('folder/avatar1.png', {}, { signal: controller.signal })
```
## emptyBucket
Removes all objects inside a single bucket.
### Examples
#### Empty bucket
```js
const { data, error } = await supabase
.storage
.emptyBucket('avatars')
```
## exists
Checks the existence of a file.
### Examples
#### Check file existence
```js
const { data, error } = await supabase
.storage
.from('avatars')
.exists('folder/avatar1.png')
```
## from
Perform file operation in a bucket.
### Examples
#### Accessing a bucket
```typescript
const avatars = supabase.storage.from('avatars')
```
## getBucket
Retrieves the details of an existing Storage bucket.
### Examples
#### Get bucket
```js
const { data, error } = await supabase
.storage
.getBucket('avatars')
```
## getPublicUrl
A simple convenience function to get the URL for an asset in a public bucket. If you do not want to use this function, you can construct the public URL by concatenating the bucket URL with the path to the asset.
This function does not verify if the bucket is public. If a public URL is created for a bucket which is not public, you will not be able to download the asset.
### Examples
#### Returns the URL for an asset in a public bucket
```js
const { data } = supabase
.storage
.from('public-bucket')
.getPublicUrl('folder/avatar1.png')
```
#### Returns the URL for an asset in a public bucket with transformations
```js
const { data } = supabase
.storage
.from('public-bucket')
.getPublicUrl('folder/avatar1.png', {
transform: {
width: 100,
height: 100,
}
})
```
#### Returns the URL which triggers the download of an asset in a public bucket
```js
const { data } = supabase
.storage
.from('public-bucket')
.getPublicUrl('folder/avatar1.png', {
download: true,
})
```
## info
Retrieves the details of an existing file.
Returns detailed file metadata including size, content type, and timestamps.
Note: The API returns `last_modified` field, not `updated_at`.
### Examples
#### Get file info
```js
const { data, error } = await supabase
.storage
.from('avatars')
.info('folder/avatar1.png')
if (data) {
console.log('Last modified:', data.lastModified)
console.log('Size:', data.size)
}
```
## list
Lists all the files and folders within a path of the bucket.
**Important:** For folder entries, fields like `id`, `updated_at`, `created_at`,
`last_accessed_at`, and `metadata` will be `null`. Only files have these fields populated.
Additionally, deprecated fields like `bucket_id`, `owner`, and `buckets` are NOT returned
by this method.
### Examples
#### List files in a bucket
```js
const { data, error } = await supabase
.storage
.from('avatars')
.list('folder', {
limit: 100,
offset: 0,
sortBy: { column: 'name', order: 'asc' },
})
// Handle files vs folders
data?.forEach(item => {
if (item.id !== null) {
// It's a file
console.log('File:', item.name, 'Size:', item.metadata?.size)
} else {
// It's a folder
console.log('Folder:', item.name)
}
})
```
#### Search files in a bucket
```js
const { data, error } = await supabase
.storage
.from('avatars')
.list('folder', {
limit: 100,
offset: 0,
sortBy: { column: 'name', order: 'asc' },
search: 'jon'
})
```
## listBuckets
Retrieves the details of all Storage buckets within an existing project.
### Examples
#### List buckets
```js
const { data, error } = await supabase
.storage
.listBuckets()
```
#### List buckets with options
```js
const { data, error } = await supabase
.storage
.listBuckets({
limit: 10,
offset: 0,
sortColumn: 'created_at',
sortOrder: 'desc',
search: 'prod'
})
```
## listV2
Lists all the files and folders within a bucket using the V2 API with pagination support.
**Important:** Folder entries in the `folders` array only contain `name` and optionally `key` â
they have no `id`, timestamps, or `metadata` fields. Full file metadata is only available
on entries in the `objects` array.
this method signature might change in the future
### Examples
#### List files with pagination
```js
const { data, error } = await supabase
.storage
.from('avatars')
.listV2({
prefix: 'folder/',
limit: 100,
})
// Handle pagination
if (data?.hasNext) {
const nextPage = await supabase
.storage
.from('avatars')
.listV2({
prefix: 'folder/',
cursor: data.nextCursor,
})
}
// Handle files vs folders
data?.objects.forEach(file => {
if (file.id !== null) {
console.log('File:', file.name, 'Size:', file.metadata?.size)
}
})
data?.folders.forEach(folder => {
console.log('Folder:', folder.name)
})
```
## move
Moves an existing file to a new path in the same bucket.
### Examples
#### Move file
```js
const { data, error } = await supabase
.storage
.from('avatars')
.move('public/avatar1.png', 'private/avatar2.png')
```
## remove
Deletes files within the same bucket
Returns an array of FileObject entries for the deleted files. Note that deprecated
fields like `bucket_id` may or may not be present in the response - do not rely on them.
### Examples
#### Delete file
```js
const { data, error } = await supabase
.storage
.from('avatars')
.remove(['folder/avatar1.png'])
```
## update
Replaces an existing file at the specified path with a new one.
### Examples
#### Update file
```js
const avatarFile = event.target.files[0]
const { data, error } = await supabase
.storage
.from('avatars')
.update('public/avatar1.png', avatarFile, {
cacheControl: '3600'
})
```
#### Update file using `ArrayBuffer` from base64 file data
```js
import {decode} from 'base64-arraybuffer'
const { data, error } = await supabase
.storage
.from('avatars')
.update('public/avatar1.png', decode('base64FileData'), {
contentType: 'image/png'
})
```
## updateBucket
Updates a Storage bucket
### Examples
#### Update bucket
```js
const { data, error } = await supabase
.storage
.updateBucket('avatars', {
public: false,
allowedMimeTypes: ['image/png'],
fileSizeLimit: 1024
})
```
## upload
Uploads a file to an existing bucket.
### Examples
#### Upload file
```js
const avatarFile = event.target.files[0]
const { data, error } = await supabase
.storage
.from('avatars')
.upload('public/avatar1.png', avatarFile, {
cacheControl: '3600',
upsert: false
})
```
#### Upload file using `ArrayBuffer` from base64 file data
```js
import { decode } from 'base64-arraybuffer'
const { data, error } = await supabase
.storage
.from('avatars')
.upload('public/avatar1.png', decode('base64FileData'), {
contentType: 'image/png'
})
```
#### Handling errors
```js
const { data, error } = await supabase
.storage
.from('avatars')
.upload('public/avatar1.png', avatarFile)
if (error) {
// Log the full error so fields like `statusCode` and `error` (the
// Storage error name, e.g. "Duplicate") aren't hidden behind `error.message`.
console.error(error)
return
}
```
## uploadToSignedUrl
Upload a file with a token generated from `createSignedUploadUrl`.
### Examples
#### Upload to a signed URL
```js
const { data, error } = await supabase
.storage
.from('avatars')
.uploadToSignedUrl('folder/cat.jpg', 'token-from-createSignedUploadUrl', file)
```
## Vector Buckets
This section contains methods for working with Vector Buckets.
## Vector Buckets
This section contains methods for working with Vector Buckets.
## createBucket
Creates a new vector bucket
Vector buckets are containers for vector indexes and their data
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Creating a vector bucket
```typescript
const { data, error } = await supabase
.storage
.vectors
.createBucket('embeddings-prod')
```
## createIndex
Creates a new vector index in this bucket
Convenience method that automatically includes the bucket name
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Creating a vector index
```typescript
const bucket = supabase.storage.vectors.from('embeddings-prod')
await bucket.createIndex({
indexName: 'documents-openai',
dataType: 'float32',
dimension: 1536,
distanceMetric: 'cosine',
metadataConfiguration: {
nonFilterableMetadataKeys: ['raw_text']
}
})
```
## deleteBucket
Deletes a vector bucket (bucket must be empty)
All indexes must be deleted before deleting the bucket
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Delete a vector bucket
```typescript
const { data, error } = await supabase
.storage
.vectors
.deleteBucket('embeddings-old')
```
## deleteIndex
Deletes an index from this bucket
Convenience method that automatically includes the bucket name
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Delete an index
```typescript
const bucket = supabase.storage.vectors.from('embeddings-prod')
await bucket.deleteIndex('old-index')
```
## deleteVectors
Deletes vectors by keys from this index
Convenience method that automatically includes bucket and index names
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Delete vectors by keys
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
await index.deleteVectors({
keys: ['doc-1', 'doc-2', 'doc-3']
})
```
## from
Access operations for a specific vector bucket
Returns a scoped client for index and vector operations within the bucket
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Accessing a vector bucket
```typescript
const bucket = supabase.storage.vectors.from('embeddings-prod')
```
## getBucket
Retrieves metadata for a specific vector bucket
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Get bucket metadata
```typescript
const { data, error } = await supabase
.storage
.vectors
.getBucket('embeddings-prod')
console.log('Bucket created:', data?.vectorBucket.creationTime)
```
## getIndex
Retrieves metadata for a specific index in this bucket
Convenience method that automatically includes the bucket name
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Get index metadata
```typescript
const bucket = supabase.storage.vectors.from('embeddings-prod')
const { data } = await bucket.getIndex('documents-openai')
console.log('Dimension:', data?.index.dimension)
```
## getVectors
Retrieves vectors by keys from this index
Convenience method that automatically includes bucket and index names
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Get vectors by keys
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
const { data } = await index.getVectors({
keys: ['doc-1', 'doc-2'],
returnMetadata: true
})
```
## index
Access operations for a specific index within this bucket
Returns a scoped client for vector data operations
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Accessing an index
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
// Insert vectors
await index.putVectors({
vectors: [
{ key: 'doc-1', data: { float32: [...] }, metadata: { title: 'Intro' } }
]
})
// Query similar vectors
const { data } = await index.queryVectors({
queryVector: { float32: [...] },
topK: 5
})
```
## listBuckets
Lists all vector buckets with optional filtering and pagination
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### List vector buckets
```typescript
const { data, error } = await supabase
.storage
.vectors
.listBuckets({ prefix: 'embeddings-' })
data?.vectorBuckets.forEach(bucket => {
console.log(bucket.vectorBucketName)
})
```
## listIndexes
Lists indexes in this bucket
Convenience method that automatically includes the bucket name
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### List indexes
```typescript
const bucket = supabase.storage.vectors.from('embeddings-prod')
const { data } = await bucket.listIndexes({ prefix: 'documents-' })
```
## listVectors
Lists vectors in this index with pagination
Convenience method that automatically includes bucket and index names
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### List vectors with pagination
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
const { data } = await index.listVectors({
maxResults: 500,
returnMetadata: true
})
```
## putVectors
Inserts or updates vectors in this index
Convenience method that automatically includes bucket and index names
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Insert vectors into an index
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
await index.putVectors({
vectors: [
{
key: 'doc-1',
data: { float32: [0.1, 0.2, ...] },
metadata: { title: 'Introduction', page: 1 }
}
]
})
```
## queryVectors
Queries for similar vectors in this index
Convenience method that automatically includes bucket and index names
**Public alpha:** This API is part of a public alpha release and may not be available to your account type.
### Examples
#### Query similar vectors
```typescript
const index = supabase.storage.vectors.from('embeddings-prod').index('documents-openai')
const { data } = await index.queryVectors({
queryVector: { float32: [0.1, 0.2, ...] },
topK: 5,
filter: { category: 'technical' },
returnDistance: true,
returnMetadata: true
})
```