adaptationio/supabase-auth
.claude/skills/supabase-auth/SKILL.md
Setup and manage Supabase authentication including project connection, tokens, login methods, and user management. Use when configuring Supabase access, implementing authentication, or managing users.
$ install --global
skillsauthnpx skillsauth add adaptationio/skrillz supabase-authInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 1:54 AM56.4s4 files scanned
SKILL.md
- name:
- supabase-auth
- description:
- Setup and manage Supabase authentication including project connection, tokens, login methods, and user management. Use when configuring Supabase access, implementing authentication, or managing users.
Supabase Authentication Skill
Setup and manage Supabase authentication for projects.
Quick Reference
| Task | Method |
|------|--------|
| Install CLI | npm install supabase --save-dev |
| Login to Supabase | supabase login |
| Link project | supabase link --project-ref <ref> |
| Check status | supabase status |
| Get project URL | Dashboard → Settings → API |
| Get anon key | Dashboard → Settings → API |
| Get service key | Dashboard → Settings → API (hidden by default) |
Environment Variables
# Required for all Supabase operations
SUPABASE_URL=https://<project-ref>.supabase.co
SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
# For server-side admin operations (NEVER expose client-side)
SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
# For CI/CD pipelines
SUPABASE_ACCESS_TOKEN=<personal-access-token>
SUPABASE_DB_PASSWORD=<database-password>
SUPABASE_PROJECT_ID=<project-ref>
Client Initialization
Browser/Client-Side
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(
process.env.SUPABASE_URL,
process.env.SUPABASE_ANON_KEY
)
Server-Side (with Service Role)
import { createClient } from '@supabase/supabase-js'
const supabaseAdmin = createClient(
process.env.SUPABASE_URL,
process.env.SUPABASE_SERVICE_ROLE_KEY,
{
auth: {
autoRefreshToken: false,
persistSession: false
}
}
)
Authentication Methods
Email/Password
// Sign up
const { data, error } = await supabase.auth.signUp({
email: '[email protected]',
password: 'password123',
options: {
data: { full_name: 'John Doe' } // user metadata
}
})
// Sign in
const { data, error } = await supabase.auth.signInWithPassword({
email: '[email protected]',
password: 'password123'
})
// Sign out
const { error } = await supabase.auth.signOut()
Magic Link (Passwordless)
const { data, error } = await supabase.auth.signInWithOtp({
email: '[email protected]',
options: {
emailRedirectTo: 'https://yourapp.com/welcome'
}
})
OAuth Providers
const { data, error } = await supabase.auth.signInWithOAuth({
provider: 'github', // or 'google', 'discord', etc.
options: {
redirectTo: 'https://yourapp.com/auth/callback'
}
})
Anonymous Auth
const { data, error } = await supabase.auth.signInAnonymously()
Session Management
Get Current Session
// From local storage (fast, no network)
const { data: { session } } = await supabase.auth.getSession()
// Validate with server (secure, use on server-side)
const { data: { user } } = await supabase.auth.getUser()
Listen for Auth Changes
const { data: { subscription } } = supabase.auth.onAuthStateChange(
(event, session) => {
console.log(event, session)
// Events: SIGNED_IN, SIGNED_OUT, TOKEN_REFRESHED, USER_UPDATED
}
)
// Cleanup
subscription.unsubscribe()
Password Recovery
// Request reset
const { error } = await supabase.auth.resetPasswordForEmail(
'[email protected]',
{ redirectTo: 'https://yourapp.com/update-password' }
)
// Update password (after redirect)
const { error } = await supabase.auth.updateUser({
password: 'new_password'
})
Admin Operations (Server-Side Only)
// Create user (bypasses email confirmation)
const { data, error } = await supabaseAdmin.auth.admin.createUser({
email: '[email protected]',
password: 'password123',
email_confirm: true,
app_metadata: { role: 'admin' }
})
// Delete user
const { error } = await supabaseAdmin.auth.admin.deleteUser(userId)
// Update user
const { data, error } = await supabaseAdmin.auth.admin.updateUserById(
userId,
{ app_metadata: { role: 'moderator' } }
)
// List users
const { data, error } = await supabaseAdmin.auth.admin.listUsers()
Security Notes
- Never expose service role key - It bypasses Row Level Security
- Use getUser() on server - Don't trust getSession() for authorization
- Use app_metadata for roles - user_metadata is user-editable
- Enable RLS on all tables - Without it, anyone can access data
References
- auth-methods.md - All authentication methods in detail
- session-management.md - Session lifecycle and tokens
- mfa-setup.md - Multi-factor authentication
Related Skills
adaptationio/ttyd-remote-terminal-wsl2
development
VerifiedTrustedCommunity
Setup secure web-based terminal access to WSL2 from mobile/tablet via ttyd + ngrok/Cloudflare/Tailscale. One-command install, start, stop, status. Use when you need remote terminal access, web terminal, browser-based shell, or mobile access to WSL2 environment.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/tri-ai-collaboration
development
VerifiedTrustedCommunity
Complete development workflows where Claude writes the code while Gemini and Codex provide research, planning, reviews, and different perspectives. Claude remains the main developer. Use for complex projects requiring expert planning and multi-perspective reviews.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/todo-management
development
VerifiedTrustedCommunity
Systematic progress tracking for skill development. Manages task states (pending/in_progress/completed), updates in real-time, reports progress, identifies blockers, and maintains momentum. Use when tracking skill development, coordinating work, or reporting progress.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/testing-workflow
testing
VerifiedTrustedCommunity
Comprehensive testing workflow orchestrating functional testing, example validation, integration testing, and usability assessment. Sequential workflow for complete skill testing from examples through scenarios to integration validation. Use when conducting thorough testing, pre-deployment validation, ensuring skill functionality, or comprehensive quality checks.
6SKILL.mdUpdated Mar 28, 2026