Configure Supabase authentication providers (OAuth, JWT, email). Use when setting up authentication, configuring OAuth providers (Google/GitHub/Discord), implementing auth flows, configuring JWT settings, or when user mentions Supabase auth, social login, authentication setup, or auth configuration.
/plugin marketplace add vanman2024/ai-dev-marketplace/plugin install supabase@ai-dev-marketplaceThis skill is limited to using the following tools:
README.mdexamples/ai-app-patterns.mdexamples/auth-flows.mdexamples/oauth-setup-guide.mdscripts/configure-jwt.shscripts/setup-email-auth.shscripts/setup-oauth-provider.shscripts/test-auth-flow.shtemplates/email-templates/confirmation.htmltemplates/email-templates/invite.htmltemplates/email-templates/magic-link.htmltemplates/email-templates/password-reset.htmltemplates/helpers/auth-helpers.tstemplates/middleware/auth-middleware.tstemplates/oauth-providers/discord-oauth-config.jsontemplates/oauth-providers/github-oauth-config.jsontemplates/oauth-providers/google-oauth-config.jsonThis skill provides complete authentication configuration for Supabase-powered AI applications. It covers OAuth provider setup, JWT configuration, email authentication with PKCE flow, and auth middleware templates.
Configure social login providers for your Supabase project:
Supported Providers:
Setup Process:
# Configure OAuth provider (creates config, provides setup instructions)
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/setup-oauth-provider.sh google
# Or use template directly
cat /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/templates/oauth-providers/google-oauth-config.json
Provider Setup Steps:
Configure JSON Web Token settings for secure session management:
# Set up JWT signing secrets and configuration
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/configure-jwt.sh
JWT Settings:
Configure secure email authentication for server-side rendering:
# Set up email auth with PKCE flow for SSR applications
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/setup-email-auth.sh
Email Auth Features:
Use pre-built middleware templates for Next.js and other frameworks:
Next.js Middleware:
// Copy template and customize
cp /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/templates/middleware/auth-middleware.ts ./middleware.ts
Auth Helper Functions:
// Reusable auth utilities
cp /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/templates/helpers/auth-helpers.ts ./lib/auth.ts
Validate your authentication setup end-to-end:
# Test all configured auth flows
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/test-auth-flow.sh
Tests Include:
# 1. Run OAuth setup script
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/setup-oauth-provider.sh google
# 2. Follow prompts to configure:
# - Google Cloud Console OAuth app
# - Authorized redirect URIs
# - Client credentials in Supabase
# 3. Add middleware to Next.js app
cp /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/templates/middleware/auth-middleware.ts ./middleware.ts
# 4. Test the flow
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/test-auth-flow.sh
Result: Fully configured Google OAuth with protected routes and session management
Configure multiple OAuth providers for user choice:
# Set up Google, GitHub, and Discord
for provider in google github discord; do
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/setup-oauth-provider.sh $provider
done
# Configure email auth as fallback
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/setup-email-auth.sh
# Test all providers
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/test-auth-flow.sh --all
Result: Users can sign in with Google, GitHub, Discord, or email
Configure JWT claims for AI model access control:
# 1. Set up JWT with custom claims
bash /home/vanman2025/Projects/ai-dev-marketplace/plugins/supabase/skills/auth-configs/scripts/configure-jwt.sh
# 2. Add role-based middleware
# Edit middleware.ts to check JWT claims for AI model permissions
# 3. Configure RLS policies in Supabase
# Link JWT claims to database row-level security
Result: Different user tiers (free, pro, enterprise) with model access control
Environment Variables:
SUPABASE_URL - Your Supabase project URLSUPABASE_ANON_KEY - Public anonymous keySUPABASE_SERVICE_ROLE_KEY - Service role key (for admin operations)Dependencies:
@supabase/supabase-js - Supabase JavaScript client@supabase/ssr - Server-side rendering support (replaces deprecated auth-helpers)Supabase Project Setup:
For OAuth Providers:
Multi-User AI Chat:
RAG Systems:
AI API Platforms:
Never Hardcode Secrets:
# ✅ CORRECT - Use environment variables
export GOOGLE_CLIENT_SECRET="your-secret-here"
# ❌ WRONG - Never commit secrets
const secret = "GOCSPX-abc123..." // DON'T DO THIS
Use PKCE Flow for SSR:
Validate Redirect URLs:
Rotate JWT Secrets:
Plugin: supabase Version: 1.0.0 Category: Authentication Skill Type: Configuration
Use when working with Payload CMS projects (payload.config.ts, collections, fields, hooks, access control, Payload API). Use when debugging validation errors, security issues, relationship queries, transactions, or hook behavior.