Supabase Auth Client

2.28.3 · active · verified Thu Apr 09

The `supabase-auth` Python library provides a client for interacting with Supabase Auth services, enabling functionalities like user registration, login, session management, and password recovery. It's a foundational component often used directly or as part of the `supabase-py` full client library. The current version is 2.28.3, and it follows the release cadence of the broader Supabase Python ecosystem, with frequent updates.

Warnings

breaking When migrating from `supabase-py` v1 to v2, the internal `AuthClient` structure and interaction patterns significantly changed. If you previously accessed authentication functionality via `supabase.auth` in `supabase-py` v1 and are now using this standalone `supabase-auth` package or `supabase-py` v2, be aware of method signature changes and the explicit need to import `AuthClient` from `supabase_auth.client`.
Fix: Review the official `supabase-auth-py` and `supabase-py` v2 documentation. Ensure you're importing `AuthClient` from `supabase_auth.client` and adapting method calls (e.g., `sign_up`, `sign_in`) to the current API.
gotcha Properly managing user sessions and token refreshing is crucial for long-lived applications. While `AuthClient` can handle token refreshing, incorrect configuration or manual management can lead to expired sessions and unauthorized requests.
Fix: Ensure that `AuthClient` is configured to handle session refreshing or implement your own robust session management logic, including storing and refreshing tokens. The `supabase-py` client's `auth` property often abstracts some of this, but if using `supabase-auth` standalone, explicit handling might be required.
gotcha Incorrectly setting `SUPABASE_URL` and `SUPABASE_ANON_KEY` or having misconfigured RLS (Row Level Security) policies on your Supabase project can lead to `AuthApiError` exceptions (e.g., 'Invalid API key' or 'Permission denied').
Fix: Double-check your environment variables and ensure they match your Supabase project settings. For RLS issues, verify that your database policies allow the intended operations for authenticated and unauthenticated users.

Install

pip install supabase-auth Install supabase-auth

Imports

AuthClient
```
from supabase_auth.client import AuthClient
```
AuthClient is located in the 'client' submodule.
User
```
from supabase_auth.types import User
```
User and other type definitions are in the 'types' submodule.

Quickstart

Initializes the `AuthClient` with your Supabase URL and anon key, then demonstrates basic user sign-up and sign-in operations. Remember to replace placeholder environment variables with your actual Supabase project credentials. Sign-up is commented out to prevent repeated user creation.

import os
from supabase_auth.client import AuthClient

# Ensure these environment variables are set
SUPABASE_URL = os.environ.get('SUPABASE_URL', 'YOUR_SUPABASE_URL')
SUPABASE_ANON_KEY = os.environ.get('SUPABASE_ANON_KEY', 'YOUR_SUPABASE_ANON_KEY')

if SUPABASE_URL == 'YOUR_SUPABASE_URL' or SUPABASE_ANON_KEY == 'YOUR_SUPABASE_ANON_KEY':
    print("Please set SUPABASE_URL and SUPABASE_ANON_KEY environment variables.")
else:
    try:
        auth_client = AuthClient(SUPABASE_URL, SUPABASE_ANON_KEY)

        # Example: Sign up a new user
        # Replace with unique email/password for testing
        user_email = 'test@example.com'
        user_password = 'strong-password'

        # try:
        #     response = auth_client.sign_up(user_email, user_password)
        #     print("Sign up response:", response.user)
        #     print("Session:", response.session)
        # except Exception as e:
        #     print(f"Sign up failed (might already exist): {e}")

        # Example: Sign in an existing user
        try:
            response = auth_client.sign_in(user_email, user_password)
            print("Sign in successful! User ID:", response.user.id)
            print("Access Token:", response.session.access_token)
        except Exception as e:
            print(f"Sign in failed: {e}")

        # Example: Get current user details (requires active session)
        if 'response' in locals() and response.session:
            try:
                current_user_response = auth_client.get_user(response.session.access_token)
                print("Current user email:", current_user_response.user.email)
            except Exception as e:
                print(f"Failed to get user details: {e}")

    except Exception as e:
        print(f"An error occurred during client initialization or operation: {e}")

view raw JSON →