Login With Magic Link

Magic links are a form of passwordless logins where users click on a link sent to their email address to log in to their accounts. Magic links only work with email addresses. By default, a user can only request a magic link once every 60 seconds.

Overview#

Setting up Magic Link logins for your Supabase application.

Add the login code to your application - JavaScript | Flutter

Add Magic Link into your Supabase Project#

For Site URL, enter the final (hosted) URL of your app.
For Auth Providers, enable email provider.

caution

When making use of Magic Links with the PKCE Flow do bear in mind that links can only be used in the same browser that they are sent from. Consequently, a magic link sent from Chrome on Desktop will be invalid if used on a Mobile Device.

When your user signs in, call signInWithOtp() with their email address:

async function signInWithEmail() {
  const { data, error } = await supabase.auth.signInWithOtp({
    email: 'example@email.com',
    options: {
      emailRedirectTo: 'https://example.com/welcome',
    },
  })
}

When your user signs out, call signOut() to remove them from the browser session and any objects from localStorage:

async function signOut() {
  const { error } = await supabase.auth.signOut()
}

Resources#

Edit this page on GitHub

Login With Magic Link

Overview#

Add Magic Link into your Supabase Project#

Add login code to your client app#

Resources#