articleschannelstagsspacestoolkit
Supabase Blog

Supabase Auth: Bring-your-own Auth0, Cognito, or Firebase

View Original
thumbnail

Table of Contents

  • Support for third-party Auth providers
  • Phone-based Multi-factor Authentication
  • Auth Hooks for SMS and Email

Support for third-party Auth providers

Supabase now offers the ability to integrate third-party authentication providers, such as Auth0, alongside its native auth offering. This feature aims to simplify the migration process for applications with large user bases. Developers can evaluate and test third-party providers using the Supabase CLI, ensuring a disruption-free migration experience.

Phone-based Multi-factor Authentication

In addition to app-based authenticators, Supabase has extended its multi-factor authentication (MFA) support to include SMS and WhatsApp. Developers can now implement MFA via SMS, providing a user-friendly option for non-tech-savvy individuals. However, it's important to note that SMS-based MFA may pose security risks, such as SIM-swapping attacks.

Auth Hooks for SMS and Email

Supabase has introduced new Auth Hooks that support HTTP endpoints as webhooks. For email notifications, developers can now customize email templates and delivery using the "Send Email" Auth Hook. Similarly, for SMS notifications, developers have the flexibility to integrate their preferred SMS sending provider by specifying a custom HTTP endpoint to handle message delivery.