All Products
Search

This Product

    ApsaraDB RDS:Authentication

    Document Center

    ApsaraDB RDS:Authentication

    Last Updated:Dec 11, 2025

    The Authentication module for RDS Supabase provides a comprehensive user management system. It supports multiple authentication methods and can be integrated into your application as a standalone module.

    Basic operations

    Create a new user

    1. Email registration.

      To enable email registration, you must first configure your mail server (SMTP) settings in the Supabase Auth configuration on the Alibaba Cloud Management Console. The following parameters are required:

      GOTRUE_SMTP_PORT                 # SMTP port: The port number of the SMTP server used to send emails (for example, 587 or 465)
GOTRUE_EXTERNAL_EMAIL_ENABLED    # Enable external email logon: Specifies whether to allow users to register and log on using email
GOTRUE_SMTP_SENDER_NAME          # Email sender name: The sender name displayed in the email (for example, "Supabase Support Team")
GOTRUE_SMTP_USER                 # SMTP username: The username used to log on to the SMTP server (usually an email address)
GOTRUE_SMTP_PASS                 # SMTP password: The password or application-specific password used to log on to the SMTP server
GOTRUE_SMTP_ADMIN_EMAIL          # Administrator email: The administrator's recipient or sender email address for system emails
GOTRUE_SMTP_HOST                 # SMTP host: The SMTP server address (for example, smtp.gmail.com or smtp.mailgun.org)
GOTRUE_MAILER_AUTOCONFIRM        # Auto-confirm email: Specifies whether to skip email verification and automatically confirm the user (commonly used in development environments)
GOTRUE_SITE_URL                  # Frontend website URL: The URL of the target frontend page to which the user is redirected after an operation (for example, after a password reset)
API_EXTERNAL_URL                 # External API endpoint: The externally accessible API address (for example, https://api.xxx.com), used for callbacks or notifications

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signUp({
  email: 'example@email.com',
  password: 'example-password',
})

    2. Phone number registration.

      You can register with a phone number in two ways: SMS Webhook and Alibaba Cloud SMS Provider.

      SMS Webhook: This method requires you to configure a webhook for an SMS service. Supabase calls this hook to send verification text messages. Set the following parameters in the Supabase Auth configuration on the Alibaba Cloud Management Console:

      GOTRUE_HOOK_SEND_SMS_ENABLED     # Specifies whether to enable the SMS sending feature
GOTRUE_HOOK_SEND_SMS_URI         # The HTTPS service address for sending confirmation text messages
GOTRUE_HOOK_SEND_SMS_SECRETS     # A hook key that must be in a specific format. It is a Base64-encoded string that starts with v1,whsec_
GOTRUE_SMS_AUTOCONFIRM=false     # Specifies whether to automatically confirm the SMS
GOTRUE_SMS_OTP_EXP=60            # The validity period of the SMS OTP, in seconds

      Alibaba Cloud SMS Provider: This method requires you to configure the signature and template for the Alibaba Cloud SMS service. You must also configure the AccessKey pair (AK/SK) that has permissions for the Alibaba Cloud SMS service (AliyunDysmsFullAccess and AliyunDypnsFullAccess).

      GOTRUE_SMS_PROVIDER=aliyun                 # The SMS provider. Can be set to aliyun.
GOTRUE_SMS_ALIYUN_ACCESS_KEY_ID=xxx        # The Alibaba Cloud AccessKey ID.
GOTRUE_SMS_ALIYUN_ACCESS_KEY_SECRET=xxx    # The Alibaba Cloud AccessKey secret.
GOTRUE_SMS_ALIYUN_REGION_ID=cn-beijing     # The region of Alibaba Cloud SMS. Can be the same region as your Supabase configuration.
GOTRUE_SMS_ALIYUN_SIGN_NAME=Sutong Internet Captcha.  # The name of the Alibaba Cloud SMS signature.
GOTRUE_SMS_ALIYUN_TEMPLATE_CODE=100001     # The template code for Alibaba Cloud SMS.
GOTRUE_SMS_ALIYUN_IS_TEST=true             # If you use the default signature and template from the Alibaba Cloud SMS system (https://dypns.console.aliyun.com/smsServiceOverview), set GOTRUE_SMS_ALIYUN_IS_TEST to true. If you use your own signature and template, you do not need to configure this parameter, or you can set it to false.
GOTRUE_SMS_AUTOCONFIRM=false               # Specifies whether to automatically confirm the SMS.
GOTRUE_SMS_OTP_EXP=60                      # The validity period of the SMS OTP, in seconds.
      Note

      When both SMS Webhook and Alibaba Cloud SMS Provider are configured, the SMS Webhook method takes precedence because SMS Webhook has a higher priority.

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signUp({
  phone: '1381111****',
  password: 'example-password',
  options: {
    channel: 'sms'
  }
})

    3. Alipay authentication.

      To enable Alipay logon, set the following parameters in the Supabase Auth configuration on the Alibaba Cloud Management Console:

      GOTRUE_EXTERNAL_ALIPAY_ENABLED      # Specifies whether to enable Alipay logon
GOTRUE_EXTERNAL_ALIPAY_CLIENT_ID    # The AppID of the Alipay application
GOTRUE_EXTERNAL_ALIPAY_SECRET       # The AppSecret of the Alipay application
GOTRUE_EXTERNAL_ALIPAY_REDIRECT_URI # The authorization callback URL. Format: http(s)://your-supabase-url/auth/v1/callback

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'alipay',
})

    4. WeChat authentication.

      To enable WeChat logon, set the following parameters in the Supabase Auth configuration on the Alibaba Cloud Management Console:

      GOTRUE_EXTERNAL_WECHAT_ENABLED      # Specifies whether to enable WeChat logon
GOTRUE_EXTERNAL_WECHAT_CLIENT_ID    # The AppID of the WeChat application
GOTRUE_EXTERNAL_WECHAT_SECRET       # The AppSecret of the WeChat application
GOTRUE_EXTERNAL_WECHAT_REDIRECT_URI # The authorization callback URL. Format: http(s)://your-supabase-url/auth/v1/callback

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'wechat',
})

    5. Google authentication.

      To enable Google logon, set the following parameters in the Supabase Auth configuration on the Alibaba Cloud Management Console:

      GOTRUE_EXTERNAL_GOOGLE_ENABLED      # Specifies whether to enable Google logon
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID    # The Google OAuth client ID
GOTRUE_EXTERNAL_GOOGLE_SECRET       # The Google OAuth client secret
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI # The authorization callback URL. Format: http(s)://your-supabase-url/auth/v1/callback

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'google',
})

    6. GitHub authentication.

      To enable GitHub logon, set the following parameters in the Supabase Auth configuration on the Alibaba Cloud Management Console:

      GOTRUE_EXTERNAL_GITHUB_ENABLED      # Specifies whether to enable GitHub logon
GOTRUE_EXTERNAL_GITHUB_CLIENT_ID    # The Client ID of the GitHub OAuth App
GOTRUE_EXTERNAL_GITHUB_SECRET       # The Client Secret of the GitHub OAuth App
GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI # The authorization callback URL. Format: http(s)://your-supabase-url/auth/v1/callback

      After configuration, call the following method:

      const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'github',
})

    Log on a user

    You can log on a user with an email and password, a phone number and password, or a third-party provider.

    // Log on with email
const { data, error } = await supabase.auth.signInWithPassword({
  email: 'example@email.com',
  password: 'example-password',
})

// Log on with phone number
const { data, error } = await supabase.auth.signInWithPassword({
  phone: '+1381111****',
  password: 'some-password',
})

// Log on with a third-party OAuth provider
const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'provider_name'
})
// Possible values for provider:
// 'alipay'  - Alipay logon
// 'wechat'  - WeChat logon  
// 'google'  - Google logon
// 'github'  - GitHub logon

    Update a user

    You can update the personal information of a logged-on user. Note that a user must be logged on to call the updateUser() method.

    // Update email
const { data, error } = await supabase.auth.updateUser({
  email: 'new****@email.com'
})

// Update password
const { data, error } = await supabase.auth.updateUser({
  password: 'new password'
})

    Log off a user

    You can log off the currently logged-on user.

    const { error } = await supabase.auth.signOut()

    References

    • For more information about Supabase authentication, see Auth.

    • For more information about the Supabase JavaScript software development kit (SDK), see JavaScript.

    • For more information about phone number logon, see phone-login.

    • For more information about SMS hooks, see SMS Hook.