Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@mastra/auth-supabase

Package Overview
Dependencies
Maintainers
11
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@mastra/auth-supabase

Mastra Supabase Auth integration

Source
npmnpm
Version
0.10.4
Version published
Weekly downloads
410
51.29%
Maintainers
11
Weekly downloads
 
Created
Source

@mastra/auth-supabase

A Supabase authentication integration for Mastra, providing seamless authentication and authorization capabilities using Supabase's authentication system.

Installation

npm install @mastra/auth-supabase
# or
yarn add @mastra/auth-supabase
# or
pnpm add @mastra/auth-supabase

Usage

import { Mastra } from '@mastra/core';
import { MastraAuthSupabase } from '@mastra/auth-supabase';

// Initialize with environment variables
const auth = new MastraAuthSupabase();

// Or initialize with explicit configuration
const auth = new MastraAuthSupabase({
  url: 'your-supabase-url',
  anonKey: 'your-supabase-anon-key',
});

// Enable auth in Mastra
const mastra = new Mastra({
  ...
  server: {
    experimental_auth: auth,
  },
});

Configuration

The package can be configured in two ways:

  • Environment Variables:

    • SUPABASE_URL: Your Supabase project URL
    • SUPABASE_ANON_KEY: Your Supabase anonymous key

  • Constructor Options:

    interface MastraAuthSupabaseOptions {
  url?: string;
  anonKey?: string;
}

Features

  • Authentication: Verifies user tokens and retrieves user information from Supabase
  • Authorization: Checks user permissions based on their role in Supabase
  • Type Safety: Full TypeScript support with proper type definitions
  • Environment Variable Support: Easy configuration through environment variables

API

authenticateToken(token: string)

Authenticates a user token and returns the user information if valid.

authorizeUser(user: User)

Checks if a user has the required permissions (currently checks for admin status).

Requirements

  • Node.js 16 or higher
  • Supabase project with authentication enabled
  • Supabase URL and anonymous key

License

Elastic-2.0

FAQs

Package last updated on 26 Aug 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Research

/

Security News

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.

By Olivia Brown  -  Oct 11, 2025
Socket Integrates With Bun 1.3’s Security Scanner API

Security News

Socket Integrates With Bun 1.3’s Security Scanner API

Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.

By Ahmad Nassri, Bradley Meck Farias  -  Oct 10, 2025