Authentication
Login with Email
Magic Link login provides a simple and secure way to authenticate users without passwords. Users only need to enter their email, receive a link, and follow it to log in.
- User enters their email in the app
- Supabase sends a login email with a magic link or verification code
- User enters the code and is automatically signed in
Email authentication is usually enabled by default when creating a new Supabase project.
Supabase Setup
Enable Email Provider
- Go to your Supabase Dashboard
- Navigate to Authentication → Providers
- Ensure that the Email provider is enabled (enabled by default in most cases)
- It’s recommended to enable Confirm email to require email verification on first login
Customize Email Templates
By default, Supabase sends a magic link for login. If you’re building a mobile app with Expo, it’s often better to use a confirmation code instead — which users enter manually.
To enable this flow:
-
Go to Authentication → Emails
-
Open the Confirm Signup and Magic Link tab
-
Edit the email content to show only the confirmation code (
{{ .Token }}) and remove the default link<h2>Welcome to ExpoLaunch</h2> <p>Use this 6-digit code to confirm your email:</p> <h1>{{ .Token }}</h1> <p>If you did not request this, you can ignore this email.</p> <p>Thanks,<br/> The ExpoLaunch Team</p> -
Optionally, adjust subject and styles
Test the Flow
- Run your app on a simulator or physical device
- Enter an email in the login form
- Check if the email arrives and verify the code works correctly
Notes
- You can adjust the OTP expiration time in Supabase authentication settings
- For production, it’s strongly recommended to set up a custom SMTP server