vasceannie/supabase
1
0
Fork 0
Code Issues Pull Requests Actions 8 Packages Projects Releases Wiki Activity

feat: add sso (enterprise login) docs under platform (#10924)

Browse Source 
* feat: add sso (enterprise login) docs under platform

* Update apps/docs/components/Navigation/NavigationMenu/NavigationMenu.constants.ts

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/enable-sso.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/enable-sso.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/enable-sso.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/enable-sso.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/sso-with-okta.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/sso-with-okta.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/sso-with-okta.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/sso-with-okta.mdx

Co-authored-by: dng <danny@supabase.io>

* Update apps/docs/pages/guides/platform/sso/sso-with-okta.mdx

Co-authored-by: dng <danny@supabase.io>

* Update headings and copy

* Rename files

* remove ids in meta (jonny)

* add access control section

* update sso guides

* update magiclink in ref docs

Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
Co-authored-by: dng <danny@supabase.io>
This commit is contained in:
Stojan Dimitrovski
2022-12-14 07:47:06 +01:00
committed by GitHub
parent 27149ffbec
commit 336023b77e
30 changed files with 529 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
apps/docs/components/Navigation/NavigationMenu/NavigationMenu.constants.ts
View File

@@ -481,6 +481,7 @@ export const platform = {
name: 'Platform Management',
url: undefined,
items: [
{ name: 'Access Control', url: '/guides/platform/access-control', items: [] },
{ name: 'Database Usage', url: '/guides/platform/database-usage', items: [] },
{ name: 'Logging', url: '/guides/platform/logs', items: [] },
{ name: 'Metrics', url: '/guides/platform/metrics', items: [] },
@@ -494,6 +495,24 @@ export const platform = {
{ name: 'Permissions', url: '/guides/platform/permissions', items: [] },
],
},
{
name: 'Single sign-on',
url: undefined,
items: [
{
name: 'Enable SSO for your organization',
url: '/guides/platform/sso',
items: [],
},
{ name: 'SSO with Azure AD', url: '/guides/platform/sso/azure', items: [] },
{
name: 'SSO with Google Workspace',
url: '/guides/platform/sso/gsuite',
items: [],
},
{ name: 'SSO with Okta', url: '/guides/platform/sso/okta', items: [] },
],
},
{
name: 'Go-live Checklist',
url: undefined,

3
apps/docs/pages/guides/auth/passwordless-login/email-otp-magic-link.mdx
View File

@@ -37,6 +37,9 @@ When your user signs in, call [signInWithOtp()](/docs/reference/javascript/auth-
async function signInWithEmail() {
const { data, error } = await supabase.auth.signInWithOtp({
email: 'example@email.com',
options: {
emailRedirectTo: 'https://example.com/welcome',
},
})
}
```

45
apps/docs/pages/guides/platform.mdx
View File

@@ -25,50 +25,7 @@ Each project on Supabase comes with:
## Organizations
Organizations are a way to group your projects. Each organization can be configured with different team members and billing settings.
## Manage team members
You can invite your team members into your organizations to collaborate on projects.
<video width="99%" muted playsInline controls="true">
<source src="/docs/videos/invite-team.mp4" type="video/mp4" muted playsInline />
</video>
You can also assign roles to your team members with different access levels. The table below shows the corresponding permissions for each available role in the Dashboard.
| Permissions | Owner | Administrator | Developer |
| ------------------------ | ----- | ------------- | --------- |
| **Organization** |
| Change organization name | ✅ | | |
| Delete organization | ✅ | | |
| **Members** |
| Add an Owner | ✅ | | |
| Remove an Owner | ✅ | | |
| Add an Administrator | ✅ | ✅ | |
| Remove an Administrator | ✅ | ✅ | |
| Add a Developer | ✅ | ✅ | |
| Remove a Developer | ✅ | ✅ | |
| Revoke an invite | ✅ | ✅ | |
| Resend an invite | ✅ | ✅ | |
| **Billing** |
| Read invoices | ✅ | ✅ | ✅ |
| Read billing email | ✅ | ✅ | ✅ |
| Change billing email | ✅ | | |
| View subscription | ✅ | ✅ | ✅ |
| Update subscription | ✅ | ✅ | |
| Read billing address | ✅ | ✅ | ✅ |
| Update billing address | ✅ | ✅ | |
| Read tax codes | ✅ | ✅ | ✅ |
| Update tax codes | ✅ | ✅ | |
| Read payment methods | ✅ | ✅ | ✅ |
| Update payment methods | ✅ | ✅ | |
| **Projects** |
| Create a project | ✅ | ✅ | |
| Delete a project | ✅ | ✅ | |
| Update a project | ✅ | ✅ | |
| Pause a project | ✅ | ✅ | |
| Resume a project | ✅ | ✅ | |
| Restart a project | ✅ | ✅ | ✅ |
Refer to [access control](/docs/guides/platform/access-control) for more information on how to manage team members within an organization.
## Platform status

85
apps/docs/pages/guides/platform/access-control.mdx Normal file
View File

@@ -0,0 +1,85 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
title: 'Access Control',
description: 'Roles and permissions at the organization level',
}
Supabase provides granular access control features that let you manage permissions across your organizations.
Within a Supabase organization, a member can have one of the following roles:
- Owner
- Administrator
- Developer
A default organization is created for a user when they first sign-in and
assigned the **Owner** role. If the user wants to invite others
to collaborate within the organization, they can visit the organization team
settings (`https://app.supabase.com/org/<org-slug>/settings#team`) to send an
invite link to another user's email. The invite expires after 24 hours.
Invites sent from a SSO account can only be accepted by another SSO account
coming from the same identity provider. This is a security measure that
prevents accidental invites to accounts not managed by your company's
enterprise systems.
Project level invites are not available at this time. A member of the
organization will be able to access all projects under the organization. If you
wish to restrict access to certain projects, please create another organization
to manage this.
## Manage team members
You can invite your team members into your organizations to collaborate on projects.
<video width="99%" muted playsInline controls="true">
<source src="/docs/videos/invite-team.mp4" type="video/mp4" muted playsInline />
</video>
### Permissions across roles [#permission-across-roles]
The table below shows the corresponding permissions for each available role you can assign a team member in the Dashboard.
| Permissions | Owner | Administrator | Developer |
| ------------------------ | ----- | ------------- | --------- |
| **Organization** |
| Change organization name | ✅ | | |
| Delete organization | ✅ | | |
| **Members** |
| Add an Owner | ✅ | | |
| Remove an Owner | ✅ | | |
| Add an Administrator | ✅ | ✅ | |
| Remove an Administrator | ✅ | ✅ | |
| Add a Developer | ✅ | ✅ | |
| Remove a Developer | ✅ | ✅ | |
| Revoke an invite | ✅ | ✅ | |
| Resend an invite | ✅ | ✅ | |
| Accept an invite[^1] | ✅ | ✅ | ✅ |
| **Billing** |
| Read invoices | ✅ | ✅ | ✅ |
| Read billing email | ✅ | ✅ | ✅ |
| Change billing email | ✅ | | |
| View subscription | ✅ | ✅ | ✅ |
| Update subscription | ✅ | ✅ | |
| Read billing address | ✅ | ✅ | ✅ |
| Update billing address | ✅ | ✅ | |
| Read tax codes | ✅ | ✅ | ✅ |
| Update tax codes | ✅ | ✅ | |
| Read payment methods | ✅ | ✅ | ✅ |
| Update payment methods | ✅ | ✅ | |
| **Projects** |
| Create a project | ✅ | ✅ | |
| Delete a project | ✅ | ✅ | |
| Update a project | ✅ | ✅ | |
| Pause a project | ✅ | ✅ | |
| Resume a project | ✅ | ✅ | |
| Restart a project | ✅ | ✅ | ✅ |
[^1]:
If the invite was sent from a SSO account, it can only be accepted from
a user signed in via the same identity provider.
export const Page = ({ children }) => <Layout meta={meta} children={children} />
export default Page

54
apps/docs/pages/guides/platform/sso.mdx Normal file
View File

@@ -0,0 +1,54 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
title: 'Enable SSO for Your Organization',
description: 'General information about enabling single sign-on (SSO) for your organization',
}
Supabase offers single sign-on (SSO) as a login option to provide additional
account security for your team. This allows company administrators to enforce
the use of an identity provider when logging into Supabase. SSO
improves the onboarding and offboarding experience of the company as the
employee only needs a single set of credentials to access third-party
applications or tools—which can also be revoked easily by an administrator.
<Admonition type="note">
Supabase currently provides SAML SSO. Please contact [Enterprise
Sales](https://supabase.com/contact/enterprise) to have this enabled for your
organization.
</Admonition>
## Understanding setup and implications
Accounts signing in with SSO have certain limitations.
The following sections outline the limitations when SSO is enabled or disabled for your team.
### Enable SSO for your team [#enable-sso]
- Organization invites are restricted to members of the company that belong to
the same identity provider.
- Every user has an organization created by default. They can create as many
projects as they want.
- An SSO user will not be able to update their password or reset their
password since their access is managed by the company administrator via the
identity provider.
- If an SSO user with the following email of `alice@foocorp.com` attempts to
sign-in with a GitHub account that uses the same email, a separate Supabase
account is created and will not be linked to the SSO user's account.
- An SSO user will not be able to see all organizations / projects created
under the same identity provider. They will need to be invited to the
Supabase organization first. Refer to [access control](/docs/guides/platform/access-control)
for more information.
### Disable SSO for your team [#disable-sso]
- You can prevent a user's account from further access to Supabase by removing
or disabling their account in your identity provider.
- You should also remove or downgrade their permissions from any organizations
inside Supabase.
export const Page = ({ children }) => <Layout meta={meta} children={children} />
export default Page

128
apps/docs/pages/guides/platform/sso/azure.mdx Normal file
View File

@@ -0,0 +1,128 @@
import Layout from '~/layouts/DefaultGuideLayout'
import { Button, IconArrowDown } from 'ui'
export const meta = {
title: 'Set Up SSO with Azure AD',
description: 'Configure single sign-on with Azure AD (Microsoft Entra).',
}
Supabase supports single sign-on (SSO) using Microsoft Azure AD.
## Step 1: Add and register an Enterprise Application [#add-and-register-enterprise-application]
Open up the [Azure Active
Directory](https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/Overview)
dashboard for your Azure account.
Click the _Add_ button then _Enterprise application_.
![Azure AD console: Default Directory Overview](/docs/img/sso-azure-step-01.png)
## Step 2: Choose Create your own application [#create-application]
You'll be using the custom enterprise application setup for Supabase.
![Azure AD console: Browse Azure AD Gallery, select: Create your own
application](/docs/img/sso-azure-step-02.png)
## Step 3: Fill in application details [#add-application-details]
In the modal titled _Create your own application_ enter the name you wish
Supabase to be available to your Azure AD users. `Supabase` works in most
cases.
Make sure to choose the third option: _Integrate any other application you
don't find in the gallery (Non-gallery)_.
![Azure AD console: Create your own application modal](/docs/img/sso-azure-step-03.png)
## Step 4: Choose the Set up single sign-on option [#set-up-single-sign-on]
Before you get to assigning users and groups, which would allow accounts in
Azure AD to access Supabase, you need to configure the SAML details that allows
Supabase to accept sign in requests from Azure AD.
![Azure AD console: Supabase custom enterprise application, selected Set up
single sign-on](/docs/img/sso-azure-step-04.png)
## Step 5: Select SAML single sign-on method [#saml-sso]
Supabase only supports the SAML 2.0 protocol for Single Sign-On, which is an
industry standard.
![Azure AD console: Supabase application, Single sign-on configuration screen,
selected SAML](/docs/img/sso-azure-step-05.png)
## Step 6: Upload SAML-based Sign-on metadata file [#upload-saml-metadata]
First you need to download Supabase's SAML metadata file. Click the button
below to initiate a download of the file.
<a href="https://alt.supabase.io/auth/v1/sso/saml/metadata?download=true">
<Button size="large" icon={<IconArrowDown />}>
Download Supabase SAML Metadata File
</Button>
</a>
Alternatively, visit this page to initiate a download: `https://alt.supabase.io/auth/v1/sso/saml/metadata?download=true`
Click on the _Upload metadata file_ option in the toolbar and select the file
you just downloaded.
![Azure AD console: Supabase application, SAML-based Sign-on screen,
selected Upload metadata file button](/docs/img/sso-azure-step-06-1.png)
All of the correct information should automatically populate the _Basic SAML
Configuration_ screen as shown.
![Azure AD console: Supabase application, SAML-based Sign-on screen,
Basic SAML Configuration shown](/docs/img/sso-azure-step-06-2.png)
**Make sure you input these additional settings.**
| Setting | Value |
| ----------- | -------------------------------------- |
| Sign on URL | `https://app.supabase.com/sign-in-sso` |
| Relay State | `https://app.supabase.com` |
Finally, click the _Save_ button to save the configuration.
## Step 7: Obtain metadata URL and send to Supabase [#send-metadata-url]
Supabase needs to finalize enabling single sign-on with your Azure AD
application. To do this, please copy and send the link under **App Federation
Metadata Url** in \*section 3 **SAML Certificates\*** to your support
contact and await further instructions. If you're not clear who to send this
link to or need further assistance, please reach out to
[support@supabase.com](mailto:support@supabase.com).
**Do not test the login until you have heard back from the support contact.**
![Azure AD console: Supabase application, SAML Certificates card
shown, App Federation Metadata Url highlighted](/docs/img/sso-azure-step-07.png)
## Step 8: Wait for confirmation [#confirmation]
Please wait for confirmation or further instructions from your support contact
at Supabase before proceeding to the next step. It usually takes us 1 business
day to configure SSO for you.
## Step 9: Test single sign-on [#testing]
_Testing sign-on before your Azure AD has been registered with Supabase will
not work. Make sure you've received confirmation from your support contact at
Supabase as laid out in the [confirmation](#confirmation) step._
Once youve received confirmation from your support contact at Supabase that
SSO setup has been completed for your enterprise, you can ask some of your
users to sign in via their Azure AD account.
You ask them to enter their email address on the [Sign in with
SSO](https://app.supabase.com/sign-in-sso) page.
If sign in is not working correctly, please reach out to your support contact
at Supabase for further guidance.
export const Page = ({ children }) => <Layout meta={meta} children={children} />
export default Page

123
apps/docs/pages/guides/platform/sso/gsuite.mdx Normal file
View File

@@ -0,0 +1,123 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
title: 'Set Up SSO with Google Workspace',
description: 'Configure single sign-on with Google Workspace (GSuite).',
}
Supabase supports single sign-on (SSO) using Google Workspace (formerly known
as GSuite).
## Step 1: Open the Google Workspace Web and mobile apps console [#google-workspace-console]
![Google Workspace: Web and mobile apps admin
console](/docs/img/sso-gsuite-step-01.png)
## Step 2: Choose Add custom SAML app [#add-custom-saml-app]
From the _Add app_ button in the toolbar choose _Add custom SAML app_.
![Google Workspace: Web and mobile apps admin console, Add custom SAML app
selected](/docs/img/sso-gsuite-step-02.png)
## Step 3: Fill out app details [#add-app-details]
The information you enter here is for visibility into your Google Workspace.
You can choose any values you like. `Supabase` as a name works well for most
use cases. Optionally enter a description.
![Google Workspace: Web and mobile apps admin console, Add custom SAML, App
details screen](/docs/img/sso-gsuite-step-03.png)
## Step 4: Download IdP metadata [#download-idp-metadata]
This is a very important step. Click on _DOWNLOAD METADATA_ and save the file
that was downloaded.
![Google Workspace: Web and mobile apps admin console, Add custom SAML, Google
Identity Provider details screen](/docs/img/sso-gsuite-step-04.png)
It's very important to send this file to your support contact at Supabase to
complete the SSO setup process. If you're not sure where to send this file, you
can always reach us at [support@supabase.com](mailto:support@supabase.com).
**Important: Make sure the certificate as shown on screen has at least 1 year
before it expires. Mark down this date in your calendar so you will be reminded
that you need to update the certificate without any downtime for your users.**
## Step 5: Add service provider details [#add-service-provider-details]
Fill out these serivce provider details on the next screen.
| Detail | Value |
| -------------- | --------------------------------------------------- |
| ACS URL | `https://alt.supabase.io/auth/v1/sso/saml/acs` |
| Entity ID | `https://alt.supabase.io/auth/v1/sso/saml/metadata` |
| Start URL | `https://app.supabase.com` |
| Name ID format | PERSISTENT |
| Name ID | _Basic Information > Primary email_ |
![Google Workspace: Web and mobile apps admin console, Add custom SAML,
Service provider details screen](/docs/img/sso-gsuite-step-05.png)
## Step 6: Configure Attribute mapping [#configure-attribute-mapping]
Attribute mappings allow Supabase to get information about your Google
Workspace users on each login.
**A _Primary email_ to `email` mapping is required to exist.** Other mappings
shown below are optional and configurable depending on your Google Workspace
setup. If in doubt, replicate the same config as shown.
Please share any changes, if any, from this screen with your Supabase support
contact.
![Google Workspace: Web and mobile apps admin console, Add custom SAML,
Attribute mapping](/docs/img/sso-gsuite-step-06.png)
## Step 7: Wait for confirmation [#confirmation]
Once youve configured the Google Workspace app as shown above, make sure you
send the [metadata file you downloaded](#download-idp-metadata)
and information regarding the [attribute mapping](#configure-attribute-mappings) (if any
changes are applicable) to your support contact at Supabase.
This information needs to be entered into Supabase before SSO is activated
end-to-end.
Wait for confirmation that this information has successfully been added to
Supabase. It usually takes us 1 business day to configure this information
for you.
Supabase.
## Step 8: Configure user access [#configure-user-access]
You can configure which Google Workspace user accounts will get access to
Supabase. This is important if you wish to limit access to your software
engineering teams.
You can configure this access by clicking on the _User
access_ card (or down-arrow). Follow the instructions on screen.
Changes from this step sometimes take a while to propagate across Googles
systems. Please wait at least 15 minutes before proceeding to the next step.
![Google Workspace: Web and mobile apps admin console, Supabase app
screen](/docs/img/sso-gsuite-step-08.png)
## Step 9: Test single sign-on [#testing]
Once youve turned on access to Supabase for users in your organization, ask
one of those users to help you out in testing the setup.
It often helps to ask them to log out of their Google account and log back in.
Ask them to enter their email addres in the [Sign in with
SSO](https://app.supabase.com/sign-in-sso) page.
If sign in is not working correctly, please reach out to your support contact
at Supabase.
export const Page = ({ children }) => <Layout meta={meta} children={children} />
export default Page

112
apps/docs/pages/guides/platform/sso/okta.mdx Normal file
View File

@@ -0,0 +1,112 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
title: 'Set Up SSO with Okta',
description: 'Configure single sign-on with Okta.',
}
Supabase supports single sign-on (SSO) using Okta.
## Step 1: Choose Create App Integration in the Applications dashboard [#create-app-integration]
Navigate to the Applications dashboard of the Okta admin console. Choose the
_Create App Integration_ button from the toolbar.
![Okta dashboard: Create App Integration
button](/docs/img/sso-okta-step-01.png)
## Step 2: Choose SAML 2.0 in the app integration dialog [#create-saml-app]
Supabase supports the SAML 2.0 SSO protocol. Choose it from the _Create a new
app integration_ dialog.
![Okta dashboard: Create new app integration dialog](/docs/img/sso-okta-step-02.png)
## Step 3: Fill out General Settings [#add-general-settings]
The information you enter here is for visibility into your Okta applications
menu. You can choose any values you like. `Supabase` as a name works well for
most use cases.
![Okta dashboard: Create SAML Integration
wizard](/docs/img/sso-okta-step-03.png)
## Step 4: Fill out SAML Settings [#add-saml-settings]
These settings let Supabase use SAML 2.0 properly with your Okta application.
Make sure you enter this information exactly as shown on in this table and
screenshot.
| Setting | Value |
| ---------------------------------------------- | ---------------------------------------------------- |
| Single sign-on URL | `https://app.supabase.com/auth/v1/sso/saml/acs` |
| Use this for Recipient URL and Destination URL | ✔️ |
| Audience URI (SP Entity ID) | `https://app.supabase.com/auth/v1/sso/saml/metadata` |
| Default RelayState | `https://app.supabase.com` |
| Name ID format | EmailAddress |
| Application username | Email |
| Update application username on | Create and update |
![Okta dashboard: Create SAML Integration
wizard, Configure SAML step](/docs/img/sso-okta-step-04.png)
## Step 5: Fill out Attribute Statements [#add-attribute-statements]
Attribute Statements allow Supabase to get information about your Okta users on each login.
**A `email` to `user.email` statement is required to exist.** Other mappings
shown below are optional and configurable depending on your Okta
setup. If in doubt, replicate the same config as shown.
Please share any changes, if any, from this screen with your Supabase support
contact.
![Okta dashboard: Attribute Statements configuration
screen](/docs/img/sso-okta-step-05.png)
## Step 6: Obtain IdP metadata URL [#idp-metadata-url]
Supabase needs to finalize enabling single sign-on with your Okta
application.
To do this scroll down to the _SAML Signing Certificates_ section on the _Sign
On_ tab of the _Supabase_ application. Pick the the _SHA-2_ row with an
_Active_ status. Click on the _Actions_ dropdown button and then on the _View
IdP Metadata_.
This will open up the SAML 2.0 Metadata XML file in a new tab in your browser.
Copy this URL and send it to your support contact and await further
instructions. If you're not clear who to send this link to or need further
assistance, please reach out to
[support@supabase.com](mailto:support@supabase.com).
The link usually has this structure: `https://<okta-org>.okta.com/apps/<app-id>/sso/saml/metadata`
![Okta dashboard: SAML Signing Certificates, Actions button highlighted](/docs/img/sso-okta-step-06.png)
## Step 7: Wait for confirmation [#confirmation]
Once youve configured the Okta app as shown above, make sure you send the
[metadata URL](#idp-metadata-url) and information regarding the
[attribute statements](#add-attribute-statements) (if any changes are applicable) to
your support contact at Supabase.
Wait for confirmation that this information has successfully been added to
Supabase. It usually takes us 1 business day to configure this information
for you.
## Step 8: Test single sign-on [#testing]
Once youve received confirmation from your support contact at Supabase that
SSO setup has been completed for your enterprise, you can ask some of your
users to sign in via their Okta account.
You ask them to enter their email address on the [Sign in with
SSO](https://app.supabase.com/sign-in-sso) page.
If sign in is not working correctly, please reach out to your support contact
at Supabase for further guidance.
export const Page = ({ children }) => <Layout meta={meta} children={children} />
export default Page

BIN
apps/docs/public/img/sso-azure-step-01.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 258 KiB

BIN
apps/docs/public/img/sso-azure-step-02.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 333 KiB

BIN
apps/docs/public/img/sso-azure-step-03.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 360 KiB

BIN
apps/docs/public/img/sso-azure-step-04.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 554 KiB

BIN
apps/docs/public/img/sso-azure-step-05.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 436 KiB

BIN
apps/docs/public/img/sso-azure-step-06-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 441 KiB

BIN
apps/docs/public/img/sso-azure-step-06-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 696 KiB

BIN
apps/docs/public/img/sso-azure-step-07.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 144 KiB

BIN
apps/docs/public/img/sso-gsuite-step-01.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 206 KiB

BIN
apps/docs/public/img/sso-gsuite-step-02.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 370 KiB

BIN
apps/docs/public/img/sso-gsuite-step-03.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 115 KiB

BIN
apps/docs/public/img/sso-gsuite-step-04.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 251 KiB

BIN
apps/docs/public/img/sso-gsuite-step-05.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 172 KiB

BIN
apps/docs/public/img/sso-gsuite-step-06.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 188 KiB

BIN
apps/docs/public/img/sso-gsuite-step-08.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 302 KiB

BIN
apps/docs/public/img/sso-okta-step-01.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 230 KiB

BIN
apps/docs/public/img/sso-okta-step-02.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 400 KiB

BIN
apps/docs/public/img/sso-okta-step-03.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 231 KiB

BIN
apps/docs/public/img/sso-okta-step-04.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 444 KiB

BIN
apps/docs/public/img/sso-okta-step-05.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 269 KiB

BIN
apps/docs/public/img/sso-okta-step-06.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 568 KiB

4
spec/supabase_js_v2.yml
View File

@@ -212,6 +212,7 @@ functions:
notes: |
- Requires either an email or phone number.
- This method is used for passwordless sign-ins where a OTP is sent to the user's email or phone number.
- If the user doesn't exist, `signInWithOtp()` will signup the user instead. To restrict this behaviour, you can set `shouldCreateUser` in `SignInWithPasswordlessCredentials.options` to `false`.
- If you're using an email, you can configure whether you want the user to receive a magiclink or a OTP.
- If you're using phone, you can configure whether you want the user to receive a OTP.
- The magic link's destination URL is determined by the [`SITE_URL`](https://supabase.com/docs/reference/auth/config#site_url). You can modify the `SITE_URL` or add additional redirect urls in [your project](https://app.supabase.com/project/_/auth/settings).
@@ -224,6 +225,9 @@ functions:
```js
const { data, error } = await supabase.auth.signInWithOtp({
email: 'example@email.com',
options: {
emailRedirectTo: 'https://example.com/welcome'
}
})
```
- id: sign-in-with-sms-otp