This guide explains how to set up OAuth providers (GitHub, Google, etc.) for local Supabase development. This is optional – username/password authentication works out of the box.
To log in with GitHub against your local Supabase instance:
- Go to https://github.com/settings/developers → OAuth Apps → New OAuth App
- Use these settings:
- Application name:
DEVx Local - Homepage URL:
http://localhost:3000 - Authorization callback URL:
http://127.0.0.1:54321/auth/v1/callback
- Application name:
- After creating the app, copy the Client ID from the app's page
- Click "Generate a new client secret" and copy the secret
Add GitHub OAuth configuration to supabase/config.toml:
[auth.external.github]
enabled = true
client_id = "env(SUPABASE_AUTH_EXTERNAL_GITHUB_CLIENT_ID)"
secret = "env(SUPABASE_AUTH_EXTERNAL_GITHUB_SECRET)"Create supabase/.env (this file is git-ignored):
SUPABASE_AUTH_EXTERNAL_GITHUB_CLIENT_ID=your_client_id_here
SUPABASE_AUTH_EXTERNAL_GITHUB_SECRET=your_client_secret_heresupabase stop && supabase startSimilar steps apply for Google OAuth:
- Create OAuth credentials in the Google Cloud Console
- Set the authorized redirect URI to
http://127.0.0.1:54321/auth/v1/callback - Add to
supabase/config.toml:
[auth.external.google]
enabled = true
client_id = "env(SUPABASE_AUTH_EXTERNAL_GOOGLE_CLIENT_ID)"
secret = "env(SUPABASE_AUTH_EXTERNAL_GOOGLE_SECRET)"
skip_nonce_check = true- Add credentials to
supabase/.env
- Ensure the provider section exists in
supabase/config.tomlwithenabled = true - Verify environment variables are set in
supabase/.env - Restart Supabase:
supabase stop && supabase start
- Verify the callback URL in your OAuth app matches exactly:
http://127.0.0.1:54321/auth/v1/callback - Note: Use
127.0.0.1notlocalhostfor the callback URL