Supabase

Authentication

Understanding authentication and user data in your application

How User Data is Stored

When a user signs up or signs in, here's what happens in your database:

1. Supabase Auth

Supabase automatically manages the auth.users table, which stores:

  • User credentials (securely hashed)
  • Email verification status
  • Last sign in time
  • Authentication method (email, OAuth, etc.)

2. User Profile Data

Your application stores additional user information in the users table:

  • Basic profile (name, avatar)
  • Billing information
  • Terms acceptance
  • Account preferences

3. Data Security

Your user data is protected by Row Level Security (RLS) policies that ensure:

  • Users can only read their own profile data
  • Users can only update their own information
  • Public data (if any) is explicitly defined

What Happens on Sign Up

  1. User submits sign up form with email and password
  2. Supabase creates a new record in auth.users
  3. A new profile is automatically created in your users table
  4. The user can now sign in and access their data according to RLS policies

Quick Implementation

Add a sign-in button to your application:

"use client";


import { Button } from "@/components/ui/button";
import Link from "next/link";


export function SignInButton() {
  return (
    <Link href="/auth/signin">
      <Button variant="default">
        Sign In
      </Button>
    </Link>
  );
}

This will redirect users to the built-in authentication page where they can sign in or create a new account.

Next Steps

Explore the Database

View your user data in the Supabase dashboard under the Authentication and Database sections.

Test the Flow

Try signing up a test user and observe how the data is stored across the tables.