# A string used to distinguish different Supabase projects on the same host. Defaults to the # working directory name when running `supabase init`. project_id = "ext-crud-rs" [api] enabled = true # Port to use for the API URL. port = 54321 # Schemas to expose in your API. Tables, views and stored procedures in this schema will get API # endpoints. `public` is always included. schemas = ["public", "graphql_public"] # Extra schemas to add to the search_path of every request. `public` is always included. extra_search_path = ["public", "extensions"] # The maximum number of rows returns from a view, table, or stored procedure. Limits payload size # for accidental or malicious requests. max_rows = 1000 [api.tls] enabled = false [db] # Port to use for the local database URL. port = 54322 # Port used by db diff command to initialize the shadow database. shadow_port = 54320 # The database major version to use. This has to be the same as your remote database's. Run `SHOW # server_version;` on the remote database to check. major_version = 15 [db.pooler] enabled = false # Port to use for the local connection pooler. port = 54329 # Specifies when a server connection can be reused by other clients. # Configure one of the supported pooler modes: `transaction`, `session`. pool_mode = "transaction" # How many server connections to allow per user/database pair. default_pool_size = 20 # Maximum number of client connections allowed. max_client_conn = 100 [realtime] enabled = true # Bind realtime via either IPv4 or IPv6. (default: IPv4) # ip_version = "IPv6" # The maximum length in bytes of HTTP request headers. (default: 4096) # max_header_length = 4096 [studio] enabled = true # Port to use for Supabase Studio. port = 54323 # External URL of the API server that frontend connects to. api_url = "http://127.0.0.1" # OpenAI API Key to use for Supabase AI in the Supabase Studio. openai_api_key = "env(OPENAI_API_KEY)" # Email testing server. Emails sent with the local dev setup are not actually sent - rather, they # are monitored, and you can view the emails that would have been sent from the web interface. [inbucket] enabled = true # Port to use for the email testing server web interface. port = 54324 # Uncomment to expose additional ports for testing user applications that send emails. # smtp_port = 54325 # pop3_port = 54326 [storage] enabled = true # The maximum file size allowed (e.g. "5MB", "500KB"). file_size_limit = "50MiB" [storage.image_transformation] enabled = true # Uncomment to configure local storage buckets # [storage.buckets.images] # public = false # file_size_limit = "50MiB" # allowed_mime_types = ["image/png", "image/jpeg"] # objects_path = "./images" [auth] enabled = true # The base URL of your website. Used as an allow-list for redirects and for constructing URLs used # in emails. site_url = "http://127.0.0.1:3000" # A list of *exact* URLs that auth providers are permitted to redirect to post authentication. additional_redirect_urls = ["https://127.0.0.1:3000"] # How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week). jwt_expiry = 3600 # If disabled, the refresh token will never expire. enable_refresh_token_rotation = true # Allows refresh tokens to be reused after expiry, up to the specified interval in seconds. # Requires enable_refresh_token_rotation = true. refresh_token_reuse_interval = 10 # Allow/disallow new user signups to your project. enable_signup = true # Allow/disallow anonymous sign-ins to your project. enable_anonymous_sign_ins = false # Allow/disallow testing manual linking of accounts enable_manual_linking = false [auth.email] # Allow/disallow new user signups via email to your project. enable_signup = true # If enabled, a user will be required to confirm any email change on both the old, and new email # addresses. If disabled, only the new email is required to confirm. double_confirm_changes = true # If enabled, users need to confirm their email address before signing in. enable_confirmations = false # Controls the minimum amount of time that must pass before sending another signup confirmation or password reset email. max_frequency = "1s" # Use a production-ready SMTP server # [auth.email.smtp] # host = "smtp.sendgrid.net" # port = 587 # user = "apikey" # pass = "env(SENDGRID_API_KEY)" # admin_email = "admin@email.com" # sender_name = "Admin" # Uncomment to customize email template # [auth.email.template.invite] # subject = "You have been invited" # content_path = "./supabase/templates/invite.html" [auth.sms] # Allow/disallow new user signups via SMS to your project. enable_signup = true # If enabled, users need to confirm their phone number before signing in. enable_confirmations = false # Template for sending OTP to users template = "Your code is {{ .Code }} ." # Controls the minimum amount of time that must pass before sending another sms otp. max_frequency = "5s" # Use pre-defined map of phone number to OTP for testing. # [auth.sms.test_otp] # 4152127777 = "123456" # Configure logged in session timeouts. # [auth.sessions] # Force log out after the specified duration. # timebox = "24h" # Force log out if the user has been inactive longer than the specified duration. # inactivity_timeout = "8h" # This hook runs before a token is issued and allows you to add additional claims based on the authentication method used. # [auth.hook.custom_access_token] # enabled = true # uri = "pg-functions:////" # Configure one of the supported SMS providers: `twilio`, `twilio_verify`, `messagebird`, `textlocal`, `vonage`. [auth.sms.twilio] enabled = false account_sid = "" message_service_sid = "" # DO NOT commit your Twilio auth token to git. Use environment variable substitution instead: auth_token = "env(SUPABASE_AUTH_SMS_TWILIO_AUTH_TOKEN)" [auth.mfa] # Control how many MFA factors can be enrolled at once per user. max_enrolled_factors = 10 # Control use of MFA via App Authenticator (TOTP) [auth.mfa.totp] enroll_enabled = true verify_enabled = true # Configure Multi-factor-authentication via Phone Messaging # [auth.mfa.phone] # enroll_enabled = true # verify_enabled = true # otp_length = 6 # template = "Your code is {{ .Code }} ." # max_frequency = "10s" # Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`, # `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin_oidc`, `notion`, `twitch`, # `twitter`, `slack`, `spotify`, `workos`, `zoom`. [auth.external.apple] enabled = false client_id = "" # DO NOT commit your OAuth provider secret to git. Use environment variable substitution instead: secret = "env(SUPABASE_AUTH_EXTERNAL_APPLE_SECRET)" # Overrides the default auth redirectUrl. redirect_uri = "" # Overrides the default auth provider URL. Used to support self-hosted gitlab, single-tenant Azure, # or any other third-party OIDC providers. url = "" # If enabled, the nonce check will be skipped. Required for local sign in with Google auth. skip_nonce_check = false # Use Firebase Auth as a third-party provider alongside Supabase Auth. [auth.third_party.firebase] enabled = false # project_id = "my-firebase-project" # Use Auth0 as a third-party provider alongside Supabase Auth. [auth.third_party.auth0] enabled = false # tenant = "my-auth0-tenant" # tenant_region = "us" # Use AWS Cognito (Amplify) as a third-party provider alongside Supabase Auth. [auth.third_party.aws_cognito] enabled = false # user_pool_id = "my-user-pool-id" # user_pool_region = "us-east-1" [edge_runtime] enabled = true # Configure one of the supported request policies: `oneshot`, `per_worker`. # Use `oneshot` for hot reload, or `per_worker` for load testing. policy = "oneshot" inspector_port = 8083 [analytics] enabled = true port = 54327 # Configure one of the supported backends: `postgres`, `bigquery`. backend = "postgres" # Experimental features may be deprecated any time [experimental] # Configures Postgres storage engine to use OrioleDB (S3) orioledb_version = "" # Configures S3 bucket URL, eg. .s3-.amazonaws.com s3_host = "env(S3_HOST)" # Configures S3 bucket region, eg. us-east-1 s3_region = "env(S3_REGION)" # Configures AWS_ACCESS_KEY_ID for S3 bucket s3_access_key = "env(S3_ACCESS_KEY)" # Configures AWS_SECRET_ACCESS_KEY for S3 bucket s3_secret_key = "env(S3_SECRET_KEY)"