You can implement various types of auth:

Enabling Supabase Auth

To implement either Supabase Auth or Anonymous Sign-Ins, enable the relevant setting on the PowerSync instance, and provide your Supabase JWT Secret. Internally, this setting allows PowerSync to verify and use Supabase JWTs directly using HS256 and the provided secret.

PowerSync Cloud instances:

  1. In the PowerSync Dashboard, right-click on your instance to edit it.
  2. Under the “Client Auth” tab, enable “Use Supabase Auth” and enter your Supabase JWT Secret (from the JWT Keys section in the Supabase dashboard):

Copy the secret from your Supabase project settings.

Enable Supabase Auth in your PowerSync instance settings and paste the secret.

  1. Click “Save and deploy” to deploy the updates to your instance.

Self-hosted instances:

This can be enabled via your config.yaml: 
client_auth:
  # Enable this if using Supabase Auth*
  supabase: true
  supabase_jwt_secret: your-jwt-secret

Sync Rules

The Supabase user UUID will be available as request.user_id() in Sync Rules. To use a different identifier as the user ID in sync rules (for example user email), use Custom authentication.