supabase-rb-rb
Auth

Auth Admin

User CRUD, invitations, and link generation under supabase.auth.admin.

The auth.admin namespace wraps GoTrue's privileged admin endpoints. Construct a dedicated service-role client and call methods on supabase.auth.admin:

supabase = Supabase.create_client(
  supabase_url: ENV.fetch("SUPABASE_URL"),
  supabase_key: ENV.fetch("SUPABASE_SERVICE_ROLE_KEY")
)

supabase.auth.admin.list_users(page: 1, per_page: 50)

Service-role key required

Every method on auth.admin calls a privileged endpoint that bypasses Row Level Security. The bearer token MUST be a service_role key, not the anon key. Never ship a service-role key to a browser, mobile app, or any client you don't fully control — use it only on a trusted server.

Methods

MethodDescription
admin.create_userCreate a user directly, bypassing email/phone confirmation.
admin.list_usersList users with pagination.
admin.get_user_by_idFetch a single user by UUID.
admin.update_user_by_idUpdate any field on any user.
admin.delete_userHard- or soft-delete a user.
admin.invite_user_by_emailSend an invite email with a signup link.
admin.generate_linkGenerate magic-link, recovery, invite, or signup links without sending the email.

Get Authenticator Assurance Level

Inspect AAL1 / AAL2 state from the current session JWT.

Create a user (admin)

Create a new user directly via the admin API.

On this page

Methods