Managing config and secrets
The Supabase CLI uses a config.toml
file to manage local configuration. This file is located in the supabase
directory of your project.
Config reference
The config.toml
file is automatically created when you run supabase init
.
There are a wide variety of options available, which can be found in the CLI Config Reference.
For example, to enable the "Apple" OAuth provider for local development, you can append the following information to config.toml
:
_10[auth.external.apple]_10enabled = false_10client_id = ""_10secret = ""_10redirect_uri = "" # Overrides the default auth redirectUrl.
Using secrets inside config.toml
You can reference environment variables within the config.toml
file using the env()
function. This will detect any values stored in an .env
file at the root of your project directory. This is particularly useful for storing sensitive information like API keys, and any other values that you don't want to check into version control.
_10._10├── .env_10├── .env.example_10└── supabase_10 └── config.toml
Do NOT commit your .env
into git. Be sure to configure your .gitignore
to exclude this file.
For example, if your .env
contained the following values:
_10GITHUB_CLIENT_ID=""_10GITHUB_SECRET=""
Then you would reference them inside of our config.toml
like this:
_10[auth.external.github]_10enabled = true_10client_id = "env(GITHUB_CLIENT_ID)"_10secret = "env(GITHUB_SECRET)"_10redirect_uri = "" # Overrides the default auth redirectUrl.