Skip to main content
The Auth primitive manages authentication for a fullstack app’s Supabase project: read/update the auth configuration (providers, redirect URLs, signup policy) and perform admin user management (create, list, delete end-users) via GoTrue.
Requires a fullstack app (naive.apps.create({ name, type: "fullstack" })). Admin user management uses the project service-role key — privileged operations. Gate or disable the auth primitive per user in the Account Kit when you don’t want an agent touching end-user accounts.

Two ways to use it

// Your own project (default user)
await naive.auth.getConfig();

// A specific end-user's project (your customer's own app + its end-users)
await naive.forUser(alice.id).auth.users.list();
Omit { appId } to auto-resolve the user’s single fullstack app; pass it when they own several.

Auth configuration

await naive.auth.getConfig();
await naive.auth.updateConfig({
  site_url: "https://myapp.com",
  external_google_enabled: true,
});

Admin user management

await naive.auth.users.create({ email: "user@example.com", password: "..." });
await naive.auth.users.list();
await naive.auth.users.get("user-uuid");
await naive.auth.users.delete("user-uuid");
This is GoTrue’s admin API — for an app’s own runtime auth (sign-in, sessions) the deployed app uses the public anon key client-side; this primitive is the server-side admin surface.

REST

# Auth config (Management API)
curl "https://api.usenaive.ai/v1/apps/<app-id>/supabase/proxy/v1/projects/<ref>/config/auth" \
  -H "Authorization: Bearer nv_sk_live_..."

# Admin users (GoTrue)
curl https://api.usenaive.ai/v1/apps/<app-id>/auth/proxy/admin/users \
  -H "Authorization: Bearer nv_sk_live_..."
Your own project uses /v1/apps/<app-id>/…; an end-user’s project uses /v1/users/<user-id>/apps/<app-id>/…. See the Auth API reference.

Billing

Free — no per-operation credit cost. Account Kits can enable/disable the auth primitive per user.