Config Reference
A config.toml file is generated after running supabase init.
This file is located in the supabase folder under supabase/config.toml.
General
project_id
required
A string used to distinguish different Supabase projects on the same host. Defaults to the working directory name when running supabase init.
API
api.port
required | default: 54321
Port to use for the API URL.
api.schemas
required | default: []
Schemas to expose in your API. Tables, views and stored procedures in this schema will get API endpoints. public and storage are always included.
api.extra_search_path
required | default: ["extensions"]
Extra schemas to add to the search_path of every request.
api.max_rows
required | default: 1000
The maximum number of rows returned from a view, table, or stored procedure. Limits payload size for accidental or malicious requests.
Database
db.port
required | default: 54322
Port to use for the local database URL.
db.major_version
required | default: 14
The database major version to use. This has to be the same as your remote database's. Run SHOW server_version; on the remote database to check.
Dashboard
studio.port
required | default: 54323
Port to use for Supabase Studio.
Local Development
inbucket.port
required | default: 54324
Port to use for the email testing server web interface.
Emails sent with the local dev setup are not actually sent - rather, they are monitored, and you can view the emails that would have been sent from the web interface.
Auth
auth.site_url
required | default: "http://localhost:3000"
The base URL of your website. Used as an allow-list for redirects and for constructing URLs used in emails.
auth.additional_redirect_urls
required | default: ["https://localhost:3000"]
A list of exact URLs that auth providers are permitted to redirect to post authentication.
auth.jwt_expiry
required | default: 3600
How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 seconds (one week).
auth.enable_signup
required | default: true
Allow/disallow new user signups to your project.
auth.email.enable_signup
required | default: true
Allow/disallow new user signups via email to your project.
auth.email.double_confirm_changes
required | default: true
If enabled, a user will be required to confirm any email change on both the old, and new email addresses. If disabled, only the new email is required to confirm.
auth.email.enable_confirmations
required | default: true
If enabled, users need to confirm their email address before signing in.
auth.external.<provider>.enabled
required | default: false
Use an external OAuth provider. The full list of providers are:
appleazurebitbucketdiscordfacebookgithubgitlabgoogletwitchtwitterslackspotify
auth.external.<provider>.client_id
required | default: ""
Client ID for the external OAuth provider.
auth.external.<provider>.secret
required | default: ""
Client secret for the external OAuth provider.