Skip to main content
Supabase Auth emails are the messages that let users verify, recover, or access their account. They are not just templates. The email, the Supabase auth event, your redirect URLs, and your app’s callback handler all need to agree.

The six Supabase Auth email types

Supabase can send auth email events for:
  • email confirmation
  • password reset
  • magic link
  • invite
  • email change
  • reauthentication
Dreamlit can create branded workflows for all six.

What Dreamlit handles

Dreamlit handles the email side:
  • receives Supabase Auth email hook events
  • creates workflows for each auth email type
  • generates branded templates
  • sends the email
  • exposes Supabase auth variables like ConfirmationURL, Token, TokenHash, SiteURL, RedirectTo, and Email

What your app still handles

Your app and Supabase project still own the auth flow:
  • your app calls the right Supabase Auth API
  • Supabase allows the redirect URL
  • your web callback route or native deep link works
  • PKCE flows complete the code exchange in the same browser or device
Dreamlit sends the auth email Supabase asks it to send. It does not replace your login screen or callback route. Use a magic link when the user can open the email on the same device and your app can handle the callback URL. Use a six-digit code when the user may open email on another device, or when you want a simpler native-app sign-in flow.
Do not choose the email template just because a Token value exists. Supabase can provide both token and link data in the same auth event. Choose the template based on what your app supports.

Best first setup

For a production Supabase app, set up:
  1. branded confirmation email
  2. branded password reset email
  3. magic link or code-based sign-in
  4. correct Supabase URL configuration
  5. one test for each auth path from your real app UI

Follow the setup guide

Configure Supabase Auth emails with Dreamlit.