Skip to main content

Setup your environment

Before you begin, make sure you have the following:
  • A Strike account with API access - Your service role key - A development environment (Node.js, Python, Go, etc.)

Make your first request

Let’s start by testing the service with a simple health check: 
curl -X GET "http://localhost:8080/health" \
  -H "Content-Type: application/json"

{
  "status": "healthy",
  "service": "supabase-auth-service",
  "version": "1.0.0",
  "timestamp": "2025-05-30T00:00:00Z"
}

Create your first user

Now let’s create a user account using the signup endpoint: 
curl -X POST "http://localhost:8080/signup" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "securepassword123"
  }'

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "aud": "authenticated",
  "role": "authenticated",
  "email": "user@example.com",
  "email_confirmed_at": null,
  "phone": null,
  "phone_confirmed_at": null,
  "last_sign_in_at": null,
  "app_metadata": {},
  "user_metadata": {},
  "created_at": "2023-01-01T00:00:00Z",
  "updated_at": "2023-01-01T00:00:00Z"
}

Authenticate a user

Once you have a user, you can authenticate them to get access tokens: 
curl -X POST "http://localhost:8080/token?grant_type=password" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "securepassword123"
  }'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "bearer",
  "expires_in": 3600,
  "expires_at": 1640995200,
  "refresh_token": "refresh_token_string",
  "user": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "email": "user@example.com",
    "role": "authenticated"
  }
}

Make authenticated requests

Use the access token to make authenticated requests: 
curl -X GET "http://localhost:8080/user" \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json"

Admin Authentication

For admin users, use the enhanced admin login endpoint that includes privilege verification: 
curl -X POST "http://localhost:8080/login-admin" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "admin@example.com",
    "password": "admin_password123"
  }'
The admin login endpoint automatically verifies that the user has admin privileges in the database. Non-admin users will receive a 403 Forbidden response even with valid credentials.
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "bearer",
  "expires_in": 3600,
  "expires_at": 1640995200,
  "refresh_token": "refresh_token_string",
  "user": {
    "id": "26a20af0-109d-43e0-ae38-2e35148fff64",
    "email": "admin@example.com",
    "role": "authenticated"
  },
  "admin_details": {
    "id": "26a20af0-109d-43e0-ae38-2e35148fff64",
    "email": "admin@example.com",
    "is_admin": true,
    "created_at": "2023-01-01T00:00:00Z"
  }
}

Next Steps

Authentication Guide

Learn about different authentication methods and security best practices

User Management

Understand user lifecycle and profile management

API Reference

Explore all available endpoints and their parameters

Integration Guides

Step-by-step guides for common integration patterns
I