Sign-in with custom token

[flowhorn]

Feature request

Is your feature request related to a problem? Please describe.

To support special cases for authentification like signing in by scanning a qr code on the web (e.g. Whatsapp Web) it should be possible to create a custom Token for authentification serverside using the gotrue-js package. This is currently not possible to implement in supabase using the api directly.

Describe the solution you'd like

A function in the gotrueapi like .api.createCustomToken(userId: string, adittionalClaims): Promise<string>. On the client side there would be a function like .auth.signInWithCustomToken(customToken:string): Promise<session>. AdditionalClaims would contain things like an expiration time for the token. This is a feature I really liked in Firebase Auth (see Additional context).

Describe alternatives you've considered

This might be able to do by signing your own refreshToken or accessToken, but I think it would be better to have it directly implemented into the Api.

Additional context

The Firebase Auth Docs: https://firebase.google.com/docs/auth/admin/create-custom-tokens

[hf]

Transferred to gotrue and changed title to reflect the feature request better. Adding to our backlog too.

[icopp]

This would definitely make life much easier for anyone dealing with multiple auth systems.

[OliverRhyme]

Any updates? This will definitely solve a lot of problems when dealing with many types of auth system and also simplify and standardize integration with other providers.

[amerryma]

As I'm switching to Supabase, we have users in an existing authentication provider. Until we deprecate that old system, I want to authenticate my users to that system, and create an auth token for the supabase api for that user.

Something similar to this: https://www.mongodb.com/docs/atlas/app-services/authentication/custom-function/

Hoping something like this could solve my problem.