Migration guide

Migrate from Supabase Auth to Tuurio ID

Move from Supabase Auth (GoTrue) to Tuurio ID in under a day, without losing your users — and keep your Supabase database. You stay on standard OpenID Connect and only swap the auth layer.

Start migration Why switch

Under a day

A standard OIDC migration.

Keep your users

GoTrue export plus lazy migration.

Keep your database

Your Supabase Postgres stays in place.
Before you start

Prerequisites

  • A Tuurio ID tenant.
  • Admin access to your Supabase project.
  • Your app codebase.
Step by step

From Supabase Auth to Tuurio ID in five steps

1

Export users from Supabase

Export your accounts from Supabase (GoTrue) via the admin API or SQL.

2

Create an OIDC client in Tuurio ID

Create the client and add your redirect URIs.

3

Import users with lazy migration

Password hashes aren't portable 1:1 — the first login securely resets the password, invisibly to users.

4

Point your app's auth to Tuurio OIDC

Switch your auth calls to the standard OIDC flow with PKCE; keep your Supabase database.

5

Verify, then cut over

Verify with a test tenant, then switch production traffic over.

Supabase doesn't export password hashes in a portable form. Plan a lazy-migration or reset flow — it's standard and stays invisible to users until first login.

FAQ

Supabase migration — frequently asked questions

No. You only replace the auth layer over standard OIDC; your Supabase Postgres database and APIs stay in place.
No. You export users from GoTrue and import them into Tuurio ID; the first login lazily resets each password securely.
For most apps a few hours to a few days. You can run both in parallel until you confirm the cutover.

Ready to migrate from Supabase Auth?

Run a standard OIDC migration, keep your database, and gain real EU data sovereignty — hosted in Germany.

Start migration Why switch