Supabase Auth instead of Auth0?
tl;dr; is Supabase Auth a good alternative to Auth0, and is it a better option than Clerk?
Hi everyone! I am building a new project and started by using Auth0 for ease of use (and it was super easy to get up and running), but before making it available to users I did a round of due diligence and found a considerable drawback with Auth0: when we get to 25k users, we will have to pay (potentially extortionate) fees to Auth0, or face having to migrate away from it. Our business model is not freemium, but I expect only a small percentage of users to pay, so us paying for auth per user will be a liability.
So instead of setting ourselves up for that trap, I could choose to future proof the system before we have so many users that it gets painful to migrate. Keeping in mind that we may not get that successful, and then it would have all been in vain π
My stack is NextJS (TypeScript) for both frontend and backend hosted on Vercel, and PostgreSQL on Neon (via Vercel) as database. There's a Supabase NextJS quickstart guide but it just points to a whole Github repo (so not a "guide" as such), so I am guessing the server-side auth guide is the one to follow?
I looked at Clerk as another option, and their plug-and-play approach (similar to Auth0) is very attractive. But I didn't get the same "this is a solid company and project" impression as with Supabase - that's just a gut feeling though.
Looking at discussions, docs and playing around with Supabase, I got a good impression: stability, solid engineering practices and sane pricing. The only thing that concerns me is that we would have to "own" the auth routes, so we have to write and maintain more code (and make sure it's secure), and fend off any attacks on auth ourselves. Is it still a good idea to go ahead and make the switch, and is it sane to pick Supabase Auth over Clerk?
Use Supabase Auth with Next.js | Supabase Docs
Learn how to configure Supabase Auth for the Next.js App Router.
3 Replies
@Jonatan supabase auth is a solid choice if you're looking for long-term flexibility and cost control.
Yes, you manage auth routes yourself, but with good docs and control, it's worth the effort.
Clerk is easier short-term, but supabase gives more ownership and scales better cost-wise.
Thank you
I now have Supabase up and running in prod. Auth0 pricing would have been 100x Supabase (yes, actually 100x), so definitely worth the two days. The docs are not entirely straightforward, and you do need to understand what's going on (but hey, if you're dealing with user data, you probably should). Clerk probably would have been faster to set up, but they are still 10x more expensive than Supabase, plus with Supabase we control all the data, and could self-host if need be.
Great choice switching to Supabase, make sure to enable Row Level Security itβs key to keeping your Supabase auth secure and scalable.