Auth Users
The Auth Users component copies Supabase Auth user accounts from the source project to the target project.
What Is Copied
For each user:
- Email and confirmation status
- Metadata (user_metadata, app_metadata)
- Identity (provider: email, GitHub, Google, etc.)
- Role (authenticated, etc.)
- Dates of creation and last sign-in
Key Considerations
| Situation | Behavior |
|---|---|
| Passwords | Copied in hashed form — users can sign in with the same password on the target |
| OAuth providers (Google, GitHub...) | Identities are copied, but providers must be configured on the target project |
| Existing user on the target | Skipped (no duplicates) |
| MFA / 2FA | MFA configurations are not copied |
Important: If your users sign in via an OAuth provider (Google, GitHub, etc.), you must configure the same provider on the target project for sign-in to work. Use the Project Config component to copy auth settings.
When to Use It
- Migration — transfer user accounts to a new project
- Staging with real data — test with actual user accounts
- Backup — keep a copy of user accounts
When Not to Use It
- Staging with test data — you prefer creating test accounts
- GDPR compliance — if copying user data to another environment raises compliance concerns
Note: Copying user accounts to a staging environment means that personal data exists in two places. Make sure this complies with your legal obligations.
Next Steps
- Project Config — Copy OAuth providers
- RLS Policies — Access rules related to users