X / Twitter OAuth 2.0 Now Available

Developers can now integrate "Sign in with X" functionality into their applications using Supabase Auth's new X / Twitter OAuth 2.0 provider. This replaces the legacy OAuth 1.0a implementation with a modern authentication approach.

Key Improvements

The OAuth 2.0 implementation brings several advantages:

• Modern security practices including PKCE (Proof Key for Code Exchange) support
• Better authentication experience aligned with current industry standards
• Simplified integration through the Supabase dashboard

Setup Process

Getting X / Twitter authentication running takes just a few steps:

1. Create an OAuth 2.0 app in the X Developer Portal
2. Enable "Request email from users" in your app's authentication settings
3. Configure your callback URL from the Supabase dashboard
4. Retrieve your Client ID and Client Secret from the "Keys and tokens" section
5. Enter credentials in Authentication > Providers > X / Twitter (OAuth 2.0) in Supabase

Once configured, use the Supabase client library to authenticate:

const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'x',
})

Migration Path

If you're currently using the legacy Twitter (OAuth 1.0a) provider, migration to OAuth 2.0 is recommended. The legacy provider will remain available as long as X / Twitter continues supporting OAuth 1.0a, giving teams time to transition. See the full documentation for complete setup guidance.