docs: add instructions for using management api as alternative to dashboard ui (supabase#36676)

Author: charislam

apps/docs/content/_partials/quickstart_db_setup.mdx

@@ -2,6 +2,28 @@
 
 Go to [database.new](https://database.new) and create a new Supabase project.
 
+Alternatively, you can create a project using the Management API:
+
+```bash
+# First, get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+
+# List your organizations to get the organization ID
+curl -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  https://api.supabase.com/v1/organizations
+
+# Create a new project (replace <org-id> with your organization ID)
+curl -X POST https://api.supabase.com/v1/projects \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "organization_id": "<org-id>",
+    "name": "My Project",
+    "region": "us-east-1",
+    "password": "<your-secure-password>"
+  }'
+```
+
 When your project is up and running, go to the [Table Editor](https://supabase.com/dashboard/project/_/editor), create a new table and insert some data.
 
 Alternatively, you can run the following snippet in your project's [SQL Editor](https://supabase.com/dashboard/project/_/sql/new). This will create a `instruments` table with some sample data.

apps/docs/content/guides/auth/auth-email-templates.mdx

@@ -29,6 +29,36 @@ The templating system provides the following variables for use:
 
 On hosted Supabase projects, edit your email templates on the [Email Templates](/dashboard/project/_/auth/templates) page. On self-hosted projects or in local development, edit your [configuration files](/docs/guides/local-development/customizing-email-templates).
 
+You can also manage email templates using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Get current email templates
+curl -X GET "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  | jq 'to_entries | map(select(.key | startswith("mailer_templates"))) | from_entries'
+
+# Update email templates
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+      "mailer_subjects_confirmation": "Confirm your signup",
+      "mailer_templates_confirmation_content": "<h2>Confirm your signup</h2><p>Follow this link to confirm your user:</p><p><a href=\"{{ .ConfirmationURL }}\">Confirm your email</a></p>",
+      "mailer_subjects_magic_link": "Your Magic Link",
+      "mailer_templates_magic_link_content": "<h2>Magic Link</h2><p>Follow this link to login:</p><p><a href=\"{{ .ConfirmationURL }}\">Log In</a></p>",
+      "mailer_subjects_recovery": "Rest Your Password",
+      "mailer_templates_recovery_content": "<h2>Reset Password</h2><p>Follow this link to reset the password for your user:</p><p><a href=\"{{ .ConfirmationURL }}\">Reset Password</a></p>",
+      "mailer_subjects_invite": "You have been invited",
+      "mailer_templates_invite_content": "<h2>You have been invited</h2><p>You have been invited to create a user on {{ .SiteURL }}. Follow this link to accept the invite:</p><p><a href=\"{{ .ConfirmationURL }}\">Accept the invite</a></p>",
+      "mailer_subjects_email_change": "Confirm email change",
+      "mailer_templates_email_change_content": "<h2>Confirm email change</h2><p>Follow this link to confirm the update of your email:</p><p><a href=\"{{ .ConfirmationURL }}\">Change email</a></p>",
+  }'
+```
+
 ## Mobile deep linking
 
 For mobile applications, you might need to link or redirect to a specific page within your app. See the [Mobile Deep Linking guide](/docs/guides/auth/native-mobile-deep-linking) to set this up.

apps/docs/content/guides/auth/auth-smtp.mdx

@@ -50,6 +50,30 @@ A non-exhaustive list of services that work with Supabase Auth is:
 
 Once you've set up your account with an email sending service, head to the [Authentication settings page](/dashboard/project/_/settings/auth) to enable and configure custom SMTP.
 
+You can also configure custom SMTP using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure custom SMTP
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_email_enabled": true,
+    "mailer_secure_email_change_enabled": true,
+    "mailer_autoconfirm": false,
+    "smtp_admin_email": "[email protected]",
+    "smtp_host": "smtp.example.com",
+    "smtp_port": 587,
+    "smtp_user": "your-smtp-user",
+    "smtp_pass": "your-smtp-password",
+    "smtp_sender_name": "Your App Name"
+  }'
+```
+
 Once you save these settings, your project's Auth server will send messages to all addresses. To protect the reputation of your newly set up service a low rate-limit of 30 messages per hour is imposed. To adjust this to an acceptable value for your use case head to the [Rate Limits configuration page](/dashboard/project/_/auth/rate-limits).
 
 ## Dealing with abuse: How to maintain the sending reputation of your SMTP server?

apps/docs/content/guides/auth/rate-limits.mdx

@@ -5,4 +5,31 @@ subtitle: 'Rate limits protect your services from abuse'
 
 Supabase Auth enforces rate limits on endpoints to prevent abuse. Some rate limits are [customizable](/dashboard/project/_/auth/rate-limits).
 
+You can also manage rate limits using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Get current rate limits
+curl -X GET "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  | jq 'to_entries | map(select(.key | startswith("rate_limit_"))) | from_entries'
+
+# Update rate limits
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "rate_limit_anonymous_users": 10,
+    "rate_limit_email_sent": 10,
+    "rate_limit_sms_sent": 10,
+    "rate_limit_verify": 10,
+    "rate_limit_token_refresh": 10,
+    "rate_limit_otp": 10,
+    "rate_limit_web3": 10
+  }'
+```
+
 <$Partial path="auth_rate_limits.mdx" />

apps/docs/content/guides/auth/social-login/auth-apple.mdx

@@ -67,6 +67,24 @@ When developing with Expo, you can test Sign in with Apple via the Expo Go app,
     6. Create a signing **Key** in the [Keys](https://developer.apple.com/account/resources/authkeys/list) section of the Apple Developer Console. You can use this key to generate a secret key using the tool below, which is added to your Supabase project's Auth configuration. Make sure you safely store the `AuthKey_XXXXXXXXXX.p8` file. If you ever lose access to it, or make it public accidentally, revoke it from the Apple Developer Console and create a new one immediately. You will have to generate a new secret key using this file every 6 months, so make sure you schedule a recurring meeting in your calendar!
     7. Finally, add the information you configured above to the [Apple provider configuration in the Supabase dashboard](https://supabase.com/dashboard/project/_/auth/providers).
 
+You can also configure the Apple auth provider using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure Apple auth provider
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_apple_enabled": true,
+    "external_apple_client_id": "your-services-id",
+    "external_apple_secret": "your-generated-secret-key"
+  }'
+```
+
     <Admonition type="tip">
 
     Use this tool to generate a new Apple client secret. No keys leave your browser! Be aware that this tool does not currently work in Safari, so use Firefox or a Chrome-based browser instead.

apps/docs/content/guides/auth/social-login/auth-azure.mdx

@@ -44,6 +44,25 @@ Setting up OAuth with Azure consists of four broad steps:
 
 ![Obtain the client secret](/docs/img/guides/auth-azure/azure-client-secret.png)
 
+You can also configure the Azure auth provider using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure Azure auth provider
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_azure_enabled": true,
+    "external_azure_client_id": "your-azure-client-id",
+    "external_azure_secret": "your-azure-client-secret",
+    "external_azure_url": "your-azure-url"
+  }'
+```
+
 ## Guarding against unverified email domains
 
 Microsoft Entra ID can send out unverified email domains in certain cases. This may open up your project to a vulnerability where a malicious user can impersonate already existing accounts on your project.

apps/docs/content/guides/auth/social-login/auth-discord.mdx

@@ -43,6 +43,24 @@ Setting up Discord logins for your application consists of 3 parts:
 
 <$Partial path="social_provider_settings_supabase.mdx" variables={{ "provider": "Discord" }} />
 
+You can also configure the Discord auth provider using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure Discord auth provider
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_discord_enabled": true,
+    "external_discord_client_id": "your-discord-client-id",
+    "external_discord_secret": "your-discord-client-secret"
+  }'
+```
+
 ## Add login code to your client app
 
 <Tabs

apps/docs/content/guides/auth/social-login/auth-facebook.mdx

@@ -60,6 +60,24 @@ Under `Build Your App`, click on `Use Cases` screen. From there, do the followin
 
 <$Partial path="social_provider_settings_supabase.mdx" variables={{ "provider": "Facebook" }} />
 
+You can also configure the Facebook auth provider using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure Facebook auth provider
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_facebook_enabled": true,
+    "external_facebook_client_id": "your-facebook-app-id",
+    "external_facebook_secret": "your-facebook-app-secret"
+  }'
+```
+
 ## Add login code to your client app
 
 <Tabs

apps/docs/content/guides/auth/social-login/auth-github.mdx

@@ -38,6 +38,24 @@ Copy your new OAuth credentials
 
 <$Partial path="social_provider_settings_supabase.mdx" variables={{ "provider": "GitHub" }} />
 
+You can also configure the GitHub auth provider using the Management API:
+
+```bash
+# Get your access token from https://supabase.com/dashboard/account/tokens
+export SUPABASE_ACCESS_TOKEN="your-access-token"
+export PROJECT_REF="your-project-ref"
+
+# Configure GitHub auth provider
+curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "external_github_enabled": true,
+    "external_github_client_id": "your-github-client-id",
+    "external_github_secret": "your-github-client-secret"
+  }'
+```
+
 ## Add login code to your client app
 
 <Tabs

apps/docs/content/guides/auth/social-login/auth-google.mdx

@@ -53,6 +53,24 @@ To use your own application code:
 
 1. When you finish configuring your credentials, you will be shown your client ID and secret. Add these to the [Google Auth Provider section of the Supabase Dashboard](/dashboard/project/_/auth/providers).
 
+   Alternatively, you can configure Google authentication using the Management API:
+
+   ```bash
+   # First, get your access token from https://supabase.com/dashboard/account/tokens
+   export SUPABASE_ACCESS_TOKEN="your-access-token"
+   export PROJECT_REF="your-project-ref"
+
+   # Update auth config to enable Google provider
+   curl -X PATCH "https://api.supabase.com/v1/projects/$PROJECT_REF/config/auth" \
+     -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
+     -H "Content-Type: application/json" \
+     -d '{
+       "external_google_enabled": true,
+       "external_google_client_id": "your-google-client-id",
+       "external_google_secret": "your-google-client-secret"
+     }'
+   ```
+
    <Admonition type="tip">
 
    In local development, you can add the client ID and secret to your `config.toml` file.