BastionAuth vs Supabase Auth
Supabase Auth is part of the Supabase ecosystem. Here's how BastionAuth compares as a standalone solution.
TL;DR
Choose BastionAuth if you want standalone auth without ecosystem lock-in, or need enterprise features like organizations.
Choose Supabase Auth if you're already using Supabase's database and want integrated auth.
Feature Comparison
| Feature | BastionAuth | Supabase Auth |
|---|---|---|
| Deployment | ||
| Standalone | β | β (Part of Supabase) |
| Self-hosted | β | β (Full Supabase) |
| Authentication | ||
| Email/password | β | β |
| OAuth providers | 5 | 10+ |
| Magic links | β | β |
| Phone/SMS | β | β |
| MFA (TOTP) | β | β |
| Passkeys | β‘ | β |
| Organizations | ||
| Multi-tenancy | β | β |
| Team management | β | β |
| RBAC | β | β‘ (RLS) |
| Invitations | β | β |
| Enterprise | ||
| SAML SSO | π | β |
| SCIM | π | β |
| Audit logs | β | β‘ (Basic) |
| Webhooks | β | β (Edge Functions) |
| Admin dashboard | β | β |
| Developer Experience | ||
| React SDK | βββββ | ββββ |
| Next.js SSR | β | β |
| Pre-built UI | β | β (supabase-auth-ui) |
Key Differences
1. Ecosystem Lock-in
Supabase Auth: Tightly integrated with Supabase's PostgreSQL, Storage, and Edge Functions. Great if you're all-in on Supabase.
BastionAuth: Standalone authentication. Works with any database, any backend, any stack.
2. Organizations & Multi-tenancy
Supabase Auth: No built-in organization support. You'd need to build it yourself with RLS policies.
BastionAuth: First-class organization support with roles, permissions, and invitations.
// BastionAuth - Built-in organizations
import { useOrganization } from '@bastionauth/react';
function TeamPage() {
const { organization, members, invite } = useOrganization();
return (
<div>
<h1>{organization.name}</h1>
{members.map(m => <Member key={m.id} {...m} />)}
<button onClick={() => invite('new@email.com')}>
Invite Member
</button>
</div>
);
}
// Supabase - Build your own
// Requires custom tables, RLS policies, and Edge Functions3. Enterprise Features
Supabase Auth: Focused on developer experience. Limited enterprise features.
BastionAuth: Built for enterprise with SAML SSO (coming), audit logs, and compliance focus.
4. Admin Dashboard
Supabase Auth: Auth management through Supabase dashboard. Limited to user CRUD.
BastionAuth: Dedicated admin dashboard with audit logs, session management, webhooks.
5. Self-Hosting
Supabase Auth: Part of full Supabase stack. Self-hosting means running entire Supabase.
BastionAuth: Lightweight. Just PostgreSQL + Redis + BastionAuth API.
SDK Comparison
Setup
// Supabase
import { createClient } from '@supabase/supabase-js';
const supabase = createClient(SUPABASE_URL, SUPABASE_KEY);
// BastionAuth
import { BastionProvider } from '@bastionauth/react';
<BastionProvider publishableKey="pk_...">Authentication
// Supabase
const { data, error } = await supabase.auth.signInWithPassword({
email: 'user@email.com',
password: 'password',
});
// BastionAuth
const { signIn } = useSignIn();
await signIn({ email: 'user@email.com', password: 'password' });Session Access
// Supabase
const { data: { session } } = await supabase.auth.getSession();
// BastionAuth
const { session, getToken } = useAuth();
const token = await getToken();Pricing Comparison
| Tier | Supabase | BastionAuth |
|---|---|---|
| Free | 50K MAU | Unlimited (self-hosted) |
| Pro | $25/mo + $0.00325/MAU | $299/mo flat |
| Team | $599/mo | $899/mo flat |
| Enterprise | Custom | Custom |
When to Choose Supabase Auth
- You're already using Supabase database
- You want integrated auth + database + storage
- You don't need organizations/multi-tenancy
- Enterprise features (SAML, SCIM) aren't required
- You prefer Supabase's ecosystem approach
When to Choose BastionAuth
- You need standalone authentication
- You're using a different database
- Organizations and teams are core to your app
- You need enterprise features (SAML, audit logs)
- You want to avoid ecosystem lock-in
- Compliance (HIPAA, FedRAMP) is a requirement
Migration from Supabase Auth
# Export users from Supabase
npx @bastionauth/cli migrate supabase \
--url https://xxx.supabase.co \
--service-key xxx
# Import to BastionAuth
npx @bastionauth/cli migrate supabase --importNote: Supabase uses bcrypt for passwords. Users may need to reset passwords after migration.