Comparisons
vs Supabase Auth

BastionAuth vs Supabase Auth

Supabase Auth is part of the Supabase ecosystem. Here's how BastionAuth compares as a standalone solution.

TL;DR

Choose BastionAuth if you want standalone auth without ecosystem lock-in, or need enterprise features like organizations.

Choose Supabase Auth if you're already using Supabase's database and want integrated auth.

Feature Comparison

FeatureBastionAuthSupabase Auth
Deployment
Standaloneβœ…βŒ (Part of Supabase)
Self-hostedβœ…βœ… (Full Supabase)
Authentication
Email/passwordβœ…βœ…
OAuth providers510+
Magic linksβœ…βœ…
Phone/SMSβŒβœ…
MFA (TOTP)βœ…βœ…
Passkeys⚑❌
Organizations
Multi-tenancyβœ…βŒ
Team managementβœ…βŒ
RBACβœ…βš‘ (RLS)
Invitationsβœ…βŒ
Enterprise
SAML SSOπŸ”œβŒ
SCIMπŸ”œβŒ
Audit logsβœ…βš‘ (Basic)
Webhooksβœ…βœ… (Edge Functions)
Admin dashboardβœ…βœ…
Developer Experience
React SDK⭐⭐⭐⭐⭐⭐⭐⭐⭐
Next.js SSRβœ…βœ…
Pre-built UIβœ…βœ… (supabase-auth-ui)

Key Differences

1. Ecosystem Lock-in

Supabase Auth: Tightly integrated with Supabase's PostgreSQL, Storage, and Edge Functions. Great if you're all-in on Supabase.

BastionAuth: Standalone authentication. Works with any database, any backend, any stack.

2. Organizations & Multi-tenancy

Supabase Auth: No built-in organization support. You'd need to build it yourself with RLS policies.

BastionAuth: First-class organization support with roles, permissions, and invitations.

// BastionAuth - Built-in organizations
import { useOrganization } from '@bastionauth/react';
 
function TeamPage() {
  const { organization, members, invite } = useOrganization();
  
  return (
    <div>
      <h1>{organization.name}</h1>
      {members.map(m => <Member key={m.id} {...m} />)}
      <button onClick={() => invite('new@email.com')}>
        Invite Member
      </button>
    </div>
  );
}
 
// Supabase - Build your own
// Requires custom tables, RLS policies, and Edge Functions

3. Enterprise Features

Supabase Auth: Focused on developer experience. Limited enterprise features.

BastionAuth: Built for enterprise with SAML SSO (coming), audit logs, and compliance focus.

4. Admin Dashboard

Supabase Auth: Auth management through Supabase dashboard. Limited to user CRUD.

BastionAuth: Dedicated admin dashboard with audit logs, session management, webhooks.

5. Self-Hosting

Supabase Auth: Part of full Supabase stack. Self-hosting means running entire Supabase.

BastionAuth: Lightweight. Just PostgreSQL + Redis + BastionAuth API.

SDK Comparison

Setup

// Supabase
import { createClient } from '@supabase/supabase-js';
const supabase = createClient(SUPABASE_URL, SUPABASE_KEY);
 
// BastionAuth
import { BastionProvider } from '@bastionauth/react';
<BastionProvider publishableKey="pk_...">

Authentication

// Supabase
const { data, error } = await supabase.auth.signInWithPassword({
  email: 'user@email.com',
  password: 'password',
});
 
// BastionAuth
const { signIn } = useSignIn();
await signIn({ email: 'user@email.com', password: 'password' });

Session Access

// Supabase
const { data: { session } } = await supabase.auth.getSession();
 
// BastionAuth
const { session, getToken } = useAuth();
const token = await getToken();

Pricing Comparison

TierSupabaseBastionAuth
Free50K MAUUnlimited (self-hosted)
Pro$25/mo + $0.00325/MAU$299/mo flat
Team$599/mo$899/mo flat
EnterpriseCustomCustom

When to Choose Supabase Auth

  • You're already using Supabase database
  • You want integrated auth + database + storage
  • You don't need organizations/multi-tenancy
  • Enterprise features (SAML, SCIM) aren't required
  • You prefer Supabase's ecosystem approach

When to Choose BastionAuth

  • You need standalone authentication
  • You're using a different database
  • Organizations and teams are core to your app
  • You need enterprise features (SAML, audit logs)
  • You want to avoid ecosystem lock-in
  • Compliance (HIPAA, FedRAMP) is a requirement

Migration from Supabase Auth

# Export users from Supabase
npx @bastionauth/cli migrate supabase \
  --url https://xxx.supabase.co \
  --service-key xxx
 
# Import to BastionAuth
npx @bastionauth/cli migrate supabase --import

Note: Supabase uses bcrypt for passwords. Users may need to reset passwords after migration.