Migrating User Authentication from Supabase to Clerk.dev: A Step-by-Step Guide
This step-by-step guide simplifies the process of migrating user authentication from Supabase to Clerk.dev. With just a few steps, you will learn to prepare your Clerk.dev environment, extract user data from Supabase, and programmatically create users in Clerk.dev
Do you find the idea of migrating auth from Supabase to Clerk.dev intimidating? Let me assure you, it's less complex than it seems. In this guide, we'll simplify the process and walk you through every step of the migration. With just a handful of slight code tweaks, you'll be on the fast track to integrating Clerk.dev. So, let's dive right in and demystify this process together with a comprehensive, easy-to-follow guide.
More interested on why I switched? Check out the post below:
Step 1: Set Up Your Clerk.dev Account
Navigate to the User & Authentication settings and select Email, Phone, Username. This is the stage where you'll want to ensure that the settings mirror those of your existing Supabase account.
If you use a username make sure that you first toggle the setting off in clerk, as the import without setting a username will throw an error.
Step 2: Establishing Required Secrets as Environment Variables
In order to facilitate the creation of new users, we need to communicate with the Create new User Endpoint. This can be accomplished by using our Clerk API Keys:
Next, we'll store the CLERK_SECRET_KEY as a Python environment variable within the .env file, making it accessible from our script.
Lastly, we'll need to secure the database connection string from our existing Supabase instance. This can be achieved by storing it as an environment variable. You can retrieve this string from Project Settings > Database.
In the following I will show you how I set up my migration script. Feel free to edit and adjust the parts that will be slightly different for you.
Setting up env and imports
To get started we will import the following libraries and set up our environment variables form a .env file:
import psycopg2.extras # Import for RealDictCursor
from dotenv import load_dotenv
from tqdm import tqdm # For the progress bar
Make sure to adjust the ".env.local" and path to your env file.
Connecting to Supabase and fetching all Users
Next we connect to the instance and run the a sql query to get all the users:
The SQL query logic works in the following way:
Get the main user_data in one CTE
Get all the user_profiles info from a separate table, e.g. first_name and last_name in a second CTE.
Piece all the info together and add any missing parts
Make sure to adjust the sql query as needed. E.g. if you have no username or other auth types.
The final SQL Select directly corresponds with the needed post body:
One of the most awesome things is that we can straight away export the encrypted_password to Clerk.dev, since Supabase is using bcrypt as mentioned here:
So all we need to do is just specify the following in SQL:
'bcrypt' AS password_hasher
Connecting to Clerk.dev BackendAPI and creating new users
Finally using the set up environment variable in Step 1, we connect to Backend API and iterate over the rows to create each user in Clerk.dev.
As specified in the Rate limits section we can only make 20 requests per 10 seconds. That is why I included the wait time.
Congrats, you successfully migrated Auth from Supabase to Clerk.dev.
Migrating user authentication from Supabase to Clerk.dev may initially seem challenging, but as we've seen, it's an achievable task with just a few steps. By following this guide, you've learned to prepare your Clerk.dev environment, extract user data from Supabase, and programatically create users in Clerk.dev.