Skip to main content

Email And Password

How Handlet supports email/password sign-up, sign-in, and recovery.

Email and password authentication is available through Supabase Auth where the environment enables it.

Sign-up

The public sign-up route creates an authenticated user and then sends the user through confirmation, legal acceptance, onboarding, or the app home path depending on account state.

Sign-in

The sign-in route validates credentials through Supabase Auth. After a successful sign-in, app routing resolves the correct destination for the user.

Password recovery

Password reset emails are Supabase Auth emails. The reset flow returns through the app so the user can set a new password and continue securely.

Security notes

  • Do not expose server auth secrets to client components.
  • Use Supabase server clients for session-aware server code.
  • Let RLS enforce tenant access for standard product data.
  • Use admin clients only for narrowly scoped administrative tasks.
© 2026 Handlet. All rights reserved.

AI Assistance: Handlet uses AI for intent recognition and, where enabled, drafts, summaries, quote support, social content and call assistance. AI output can be wrong and should be checked before use. Learn More