Migrate to Kinde for user authentication
Get started
Migrate to Kinde from Supabase
Migrate your users from Supabase Auth to Kinde. Supabase stores passwords as bcrypt hashes, and Kinde supports bcrypt natively — your users can sign in with their existing passwords with no reset required.
What you need
Link to this section- A Kinde account with Admin access
- Kinde account configured to match your current auth provider - see before you migrate
- Supabase account with SQL editor permissions
Key considerations
Link to this section- bcrypt passwords are fully supported — Kinde imports bcrypt hashes directly. Users keep their existing password.
- Export via SQL — Supabase Auth data lives in the
auth.userstable, which isn’t exposed via the standard API. You export users by running a SQL query in the Supabase dashboard. - Social/OAuth identities are separate — users who signed in via Google, GitHub, etc. are stored in the
auth.identitiestable. These users can be imported by email and will be prompted to re-link their social login on first sign-in. raw_user_meta_datavaries by app — the structure of this field depends on what your app stores. Check it in the SQL editor before building your export query.
Migration guide
Link to this section1. Export users from Supabase
Link to this section-
Sign in to your Supabase dashboard and select your project.
-
Go to SQL Editor in the sidebar.
-
Run the following query:
SELECTid,email,encrypted_password AS hashed_password,CASE WHEN email_confirmed_at IS NOT NULL THEN 'TRUE' ELSE 'FALSE' END AS email_verified,raw_user_meta_data->>'first_name' AS first_name,raw_user_meta_data->>'last_name' AS last_nameFROM auth.usersWHERE email IS NOT NULL; -
In the results panel, set the row limit to No Limit so all users are returned.
-
Select Export and choose Download CSV.
2. Prepare the CSV for Kinde
Link to this sectionThe SQL query exports columns that mostly match Kinde’s expected names. Rename the one that differs and add the hashing_method column.
| Supabase column | Rename to | Notes |
|---|---|---|
email | email | Required — primary sign-in identifier |
id | id | Keep as-is |
email_verified | email_verified | Keep as-is — TRUE or FALSE |
first_name | first_name | Keep as-is |
last_name | last_name | Keep as-is |
encrypted_password | hashed_password | bcrypt hash — preserves existing passwords |
| (new column) | hashing_method | Add this column and set every row to bcrypt |
For the full list of supported CSV fields — including organizations, roles, and permissions — see Prepare your CSV in the bulk import guide.
Your final CSV should look like this:
id,email,first_name,last_name,email_verified,hashed_password,hashing_methodabc-123,bills@company.com,Bill,Smith,TRUE,$2a$10$examplehash,bcryptdef-456,carlosg@company.com,Carlos,Garcia,TRUE,$2a$10$examplehash,bcrypt3. Import into Kinde
Link to this section- In Kinde, go to Users, then select Import users.
- Select Custom CSV.
- Follow the on-screen prompts to upload your file.
- Review any errors reported after import. Fix the CSV and re-import to resolve them.
See the bulk import guide to learn more.
4. Test the migration
Link to this section- Sign in to Kinde with a user from your Supabase export.
- Verify they can sign in with their existing Supabase credentials.
- Notify users of any changes to their sign-in experience before going live.
Get support
Link to this sectionIf you need help with your migration, contact Kinde support.