Learn
Authentication

How to Add Login to a Bolt App

Bolt V2 includes native authentication with email/password, email verification, and leaked password detection — no external service required. You can also integrate Supabase Auth or Auth0 if you need social login or advanced features. Ask Bolt to set it up through a simple prompt.

Why this matters

Bolt V2 made authentication significantly easier by adding native auth support. Before V2, you needed to integrate an external provider like Supabase or Auth0 for every app that needed login. Now you can get basic auth working with a single prompt.

What's at stake

An app without authentication has no concept of users. Anyone can see everything, do everything, and there is no way to attribute actions or protect personal data. Adding login is the first step toward a real product.

Step by step.

1

Decide between native auth and external provider

Bolt V2 native auth supports email/password with verification and leaked password detection. If you need social login (Google, GitHub), OAuth, or MFA, integrate Supabase Auth or Auth0 instead.

2

Prompt Bolt to add authentication

For native auth: "Add user authentication to my app with email/password login, signup, and password reset. Protect the /dashboard route." For Supabase Auth: "Integrate Supabase Auth with Google and email login."

3

Enable email verification

Bolt V2 native auth includes email verification. Make sure it is enabled — this prevents fake signups and verifies that users control the email address they register with.

4

Set up a user management dashboard

Bolt V2 provides a user management dashboard to monitor signed-up users. If using Supabase Auth, the Supabase dashboard provides the same functionality under Authentication > Users.

5

Test by deploying (not preview)

Authentication does not work in Bolt preview mode — you must deploy to test it. Deploy to Bolt Cloud, Netlify, or Vercel, then test the full signup, login, logout, and password reset flow.

Verify your Bolt app authentication is working correctly

  • Automated check for common auth setup issues
  • Route protection verification across all pages
  • Auth flow testing for signup, login, and reset paths
Get started with BWORLDS

Keep learning.

Related topics

easiest way to add authenticationdo i need user accounts for my apphow to add authentication to boltbolt app security checklist

Frequently asked questions.

Not yet. Bolt V2 native auth currently supports email/password with verification and leaked password detection. For social login (Google, GitHub, Apple), integrate Supabase Auth or Auth0.

Bolt preview runs in WebContainers in your browser, which cannot handle the server-side operations required for auth (cookies, sessions, email sending). You must deploy to test authentication.

Use native auth if you only need email/password login — it is simpler and built in. Use Supabase Auth if you need social login, magic links, MFA, or if you are already using Supabase for your database.

Yes, but it requires migrating user accounts. It is easier to choose upfront. If you think you will need social login or advanced features, start with Supabase Auth.