BUILT INTO EVERY GOODSPEED APP
Supabase Auth with PKCE + SecureStore
Auth tokens are stored in the device keychain via ExpoSecureStore and the PKCE flow is pre-wired, so sessions survive app restarts without storing credentials in AsyncStorage.
- Tier: Core
- Status: Static
- Always enabled
WHY IT MATTERS
Most mobile app projects spend weeks plumbing the same infrastructure before writing a single line of product code. Supabase Auth with PKCE + SecureStore is one of those cross-cutting concerns that every app eventually needs but almost none get right the first time. Permissions are handled incorrectly, tokens expire silently, or the feature breaks after an OS update nobody tested against.
Goodspeed solves this by shipping supabase auth with pkce + securestore as a production-grade, tested implementation inside every generated app. The code follows the patterns in the GAS template - the same 246-feature catalog that powers every app we build. Included in every generated app with no configuration required. You own the code from day one, can read every line, and can hire any React Native developer to extend it. The build pipeline verifies the feature compiles and routes resolve before the app lands in your repository, so you are not the one catching the integration error at 2 am before launch.
HOW IT IS WIRED
Real code from the GAS template
The excerpt below is lifted verbatim from gas.config.ts in the gas-template repository. This is the code your generated app gets, not pseudocode, not a description of intent.
// Enable this feature in gas.config.ts
export const gasConfig = {
features: {
// Set the relevant flag to true to enable
},
};Source: goodspeed-apps/gas-template → gas.config.ts
HONEST LIMITS
When Supabase Auth with PKCE + SecureStore is the wrong choice
Apps that need a fully custom identity provider (e.g., enterprise SSO via SAML) will need to replace this layer rather than extend it.
Tier: Core · Static
Evaluate your use case
Check whether supabase auth with pkce + securestore aligns with your target audience, platform constraints, and regulatory environment before enabling it.
Audit the config
This feature is always enabled. If you need to disable it, remove the corresponding template files after generation.
Seek alternatives
If the built-in implementation does not fit, the generated codebase is standard React Native + Expo code. Any library in the Expo ecosystem can replace the default.
APPS USING THIS FEATURE
Every generated Goodspeed app includes supabase auth with pkce + securestore. Browse the ideas catalog to see apps across all categories that ship with this feature wired in.
CAPABILITIES
Supabase Auth with PKCE + SecureStore capability breakdown
Concrete dimensions of what the built-in supabase auth with pkce + securestore implementation covers. These reflect the actual template code, not a marketing summary.
| Item | Description | Strength |
|---|---|---|
| Storage backend | Data for this feature is managed by Expo SecureStore (device keychain/keystore). | Expo SecureStore (device keychain/keystore) |
| Network mode | This feature operates in Online-only mode. | Online-only |
| Sync frequency | Data syncs On-write + on-foreground. | On-write + on-foreground |
| Tier | Core feature — included in every app. | Core |
| Template status | Works out of the box with no config changes. | Static |
GET IT BUILT INTO YOUR APP