Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

I am pretty sure its impossible for the /verify endpoint @ supabase  to set the token in LocalStorage for a different Host (where my react app sits). So whats the preferred way to let the user change his initial password (nobody knows) which he got on my inviteUserByEmail call ?

replying to myself: Finally got it. The access_token is part of the 303 redirect from the /verify endpoint and is appended with "#" to the redirect_url

So my invite flow now could be easily handled because when the user cllcks the invite, i will get his access_token in my react app. Just need to parse the URL. Never seen the # after the path though...

After all: no need to even parse the URL fragment manually... supabase-js is doing it for us!