This guide details how to migrate your Users and Data from Supabase to Firebase.
-
Install Dependencies:
npm install pg firebase-admin @supabase/supabase-js
-
Configuration: The scripts rely on
firebase-service.json(for Firebase) andsupabase-service.json(for Supabase).-
Step 2.1:
supabase-service.json(For Supabase)- Create
supabase-service.jsonin the root directory if it doesn't exist. - File Content:
{ "dbHost": "db.cvymjejszmjvfnvzadie.supabase.co", "dbUser": "postgres", "dbPassword": "YOUR_DB_PASSWORD_HERE", "dbPort": 5432, "projectUrl": "https://cvymjejszmjvfnvzadie.supabase.co", "serviceRoleKey": "YOUR_SERVICE_ROLE_KEY_HERE" } - Where to find these values:
- Go to your Supabase Dashboard and select your project.
- dbHost: Settings > Database > Connection parameters > Host.
- dbUser: Settings > Database > Connection parameters > User (default is
postgres). - dbPassword: The password you set when creating the project. If you forgot it, reset it in Settings > Database > Reset Database Password.
- dbPort: Settings > Database > Connection parameters > Port (default is
5432or6543). Use5432for direct connection. - projectUrl: Settings > API > Project URL.
- serviceRoleKey: Settings > API > Project API keys >
service_role(Reveal it). Keep this secret!
- Create
-
Step 2.2:
firebase-service.json- The scripts expect a
firebase-service.jsonfile in the root. - Generate this file:
- Go to the Firebase Console.
- Create a new project if you haven't done so (or select an existing one).
- Navigate to Project Settings (click the gear icon ⚙️ in the top left).
- Go to the Service accounts tab.
- Click Generate new private key.
- Rename the downloaded file to
firebase-service.jsonand place it in your project root. Crucial: This key must match the project you are importing into.
- The scripts expect a
-
- Prerequisite: Enable Authentication
- Go to Authentication > Get started in the Firebase Console.
- Go to the Sign-in method tab.
- Click Email/Password and Enable it. Assume you have the same Auth provider enabled in Supabase. Why? The import script creates the user records, but your app won't be able to log them in unless the Email/Password provider is actually enabled.
We will export users from Supabase, preserving their Bcrypt password hashes, and import them into Firebase.
Supabase uses standard Bcrypt hashing. We must query the auth.users table directly to get these hashes.
node migration_tool/auth/export_supabase_auth.jsOutput: migration_tool/auth/supabase_users.json
Import the users into Firebase Authentication. This script tells Firebase to interpret the hashes as Bcrypt.
node migration_tool/auth/import_firebase_auth.jsResult: Users are created in Firebase with their same UIDs and passwords.
We will export tables from Supabase and import them into Firestore collections.
Export data from Supabase tables (e.g., todos) to JSON.
node migration_tool/firestore/export_supabase_data.jsOutput: migration_tool/firestore/todos_export.json
- Prerequisite: Create Database
Before importing, ensure Firestore is provisioned:
-
Option A (CLI - Preferred): Run
firebase init firestore(select your project), thenfirebase deploy --only firestore.[!WARNING] Do not skip
firebase init! Do not attempt to manually createfirebase.jsonor.firebaserc. The CLI initialization sets up crucial project links and authentication states that are required for the migration scripts to work correctly. -
Option B (Console): If CLI fails or you prefer the UI, go to Firestore Database > Create database. Select a region (e.g.,
nam5) and start in Production mode.
-
Import the JSON data into Firestore.
- IDs: We preserve the Supabase UUIDs as the Firestore Document IDs.
- User References: Since we migrated users with their keys intact,
uidfields in your data will automatically match the imported users in Firebase! No ID mapping required.
node migration_tool/firestore/import_firebase_data.jsUpdate your frontend application (index.html, app.js) to use the Firebase SDK instead of Supabase. Replace Supabase client initialization, Auth, and Database calls with Firebase equivalents.
Tip
Automate this with MCP: If you are using an AI agent with the Firebase MCP Server, you can simply ask it to "fetch my firebase config and update app.js". The agent can retrieve your API keys directly from the project and inject them for you, skipping manual console lookups.
- Firebase Console: Check Authentication users and Firestore data to ensure everything was imported correctly.
- Security Rules:
- The
firestore.rulesfile in your project defines your database security. - Deploy Rules: Run
firebase deploy --only firestore:rulesto deploy the rules from your local file. - Example (Secure User Data):
rules_version = '2'; service cloud.firestore { match /databases/{database}/documents { match /todos/{document} { // Ensure user_id matches the authenticated user allow create: if request.auth != null && request.resource.data.user_id == request.auth.uid; allow read, update, delete: if request.auth != null && resource.data.user_id == request.auth.uid; } } }
- Important: Use these rules to ensure users can ONLY access their own data.
- Note: When using these rules, your client queries MUST includes a filter for
user_id.// App code must match rules: const q = query( collection(db, "todos"), where("user_id", "==", auth.currentUser.uid) );
- The
- Test Application:
- Launch your app.
- Sign In: Try logging in with a migrated user (e.g.,
test@example.com) using their original password. It should work immediately. - Check Data: Verify that their data (e.g., todo items) loads correctly.