How to generate JWT_SECRET?
Use your JWT_SECRET to generate a anon and service API keys using the JWT generator. (Mentioned in https://supabase.com/docs/guides/hosting/docker)
Where can I generate this JWT secret?
11 Replies
I think this still applies... https://github.com/supabase/supabase-js/issues/25#issuecomment-1019935888
secret is:
secret is:
your-super-secret-jwt-token-with-at-least-32-characters-longGitHub
How to set/get the JWT secret? · Issue #25 · supabase/supabase-js
Question Is there a way to get or set the secret used to sign the JWT access tokens? My use case is to use the Supabase-generated tokens for authorization in other micro-services, so having the sec...
GitHub
supabase/.env.example at master · supabase/supabase
The open source Firebase alternative. Follow to stay updated about our public Beta. - supabase/.env.example at master · supabase/supabase
So for security I have to change super-secret-jwt-token-with-at-least-32-characters-long to a unique 32 length jwt?
If yes where can I generate one?
in jwt format
The secret is just a 32 character string, it is set by default to the string mentioned above.
super-secret-jwt-token-with-at-least-32-characters-long
Is a not a valid jwt then how does it work correctly as the expecting value is a jwt?
If you are asking what the jwt should like (the claims):
https://supabase.com/docs/learn/auth-deep-dive/jwts#jwts-in-supabase
There are anon and service_role jwt keys. They are encoded using the jwt secret string with an jwt encoder.
Can u provide me a sample value for JWT_SECRET other than super-secret-jwt-token-with-at-least-32-characters-long
This will help me resolve my problem
It is just a string. It is not a jwt. So "abcdefghijklmnopqrstuvwxyz123456789" would work.
Thanks
I see the link actually goes to a jwt encoder now, so dropping what was here.