Signup from API: 401: invalid claim: missing sub claim

I'm running a NextJS server to sell products. When my user buys a product with Stripe, I have a webhook which receives the payment info and client info (email + name).

I want to sign the user up and send them a magic link after they make a purchase. From what I can see, this has to happen from within my webhook code.

I'm doing:

  const supabase = new SupabaseClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL,
    process.env.SUPABASE_SERVICE_ROLE_KEY
  );

        await supabase.auth.signInWithOtp({
          email,
          options: {
            shouldCreateUser: true,
            emailRedirectTo: redirectURL,
          },
        });

  const supabase = new SupabaseClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL,
    process.env.SUPABASE_SERVICE_ROLE_KEY
  );

        await supabase.auth.signInWithOtp({
          email,
          options: {
            shouldCreateUser: true,
            emailRedirectTo: redirectURL,
          },
        });

  const supabase = new SupabaseClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL,
    process.env.SUPABASE_SERVICE_ROLE_KEY
  );

        await supabase.auth.signInWithOtp({
          email,
          options: {
            shouldCreateUser: true,
            emailRedirectTo: redirectURL,
          },
        });

  const supabase = new SupabaseClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL,
    process.env.SUPABASE_SERVICE_ROLE_KEY
  );

        await supabase.auth.signInWithOtp({
          email,
          options: {
            shouldCreateUser: true,
            emailRedirectTo: redirectURL,
          },
        });

This works fine and the link successfully goes to the user's email. HOWEVER, when the user clicks the link, my callback handler does:

const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");

const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");

const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");

const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");

there is NO code sent from Supabase, it's null. When I sign up a user from the client side of the website then the code works fine.

I also see this error in my supabase logs:

{"component":"api","error":"401: invalid claim: missing sub claim","level":"info","method":"GET","msg":"401: invalid claim: missing sub claim","path":"/user","referer":"http://localhost:3000/","remote_addr":"180.150.37.140","time":"2024-01-12T00:54:59Z","timestamp":"2024-01-12T00:54:59Z"}

{"component":"api","error":"401: invalid claim: missing sub claim","level":"info","method":"GET","msg":"401: invalid claim: missing sub claim","path":"/user","referer":"http://localhost:3000/","remote_addr":"180.150.37.140","time":"2024-01-12T00:54:59Z","timestamp":"2024-01-12T00:54:59Z"}

{"component":"api","error":"401: invalid claim: missing sub claim","level":"info","method":"GET","msg":"401: invalid claim: missing sub claim","path":"/user","referer":"http://localhost:3000/","remote_addr":"180.150.37.140","time":"2024-01-12T00:54:59Z","timestamp":"2024-01-12T00:54:59Z"}

{"component":"api","error":"401: invalid claim: missing sub claim","level":"info","method":"GET","msg":"401: invalid claim: missing sub claim","path":"/user","referer":"http://localhost:3000/","remote_addr":"180.150.37.140","time":"2024-01-12T00:54:59Z","timestamp":"2024-01-12T00:54:59Z"}

Signup from API: 401: invalid claim: missing sub claim

Similar Threads

Similar Threads

Similar Threads