SupabaseS
Supabase2y ago
Akuze

How to verify JWT on Edge Functions

I'm working on a Shopify app that calls an edge function when a button is clicked. I am currently sending the anon key in the Authentication header, and I can pick that up on the edge function.

However, when I try to verify the JWT, I receive an error that it is not base64encoded. My function looks like this:

async function verifyJWT(jwt: string): Promise<boolean> {
  const encoder = new TextEncoder();
  const secretKey = encoder.encode(JWT_SECRET);
  try {
    await jose.jwtVerify(jwt, secretKey);
  } catch (err) {
    console.error(err);
    return false;
  }
  return true;
}


I have pulled in JWT_SECRET from my supabase secrets and verified that this, and other variables are coming through correctly.

I'm new to JWT and not sure if I am doing the right steps. I want to enable JWT on the edge function to make it more secure, but have currently been unable to accept and process the JWT properly.

If anyone could help me by providing a real-world example of this in an edge function, or explaining what I might be doing wrong, it would be much appreciated.

Thanks
Was this page helpful?