Issue with Realtime Subscription and RLS Using Clerk Authentication

I’m running into a 401 Unauthorized issue while trying to set up a realtime subscription for a table in my Supabase database. Here’s my setup:
• I have Row-Level Security (RLS) enabled on my

objects

objects

table in the public schema, with a policy allowing only authenticated users to access rows where user_id matches the user’s ID (from Clerk) using

requesting_user_id()=user_id

requesting_user_id()=user_id

, with

requesting_user_id()

requesting_user_id()

is a Supabase function to extract the user_id included in the request to the database, and

user_id

user_id

is the column in the table

objects

objects

to indicate who owns what object.
• I’m using Clerk for authentication and passing the token generated from Clerk’s JWT template in the Authorization header when initializing the Supabase client.
• The subscription is created on the client side using Supabase’s realtime feature to listen for changes in the objects table.

I've attached the policies I’ve set on the objects table and the code where I’m setting up the Supabase client and real-time subscription in the images.

Despite this, I’m still getting a 401 Unauthorized error when attempting to subscribe to changes (image attached).

What I’ve checked:
• The Clerk JWT template is correctly set up to include user_id.
• The token is being fetched correctly and passed in the Authorization header.
• The RLS policy seems to match the requirements

Is there anything I might be missing? Any insights or tips on how to resolve this would be greatly appreciated!

Supabase•14mo ago•

5 replies

Michael Do (Anfin W22)

Issue with Realtime Subscription and RLS Using Clerk Authentication

I’m running into a 401 Unauthorized issue while trying to set up a realtime subscription for a table in my Supabase database. Here’s my setup:
• I have Row-Level Security (RLS) enabled on my