Problems with authentication on Supabase – 429 Too Many Requests

After updating our dependencies we suddenly started getting users being signed out, because apparently too many refresh_token requests are being sent.

Our Setup:

Next.js 15.3
@supabase/supabase-js 2.50.5

What I could see after adding lots of outputs to several files in the supabase-js library, is that the following happens:

When user logs in first token is received: 60 seconds life time
When token expires
```
auth/v1/token?grant_type=refresh_token
```
auth/v1/token?grant_type=refresh_token
```
auth/v1/token?grant_type=refresh_token
```
auth/v1/token?grant_type=refresh_token
is sent and comes back with a 200
The session is saved to cookies (middleware.ts is in place as the documentation suggests, I've even set it to be exactly as in the docs for testing purposes)
Session is loaded again to check if it expires soon, but it's not the session that has been stored
Session expires and another token is requested -> Eventually running into the 429 Too Many Requests

Maybe this rings a bell for somebody, I'd be very grateful for any pointer.

Additional question: Why does the first token expire after just 60 seconds? Is this normal?

Problems with authentication on Supabase – 429 Too Many Requests

Similar Threads

Similar Threads

Similar Threads