Problems with authentication on Supabase – 429 Too Many Requests
After updating our dependencies we suddenly started getting users being signed out, because apparently too many refresh_token requests are being sent.
Our Setup:
- Next.js 15.3
- @supabase/supabase-js 2.50.5
What I could see after adding lots of outputs to several files in the supabase-js library, is that the following happens:
- When user logs in first token is received: 60 seconds life time
- When token expires
- The session is saved to cookies (middleware.ts is in place as the documentation suggests, I've even set it to be exactly as in the docs for testing purposes)
- Session is loaded again to check if it expires soon, but it's not the session that has been stored
- Session expires and another token is requested -> Eventually running into the 429 Too Many Requests
Maybe this rings a bell for somebody, I'd be very grateful for any pointer.
Additional question: Why does the first token expire after just 60 seconds? Is this normal?
Our Setup:
- Next.js 15.3
- @supabase/supabase-js 2.50.5
What I could see after adding lots of outputs to several files in the supabase-js library, is that the following happens:
- When user logs in first token is received: 60 seconds life time
- When token expires
auth/v1/token?grant_type=refresh_token- The session is saved to cookies (middleware.ts is in place as the documentation suggests, I've even set it to be exactly as in the docs for testing purposes)
- Session is loaded again to check if it expires soon, but it's not the session that has been stored
- Session expires and another token is requested -> Eventually running into the 429 Too Many Requests
Maybe this rings a bell for somebody, I'd be very grateful for any pointer.
Additional question: Why does the first token expire after just 60 seconds? Is this normal?
