New Publishable API Keys vs. Legacy Anon Key
Hi Everyone
I have a web-app built that allows for certain authorized back-end users to write and insert directly into a certain supabase table.
Everything was working fine until yesterday, when I generated one of the new "publishable API keys".
- Not only did a simple copy-paste of the new API key into my .env file not work, but it also seems like it "broke" the "Legacy Public Anon Key" that was working correctly every day before then.
- Now no one is able to work with Supabase that isn't me (big problem)
I'm not sure what I might've missed in the support documents, but nothing seems to be helping.
An guidance is greatly appreciated.
26 Replies
Unless you disabled the legacy keys they should still work.
What does not work mean?
whenever someone else tries to write to supabase they get an "invalid api key" error. brand new error, never happened before until the switch
Probably going to have to provide more detail on the createClient and call. Did you disable the old keys?
Many are using these, I've enabled them and can swap anon and the publishable key interchangeably.
You might check the anon key in the dashboard matches the anon key in your app.
i'm not sure what I might've did wrong, i'm sure i missed something somewhere, i'm non-technical
i don't think I disabled the old keys, at least I'm sure I didn't click anything that said "disable" or "delete", just created the new ones. I copy-pasted the new one and started receiving the error., it's really that simple.
I don't even know how many times at this point I've read every character of the keys, tried deleting, copy pasting again. not really sure what i broke
Pardon the interruption @EE but are you the one who posted a few hours ago in the Supabase discussion on github? I'm thinking not, but wanted to double-check.
So you are NOT using the old key anymore or you are using and it is failing?
If this is failing on the new API key then you need to narrow down where the error is occurring. For instance there are side impacts on edge functions.
yes it was, just casting a wide net as a non-pro user
correct:
- It's failing on the new api key. I had Gemini CLI run a bunch of debugging (couldn't tell you what it did exactly, but every variation of a debug it tried, it kept coming back with essentially "everything with the code is fine, API key is invalid"
- I'm not using the legacy key, I never clicked that "disable" button. Maybe that's it? Am I supposed to disable the legacy AP key for the new publishable one to work?
No don't disable them at this point.
I don't know if your other post has more info as you did not link it.
Really need to know what specific call is failing.
Check in the API gateway log to see if your publishable key is correct...
hi, i am trying to use my api key but the site i am using is asking for Auth Header Key. what is the correct one for Supabase please?
Please ask a new question.
sir?
Start a new topic, your question is not related to this one.
oh, I'm so sorry, wsa just loking for an active chat to quickly ask cos it was urgent
That is not how it works here. I'm trying to help this user right now.
initial client creation call. happening at the very beginning when trying to connect to supabase
yeah i know, will create a new one now, so sorry for the intrusion
@EE try the API log and see if the key makes it there.
checking, log screen s loading
ok, looks like nothing made it to the api gateway log at all
assuming logs > API gateway is the right place to be looking
Yes.
Seems like your key is not correct or your URL is to a different instance.
i swear I'm not crazy or trying to waste your time. I can't for the life of my find any difference between what my url or key is, and what i have in the codebase. any ideas on a way i might be able to debug this differently?
Can you see your network requests?
Can you temporarily put back in the anon key?
if that means can I verify my network is connecting to make the call, then yes
and yes, i've tried a few time since I sat back down to swap back in the legacy anon key to no avail. same error
kind of at a loss right now I don't know what i did wrong
If you can see the network calls you could compare the apikey and authorization header being sent to your instance and also the url is going to this instance.
yeah i'm not sure what's going on. everything looks fine. i also went back to an old github branch and re-ran it: entire workflow went through normally. bizarre.
something must've got out of whack in this new branch i was working in for some reason.
- if you have any ideas about debugging that i'd appreciate it
either way thanks for all the time and guidance today