Confused about expected auth flow in nextjs supabase template
Hey all - I just created a new Supabase project recently with the latest version of the supabase/nextjs template.
I'm a little confused on the setup here. I think older versions of this template used to include an auth callback API route, but this version does not. After running the sign-up flow, i am redirected to the expected page based on
emailRedirectTo , plus the code query parameter
at this point am i expected to implement my own server-side endpoint to do a code exhange? if so, why does the template default to a redirect to /protected (ref1, ref2), which has no code exchange logic?
i could just be missing something - but would like some help haha, thanks!1 Reply
there is also the /auth/confirm route in the template which calls verifyOtp, but that expects a
token_hash param, not code
oh, i think i got it...
the docs mention updating the email template to use the token_hash instead of the default confirmation url here: https://supabase.com/docs/guides/auth/passwords?queryGroups=flow&flow=pkce
looks like it's working now 🙂