before_user_created auth hook not working as documented
I am trying to implement the before_user_created auth hook, but even the example from the docs doesn’t work as advertised. Rather than returning an error with the specified code and message, it returns a 500 with a message of “Invalid payload sent to hook”.
Are the docs out of data? Can I find the correct schema for the response payload anywhere?
12 Replies
how are you doing this hook, SQL or HTTP?
HTTP hook
I’m using the http example from https://supabase.com/docs/guides/auth/auth-hooks/before-user-created-hook?queryGroups=language&language=http
Before User Created Hook | Supabase Docs
Prevent unwanted signups by inspecting and rejecting user creation requests
and i'm assuming you went Authentication -> hooks -> add a new hook
does it point to an edge function?
I’m testing locally, so I added the hook to config.toml as described in the docs. And yes, it’s pointing to an edge function
I’ve verified that
- the edge function is being called
- the webhook payload and headers are validated correctly
- the hook is returning the correct payload and headers
so is the 500 error coming after the edge function is called not within the edge function?
The 500 is coming from the auth endpoint
i'm looking at https://supabase.com/docs/guides/auth/auth-hooks?queryGroups=language&language=http and i can;t see the before_user_created as being on of the hooks that you can do locally?
Auth Hooks | Supabase Docs
Use HTTP or Postgres Functions to customize your authentication flow
I assumed it was out of date documentation
The hook is certainly being called locally
The behaviour is the same on our development instance
okay, i have deployed the edge function locally and i am also getting a 500 error but i'm not sure if the issue is related to the before_user_created to hook (specifically).
If you haven't already i would file a ticket about this but i would also check if you turn off your hook from config.toml can you create a user via the dashboard still or do you get the 500 error still. Also do you have any other triggers?
That’s my only trigger. Removing the hook from config.toml (and running supabase stop/start) does let me create users again.
Hello, I'm having the same issue, but not in the same exact circumstances
I'm also using the before_user_created auth hook, my local API (accessible online with ngrok) is being call during user creation. I can see that supabase is reaching my API, my API is responding with what Supabase is waiting for, and if I wan't to reject the account creation, I response with
return response
.status(400)
.set('Content-Type', 'application/json')
.json({
error: {
message: 'Signups from this email domain are not allowed.',
http_code: 400,
},
});
But receiving the same error as @Entropei ...
Do you have any news about this issue ?
If I anwser HTTP 200, with empty body, the account creation proceeds, but with HTTP400 and JSON body {
error: {
message: 'Signups from this email domain are not allowed.',
http_code: 400,
},
}
Receiving this error
{"code":"unexpected_failure","message":"Invalid payload sent to hook"}
From .....supabase.co/auth/v1/otp?...