19 Replies
Provide more context.
You have edge functions tagged but mention new users.
What operation is failing?
Any details in the Postgres or Auth logs?
What is the status of your instance (Home project page top right)?
The status is connected. Operation failing is my website, my new users are trying to create a sign up and keep receiving an "invalid account creation" error. The supabase AI said its a 401 error (not 503). Suggest this repair :- Result: 401
1. curl with headers (works)
- Client/anon: curl -i https://vbmyfnhjnkctaspvgddv.supabase.co/auth/v1/health
-H "apikey: [ANON_KEY]"
-H "Authorization: Bearer [ANON_KEY]"
- Server/service: curl -i https://vbmyfnhjnkctaspvgddv.supabase.co/auth/v1/health
-H "apikey: [SERVICE_ROLE_KEY]"
-H "Authorization: Bearer [SERVICE_ROLE_KEY]"
1. supabase-js (expected to handle headers)
- createClient('https://vbmyfnhjnkctaspvgddv.supabase.co', '[ANON_KEY]');
- supabase.auth.getSession() intermittently fails in my app context with 401 [if applicable; otherwise remove].
Expected
- /auth/v1/health should return 200 when called with valid API key headers; client library calls should succeed when initialized with the anon key.
Actual
- 401 responses with “no API Key found” when headers are missing (browser probe) and intermittent 401s in app [if applicable].
Emailed suppory and the return email said the will address Pro and Premiere plans. I have a Pro plan but have not gotten a response
Any useful information in Gateway API logs, Auth logs?
Recent logs
- API log (last minute at time of issue): GET | 401 | 24.154.143.17 | 981c1a8638ef1438 | https://vbmyfnhjnkctaspvgddv.supabase.co/auth/v1/health | Mozilla/5.0 ... Chrome/138.0.0.0 timestamp: 1758316580847000
Where would I find additional info?
Found this:"Unauthorized webhook request - invalid or missing authorization token\n"
Did that have an error?
There is also detail attached to each log entry.
If auth then also check the Auth log.
And are you sure this is all green?
Are you using Auth webhooks?
Hold on
So when I first went to that "Project Status" was yellow and Realtime and edge functions were grayed out. Its all in green now!
Auth logs says, signup: 500 hook requires authorization token
And are you using an auth webhook?
I think that error comes if this type of code is wrong or does not have a value.
That is an edge function example for one of the webhooks I just grabbed to show where I've seen a user get that type of error before.
AI is telling me i should do this: Configuration: Should be set in your Supabase Auth webhook settings with the Authorization header Bearer YOUR_ACTUAL_TOKEN_VALUE but when I did it it said that I entered it wrong by literally entering "Beare YOUR_ACTUAL_TOKEN_VALUE. I have no idea what I am doing but my site is live and no one can use this certain feature.
What is the value?
rick my guy if you trust me hop into hangout
I don't use auth webhooks.
The guide you used to generate the auth hook should show you where that comes from or if it gets set up for you.
First image shows one of the guides if you are using an edge function or http endpoint and setting the secret for edge functions. The 2nd image shows generating the token needed.
nvm gary got you right!
those secrets should never be seen by anyone arguably for safety. and you should guard them with your life.
sometimes reading the docs can be miles better than following an AI! often with these config steps you're copy pasting keys like this, and your Ai can't get those keys no matter what.
How do I get in hangout and whats the trust part?
Looks like you are in hangout. A user has offered to help if they can.
Do not share your API keys or hook keys, or give access to your dashboard to someone you don't know and have some sort of relationship with.
Okay
trust would be not to share the full API key
exactly.
I am in hangout now
Let me see if I can pop in one sec