Custom Wallet Auth JWT Tokens Not Recognized by RLS Policies
Issue Summary:
I'm implementing wallet-based authentication (MetaMask) with custom JWTs, but Supabase RLS policies aren't recognizing the authentication context. auth.uid() returns null despite valid JWT tokens being sent in request headers.
Setup:
Custom wallet authentication via Edge Function
JWTs created with project's JWT secret and stored in localStorage
RLS policies using auth.uid() and auth.email()
Supabase client configured with standard auth settings
What's Working:
JWT tokens are generated and stored correctly in localStorage
Tokens are included in API request headers (Authorization: Bearer ...)
Non-RLS protected endpoints work fine
Frontend shows user as authenticated
What's Not Working:
auth.uid() returns null in RLS policies and SQL queries
auth.email() returns null
All RLS-protected queries fail with 403 errors
Investigation Results:
sql-- This returns all nulls despite valid JWT in headers
SELECT auth.uid(), auth.email(), auth.role(), auth.jwt();
Network tab shows Authorization header is present and properly formatted.
Questions:
Do I need to configure the Supabase client differently for custom JWTs?
Should I be using the accessToken function in client config?
Are there specific JWT claims required for auth.uid() to work?
Is there a difference between JWTs from Edge Functions vs built-in Supabase auth?
Tech Stack:
React + TypeScript
Supabase JS v2
Custom wallet authentication
Edge Functions for JWT generation
Any guidance on getting custom wallet auth JWTs to work with RLS would be greatly appreciated!
I'm implementing wallet-based authentication (MetaMask) with custom JWTs, but Supabase RLS policies aren't recognizing the authentication context. auth.uid() returns null despite valid JWT tokens being sent in request headers.
Setup:
Custom wallet authentication via Edge Function
JWTs created with project's JWT secret and stored in localStorage
RLS policies using auth.uid() and auth.email()
Supabase client configured with standard auth settings
What's Working:
JWT tokens are generated and stored correctly in localStorage
Tokens are included in API request headers (Authorization: Bearer ...)
Non-RLS protected endpoints work fine
Frontend shows user as authenticated
What's Not Working:
auth.uid() returns null in RLS policies and SQL queries
auth.email() returns null
All RLS-protected queries fail with 403 errors
Investigation Results:
sql-- This returns all nulls despite valid JWT in headers
SELECT auth.uid(), auth.email(), auth.role(), auth.jwt();
Network tab shows Authorization header is present and properly formatted.
Questions:
Do I need to configure the Supabase client differently for custom JWTs?
Should I be using the accessToken function in client config?
Are there specific JWT claims required for auth.uid() to work?
Is there a difference between JWTs from Edge Functions vs built-in Supabase auth?
Tech Stack:
React + TypeScript
Supabase JS v2
Custom wallet authentication
Edge Functions for JWT generation
Any guidance on getting custom wallet auth JWTs to work with RLS would be greatly appreciated!
