SupabaseS
Supabase3mo ago
Junaid Rasheed

Need help setting up Auth0

Hey guys, I need help understanding the way supabase recommends adding auth0. As a third party provider.

In my application (Supabase + Nuxt) my user logs in successfully, but for some reason Supabase's auth.jwt() doesn't return the sub. Hence I am unable to verify the user. I need help figuring out what I am missing.

In my usecase I am mostly using Supabase Client on the backend side only. So here is the code for it

export function serverSupabaseAuth0<T = Database>(event: H3Event) {
  const config = useRuntimeConfig();

  const authHeader = getHeader(event, 'authorization') || '';

  return createClient<T>(
    config.public.supabaseUrl,
    config.public.supabaseAnonKey,
    {
      global: {
        headers: {
          Authorization: authHeader, // Auth0 token → RLS respected
        },
      },
      auth: {
        autoRefreshToken: false,
        persistSession: false,
        detectSessionInUrl: false,
      },
    }
  ) as any;
}


The authorization header is the accessToken being returned by the Auth0.

Here is one of my RLS policies which are failing

alter policy "Only user can insert"
on "public"."tags"
to authenticated
with check (
  (is_auth0_authenticated() AND (created_by = current_user_uuid()))
);


is_auth0_authenticated: 
SELECT (auth.jwt() ->> 'https://tiemessenger.com/role') = 'authenticated';


current_user_uuid:
  SELECT ai.user_uuid
  FROM public.auth_identities ai
  WHERE ai.auth_provider = 'auth0'
    AND ai.provider_subject = (auth.jwt() ->> 'sub');
Was this page helpful?