Edge function giving 401 response after migrating to JWT Signing Keys

I tried running this simple edge function, but I am getting 401 error edge function:

js Deno.serve(async (req)=>{
  return new Response(JSON.stringify({
    test: 'Hello World'
  }), {
    headers: {
      "Content-Type": "application/json"
    }
  });
});

js Deno.serve(async (req)=>{
  return new Response(JSON.stringify({
    test: 'Hello World'
  }), {
    headers: {
      "Content-Type": "application/json"
    }
  });
});

6 Replies

garyaustin•3w ago

You have to turn off JWT verification with the new keys. https://supabase.com/docs/guides/api/api-keys#known-limitations-and-compatibility-differences

LimeOP•3w ago

thanks, so the edge function now works. another question, since i disabled verify jwt with legacy secret, does that mean supabase will be verifying using jwt signing keys or does it mean supabase isnt verifying the key at all?

garyaustin•3w ago

You will need to verify the authorization header if you do not just pass it on to supabase-js call.

LimeOP•3w ago

so if i am using supabase auth i could just leave the edge function call code as it is and supabase would handle all the security like it used to with the old jwt flow? for example, theres nothing i need to modify here, supabase will authenticate?

const { data, error } = await supabase.functions.invoke("test", {
      body: { test:"test" },
    });

const { data, error } = await supabase.functions.invoke("test", {
      body: { test:"test" },
    });

garyaustin•3w ago

Because of this backward compatibility it would pass your SB token on to the REST server which knows to convert it to anon or service role jwt.

garyaustin•3w ago

This thread might have more from users dealing with it https://github.com/orgs/supabase/discussions/29260 I'm not really up to speed on it.

Gaming

Programming

Edge function giving 401 response after migrating to JWT Signing Keys

Did you find this page helpful?