Edge Function JWT Verification Error with ES256 Tokens

edge functions

auth

Hi, I'm getting a 401 "Invalid JWT" error when calling my Edge Function,
even though the token is valid and not expired.

Issue:
- Error: "Invalid JWT" (401)
- Occurs at API Gateway level before my code executes
- Using Edge Functions with ES256 JWT signing keys

Project Setup:
- JWT Signing Keys: Current key type is ECC (P-256)
- Legacy key type: HS256 (Shared Secret)
- Edge Function uses standard Supabase setup

Token Information (sanitized):
Header:
{
"alg": "ES256",
"kid": "[redacted]",
"typ": "JWT"
}

Payload structure:
{
"iss": "https://[project].supabase.co/auth/v1",
"sub": "[user_id]",
"aud": "authenticated",
"exp": [future_timestamp],
"iat": [current_timestamp],
"email": "[redacted]",
"role": "authenticated"
}

What I've tried:

1. Using

supabaseClient.auth.getUser()

supabaseClient.auth.getUser()

in code:

const supabaseClient = createClient(
  Deno.env.get('SUPABASE_URL'),
  Deno.env.get('SUPABASE_ANON_KEY'),
  { global: { headers: { Authorization: req.headers.get('Authorization') } } }
)
const { data: { user }, error } = await supabaseClient.auth.getUser()
// Still returns 401 before reaching this code

const supabaseClient = createClient(
  Deno.env.get('SUPABASE_URL'),
  Deno.env.get('SUPABASE_ANON_KEY'),
  { global: { headers: { Authorization: req.headers.get('Authorization') } } }
)
const { data: { user }, error } = await supabaseClient.auth.getUser()
// Still returns 401 before reaching this code

2. Setting

verify_jwt = false

verify_jwt = false

config.toml

config.toml

[functions.create-user-profile]
verify_jwt = false

[functions.create-user-profile]
verify_jwt = false

3. Tried both

serve

serve

from std library and

Deno.serve

Deno.serve

4. Deployed via both CLI and Dashboard

Question:
Is there a known issue with ES256 token verification in Edge Functions?
Should I switch back to HS256 signing, or is there a configuration I'm missing?

The same tokens work fine with Supabase Auth API endpoints.

Thank you!
```

Edge Function JWT Verification Error with ES256 Tokens

edge functions

auth

supabaseClient.auth.getUser()

supabaseClient.auth.getUser()

in code:

const supabaseClient = createClient(
  Deno.env.get('SUPABASE_URL'),
  Deno.env.get('SUPABASE_ANON_KEY'),
  { global: { headers: { Authorization: req.headers.get('Authorization') } } }
)
const { data: { user }, error } = await supabaseClient.auth.getUser()
// Still returns 401 before reaching this code

const supabaseClient = createClient(
  Deno.env.get('SUPABASE_URL'),
  Deno.env.get('SUPABASE_ANON_KEY'),
  { global: { headers: { Authorization: req.headers.get('Authorization') } } }
)
const { data: { user }, error } = await supabaseClient.auth.getUser()
// Still returns 401 before reaching this code

2. Setting

verify_jwt = false

verify_jwt = false

config.toml

config.toml

[functions.create-user-profile]
verify_jwt = false

[functions.create-user-profile]
verify_jwt = false

3. Tried both

serve

serve

from std library and

Deno.serve

Deno.serve

Edge Function JWT Verification Error with ES256 Tokens

Edge Function JWT Verification Error with ES256 Tokens

Similar Threads

Similar Threads

Similar Threads