Hosted Supabase Edge JWT issue (verify_jwt=true) with ES256 tokens
edge functions
SolvedAnyone else seeing this on hosted Supabase right now?
I’m on paid tier (Pro), project ref qufxkqzmlojigrrajwhu, and I’m stuck on this:
I sign in, get a user access token
/auth/v1/user with that token returns 200 (so token is valid)
Same token to an Edge Function with verify_jwt=true returns 401 {"code":401,"message":"Invalid JWT"} before function code runs
So Auth accepts the token, Edge gateway rejects it.
I already rotated JWT signing keys (current is ECC P-256), waited for propagation, still same issue.
Sample request IDs:
019c83a6-75df-739f-bb10-134adbc5828e
019c83a2-f636-76c4-b955-aa9e832e362e
Question: is this a known ES256 + verify_jwt=true issue on hosted?
And is the current recommended workaround to set verify_jwt=false and verify token inside the function (auth.getUser(token)) until gateway verification is fixed?
I’m on paid tier (Pro), project ref qufxkqzmlojigrrajwhu, and I’m stuck on this:
I sign in, get a user access token
/auth/v1/user with that token returns 200 (so token is valid)
Same token to an Edge Function with verify_jwt=true returns 401 {"code":401,"message":"Invalid JWT"} before function code runs
So Auth accepts the token, Edge gateway rejects it.
I already rotated JWT signing keys (current is ECC P-256), waited for propagation, still same issue.
Sample request IDs:
019c83a6-75df-739f-bb10-134adbc5828e
019c83a2-f636-76c4-b955-aa9e832e362e
Question: is this a known ES256 + verify_jwt=true issue on hosted?
And is the current recommended workaround to set verify_jwt=false and verify token inside the function (auth.getUser(token)) until gateway verification is fixed?
