pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity
Files
d98b0da410e3621796eec0c112660f03af55f441
nuzlocke-tracker/.beans/nuzlocke-tracker-eg7j--fix-jwt-verification-failing-in-local-dev-hs256-fa.md
Julian Tabel af55cdd8a6
All checks were successful
CI / backend-tests (pull_request) Successful in 29s
Details
CI / frontend-tests (pull_request) Successful in 29s
Details
fix: add HS256 fallback for JWT verification in local dev 
Local GoTrue signs JWTs with HS256, but the JWKS endpoint returns an
empty key set since there are no RSA keys. Fall back to HS256 shared
secret verification when JWKS fails, using SUPABASE_JWT_SECRET.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 09:38:52 +01:00

432 B
Raw Blame History

title, status, type, created_at, updated_at
title status type created_at updated_at
Fix JWT verification failing in local dev (HS256 fallback) in-progress bug 2026-03-22T08:37:18Z 2026-03-22T08:37:18Z

Local GoTrue signs JWTs with HS256, but the JWKS migration only supports RS256. The JWKS endpoint returns empty keys locally, causing 500 errors on all authenticated endpoints. Add HS256 fallback using SUPABASE_JWT_SECRET for local dev.

Reference in New Issue View Git Blame Copy Permalink