Supabase
Replies: 2 comments
-
|
happening to me too.. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Any workaround here ? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Issue:
Attempting to fetch the JWKS endpoint via backend code (Python requests) or curl consistently returns a 404 Not Found, even when the required apikey header (using the project's public anon key) is provided. This prevents backend JWT validation.
Contradictory Browser Behavior:
Accessing the exact same /auth/v1/jwks URL directly in a browser returns {"message":"No API key found...","hint":"No \apikey
request header or url param was found."}. This suggests the path exists and is reachable by the browser but is gated by the missing API key.Test Details:
Backend/Curl Request (Fails):
URL: https://rbalehkqmqlbdqlyuppe.supabase.co/auth/v1/jwks
Method: GET
Headers:
apikey: <YOUR_PROJECT_ANON_KEY> #this has been double checked and is correct
(Also tested adding a browser User-Agent header with curl)
Result: Consistent HTTP 404 Not Found.
Browser Request (Different Result):
URL: https://rbalehkqmqlbdqlyuppe.supabase.co/auth/v1/jwks
Method: GET (no custom headers)
Result: JSON response {"message":"No API key found..."}
Question:
Why does the /auth/v1/jwks endpoint return 404 Not Found for curl and Python requests when the correct apikey header is included, but return a different response ("No API key found") indicating the path exists when accessed via a standard browser? Is there specific filtering or routing affecting non-browser clients for this endpoint on project rbalehkqmqlbdqlyuppe?
Beta Was this translation helpful? Give feedback.
All reactions