jwt malformed with OAuth2 for analytics/endpoints/logs.all

[t0tl]

Seeing {"message":"jwt malformed"} for requests to analytics/endpoints/logs.all using an OAuth2 token.

I am using the same token for creating edge functions and more via the MCP.

Is this endpoint not available for OAuth tokens?

If so, what should I do if I want more than the latest logs for the past 1 minute?

[shiv669]

Hey — I’ve run into this jwt malformed issue before. The thing is, the analytics/endpoints/logs.all endpoint doesn’t work with OAuth2 tokens.

Those tokens are meant for user authentication and have limited scope. The logs endpoint is an internal/admin endpoint that requires elevated permissions.

To fix this, you need to use your service_role key from your Supabase dashboard (Project Settings → API). Make your request with:

Authorization: Bearer <your_service_role_key>

That key gives you full access to logs beyond just the last minute. Just make sure you keep it secure and don’t expose it in frontend code — wrap it in a server-side function or edge function instead.
Hope this helps clear it up!