Auth Hook and Edge Function not working #38579

BIM-Engine-Team · 2025-09-10T06:03:40Z

BIM-Engine-Team
Sep 10, 2025

Hi! I made an Before-User-Created-Hook that post to my edge function.
When i sign up an account in my app, I got a warning:

Hook requires authorization token,

and in the inspector, i just got this:

LoginPage.tsx:69
POST https://*******.supabase.co/auth/v1/signup?redirect_to=http%3A%2F%2Flocalhost%3A3001%2Fauth%2Fcallback 500 (Internal Server Error)
await in signUp
handleEmailAuth @ LoginPage.tsx:69

I checked the invocations tab in the edge function, and there was a record created of when I clicked sign-up. But there is nothing in the log, although I added several loggin at the beginning of the function.

I also tried to use curl command to trigger the function with ANNO KEY and the HOOK SECRET created with the hook. I could successfully trigger it.

So I don't know where do I look at.

GaryAustin1 · 2025-09-10T13:14:56Z

GaryAustin1
Sep 10, 2025
Maintainer

I think that error means you are not providing the hook call with the secret.
https://supabase.com/docs/guides/auth/auth-hooks/before-user-created-hook?queryGroups=language&language=http
I would check and logout the secret here:

2 replies

BIM-Engine-Team Sep 11, 2025
Author

Hi, Gary. Thanks for the reply!
I copied the edge function code from your example page for to test and configured the BEFORE_USER_CREATED_HOOK_SECRET.
But I'm still getting the Hook requires authorization token warning.

JochnGst Nov 11, 2025

{
"event_message": "POST | 401 | https://jhyigliamtglomqhpxmc.supabase.co/functions/v1/api-hook-second-try",
"id": "35293fff-60a6-483d-ae26-9f9d3b22ffdc",
"metadata": [
{
"deployment_id": "jhysiniamtglomqhpxmc_26b1c695-4151-4abd-bf56-4793796dce5c_3",
"execution_id": null,
"execution_time_ms": 802,
"function_id": "26b1c695-4151-4abd-bf56-4793796dce5c",
"project_ref": "jhysiniamtglomqhpxmc",
"request": [
{
"headers": [
{
"accept": null,
"accept_encoding": "gzip, br",
"connection": "Keep-Alive",
"content_length": "665",
"cookie": null,
"host": "jhysiniamtglomqhpxmc.supabase.co",
"user_agent": "Go-http-client/2.0",
"x_client_info": null
}
],
"host": "jhysiniamtglomqhpxmc.supabase.co",
"method": "POST",
"pathname": "/functions/v1/api-hook-second-try",
"port": null,
"protocol": "https:",
"sb": [],
"search": null,
"url": "https://jhysiniamtglomqhpxmc.supabase.co/functions/v1/api-hook-second-try"
}
],
"response": [
{
"headers": [
{
"content_length": "73",
"content_type": "application/json",
"date": "Tue, 11 Nov 2025 07:26:15 GMT",
"sb_request_id": "019a71ce-e242-76aa-8e4d-95c191c007a2",
"server": "cloudflare",
"vary": "Accept-Encoding",
"x_envoy_upstream_service_time": null,
"x_sb_compute_multiplier": null,
"x_sb_edge_region": "eu-west-1",
"x_sb_resource_multiplier": null,
"x_served_by": "supabase-edge-runtime"
}
],
"status_code": 401
}
],
"version": "3"
}
],
"timestamp": 1762845975908000
}

I can confirm this behavior. The Function will not even be called. I Was not able to to log a single line out of my function

EmmanuelNwafuru · 2025-11-24T08:56:35Z

EmmanuelNwafuru
Nov 24, 2025

I'm also getting the same error. Somehow, the auth hook invokes my edge function's http smoothly, only when I disabled the "Verify JWT with legacy secret" (you can try this). But when enabled, I get the same authorization error.

That's just a test I conducted. The real thing I was trying to achieve was to link my app's api route (http) to the hook instead of the edge function's http. Because that's where the full logic lies.

I'm still on the same boat. No solution yet.

From my observations, I can deduce that supabase auth hook does not an authorization header during the HTTP invocation. It's just an hypothesis, seeing that the feature is still a BETA.

0 replies

kriskw1999 · 2025-11-29T07:00:47Z

kriskw1999
Nov 29, 2025

I was receiving the Hook requires authorization token because I forgotten to substitute the welcome <[email protected]> with my email from the sample. When the hook throws an error, it's re-parsed for the client to Hook requires authorization token even if the error has nothing to do with the auth token issues (in my case resend was silently failing).

Hope this can help someone 🚀

0 replies

darkcreedd · 2025-12-17T15:02:23Z

darkcreedd
Dec 17, 2025

Had the same issue
Edge functions when created have "Verify JWT with legacy secret" turned on and this for some reasons not known to me yet prevents the edge function from being invoked successfully by the auth hook.
Go to to Edge function, under the Details Tab of the function toggle off "Verify JWT with legacy secret"
This is what fixed my issue so good luck trying out too.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Supabase

Auth Hook and Edge Function not working #38579

Uh oh!

{{title}}

Uh oh!

Replies: 4 comments 2 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Select a reply

Uh oh!

Supabase

Auth Hook and Edge Function not working #38579

Uh oh!

BIM-Engine-Team Sep 10, 2025

Replies: 4 comments · 2 replies

Uh oh!

GaryAustin1 Sep 10, 2025 Maintainer

Uh oh!

BIM-Engine-Team Sep 11, 2025 Author

Uh oh!

JochnGst Nov 11, 2025

Uh oh!

Uh oh!

EmmanuelNwafuru Nov 24, 2025

Uh oh!

kriskw1999 Nov 29, 2025

Uh oh!

Uh oh!

darkcreedd Dec 17, 2025

BIM-Engine-Team
Sep 10, 2025

Replies: 4 comments 2 replies

GaryAustin1
Sep 10, 2025
Maintainer

BIM-Engine-Team Sep 11, 2025
Author

EmmanuelNwafuru
Nov 24, 2025

kriskw1999
Nov 29, 2025

darkcreedd
Dec 17, 2025