powersync-ja
diff --git a/‎images/authentication/supabase-jwt-secret.png‎
71.2 KB b/‎images/authentication/supabase-jwt-secret.png‎
71.2 KB
diff --git a/‎images/authentication/use-supabase-auth.png‎
71.4 KB b/‎images/authentication/use-supabase-auth.png‎
71.4 KB
diff --git a/‎images/installation/create-new-instance.png‎
107 KB b/‎images/installation/create-new-instance.png‎
107 KB
diff --git a/‎images/integration-2.png‎
-17.5 KB b/‎images/integration-2.png‎
-17.5 KB
diff --git a/‎images/integration-4.png‎
-165 KB b/‎images/integration-4.png‎
-165 KB
diff --git a/‎installation/authentication-setup/supabase-auth.mdx‎
Lines changed: 7 additions & 7 deletions b/‎installation/authentication-setup/supabase-auth.mdx‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎self-hosting/appendix/database-connection.mdx‎
Lines changed: 28 additions & 27 deletions b/‎self-hosting/appendix/database-connection.mdx‎
Lines changed: 28 additions & 27 deletions
diff --git a/‎self-hosting/installation/client-side-setup.mdx‎
Lines changed: 2 additions & 1 deletion b/‎self-hosting/installation/client-side-setup.mdx‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎self-hosting/installation/powersync-service-setup.mdx‎
Lines changed: 1 addition & 0 deletions b/‎self-hosting/installation/powersync-service-setup.mdx‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎snippets/create-cloud-instance.mdx‎
Lines changed: 1 addition & 1 deletion b/‎snippets/create-cloud-instance.mdx‎
Lines changed: 1 addition & 1 deletion
@@ -17,14 +17,14 @@ You can implement various types of auth:
    * [Example](https://github.com/powersync-ja/powersync-jwks-example/)
 * Experimental: We've also heard from the community that Supabase's newly released [support for external auth providers works](https://supabase.com/blog/third-party-auth-mfa-phone-send-hooks), but we don't have any examples for this yet.
 
-<Note>
-The "Supabase Auth" setting no longer works for Supabase projects created after 25 November 2024. While we are working with Supabase on a fix, please apply this workaround: https://releases.powersync.com/announcements/important-notice-for-supabase-users-using-supabase-jwts
-</Note>
+To implement either **Supabase Auth** or **Anonymous Sign-Ins**, enable the "Use Supabase Auth" setting on the PowerSync instance, and provide your Supabase JWT Secret. Internally, this setting allows PowerSync to verify and use Supabase JWTs directly using HS256 and the provided secret.
 
-To implement either Supabase Auth or Anonymous Sign-Ins, enable the "Use Supabase Auth" setting on the PowerSync instance. (This is also [covered in the Supabase & PowerSync integration guide](/integration-guides/supabase-+-powersync#configuring-powersync))
+Enabling Supabase Auth is also [covered in the Supabase & PowerSync integration guide](/integration-guides/supabase-+-powersync#configuring-powersync).
 
-Internally, Supabase auth signs the token using HS256, using a secret available as `current_setting('app.settings.jwt_secret')` on the database.
+To rotate the secret, generate a new secret in the your Supabase project's API Settings:
 
-To rotate the secret, generate a new secret in the Supabase project settings. The new secret will be automatically picked up by PowerSync within 5 minutes. In this period, some authentication failures are expected.
+<Frame>
+   <img src="/images/authentication/supabase-jwt-secret.png"/>
+</Frame>
 
-The Supabase user UUID will be available as `token_parameters.user_id`. To use a different identifier as the user ID in sync rules (for example user email), use [Custom authentication](/installation/authentication-setup/custom).
+The Supabase user UUID will be available as `request.user_id()` in Sync Rules. To use a different identifier as the user ID in sync rules (for example user email), use [Custom authentication](/installation/authentication-setup/custom).
@@ -8,33 +8,34 @@ Below, you can find provider-specific instructions to obtain connection details
 
 <AccordionGroup>
   <Accordion title="Supabase">
-1. In your Supabase dashboard, navigate to **"Project Settings"** \-> **"Database" -> "Connection string**" and select the "URI" tab.
-2. Uncheck the "**Display connection pooler**" checkbox. PowerSync needs to connect to the database directly and cannot use the pooler.
-
-<Frame>
-  <img src="/images/self-hosting-3.avif"/>
-</Frame>
-1. Copy the connection string. The hostname should be `db.<PROJECT-ID>.supabase.co`, and not, for example, `aws-0-us-west-1.pooler.supabase.com`.
-2. Paste this URI into the `uri` field under `replication` \> `connections` in your configuration file, for example:
-
-```yaml
-# config.yaml
-
-replication:
-  connections:
-    - type: postgresql
-      uri: postgresql://postgres:[YOUR-PASSWORD]@db.abc.supabase.co:5432/postgres
-```
-
-1. Replace `[YOUR-PASSWORD]` with the password for the `postgres` user in your Supabase database.
-   * Supabase also [refers to this password](https://supabase.com/docs/guides/database/managing-passwords) as the _database password_ or _project password_.
-2. PowerSync has the Supabase CA certificate pre-configured — `verify-full` SSL mode can be used directly, without any custom certificates.
-3. Under `client_auth` enable Supabase Auth:
-
-```yaml
-client_auth:
-  supabase: true
-```
+    1. In your Supabase dashboard, navigate to **"Project Settings"** \-> **"Database" -> "Connection string**" and select the "URI" tab.
+    2. Uncheck the "**Display connection pooler**" checkbox. PowerSync needs to connect to the database directly and cannot use the pooler.
+    <Frame>
+      <img src="/images/self-hosting-3.avif"/>
+    </Frame>
+    3. Copy the connection string. The hostname should be `db.<PROJECT-ID>.supabase.co`, and not, for example, `aws-0-us-west-1.pooler.supabase.com`.
+    4. Paste this URI into the `uri` field under `replication` \> `connections` in your configuration file, for example:
+
+    ```yaml
+    # config.yaml
+
+    replication:
+      connections:
+        - type: postgresql
+          uri: postgresql://postgres:[YOUR-PASSWORD]@db.abc.supabase.co:5432/postgres
+    ```
+
+    5. Replace `[YOUR-PASSWORD]` with the password for the `postgres` user in your Supabase database.
+      * Supabase also [refers to this password](https://supabase.com/docs/guides/database/managing-passwords) as the _database password_ or _project password_.
+    6. PowerSync has the Supabase CA certificate pre-configured — `verify-full` SSL mode can be used directly, without any custom certificates.
+    7. Under `client_auth` enable Supabase Authentication:
+
+    ```yaml
+    client_auth:
+      supabase: true
+      supabase_jwt_secret: [secret]
+    ```
+    For more details, see [Supabase Auth](/installation/authentication-setup/supabase-auth).
   </Accordion>
   <Accordion title="AWS RDS">
 Add your connection details under `replication` \> `connections` in your configuration file.
 
@@ -97,14 +97,15 @@ If you are using Supabase or Firebase authentication, PowerSync can verify JWTs
 
 ### Supabase Auth
 
-Under `client_auth` in your config file, enable `supabase` authentication:
+Under `client_auth` in your config file, enable Supabase authentication:
 
 ```yaml
 # config.yaml
 
 client_auth:
   # Enable this if using Supabase Auth
   supabase: true
+  supabase_jwt_secret: [secret]
 ```
 
 For more details, see [Supabase Auth](/installation/authentication-setup/supabase-auth).
 
@@ -113,6 +113,7 @@ sync_rules:
 client_auth:
   # Enable this if using Supabase Auth
   # supabase: true
+  # supabase_jwt_secret: [secret]
 
   # JWKS URIs can be specified here.
   jwks_uri: http://demo-backend:6060/api/auth/keys
 
@@ -1,7 +1,7 @@
 1. In the [PowerSync Dashboard](/usage/tools/powersync-dashboard) Project tree, click on "**Create new instance**":
 
 <Frame>
-  <img src="/images/integration-2.png" width="60%" />
+  <img src="/images/installation/create-new-instance.png" width="60%" />
 </Frame>
 
 2. Give your instance a name, such as "Testing".