powersync-ja
diff --git a/‎images/authentication/supabase-jwt-secret.png‎
71.2 KB b/‎images/authentication/supabase-jwt-secret.png‎
71.2 KB
diff --git a/‎images/authentication/use-supabase-auth.png‎
71.4 KB b/‎images/authentication/use-supabase-auth.png‎
71.4 KB
diff --git a/‎images/installation/create-new-instance.png‎
107 KB b/‎images/installation/create-new-instance.png‎
107 KB
diff --git a/‎images/integration-2.png‎
-17.5 KB b/‎images/integration-2.png‎
-17.5 KB
diff --git a/‎images/integration-4.png‎
-165 KB b/‎images/integration-4.png‎
-165 KB
diff --git a/‎installation/authentication-setup/supabase-auth.mdx‎
Lines changed: 7 additions & 7 deletions b/‎installation/authentication-setup/supabase-auth.mdx‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎self-hosting/installation/powersync-service-setup.mdx‎
Lines changed: 1 addition & 0 deletions b/‎self-hosting/installation/powersync-service-setup.mdx‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎snippets/create-cloud-instance.mdx‎
Lines changed: 1 addition & 1 deletion b/‎snippets/create-cloud-instance.mdx‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎snippets/supabase-database-connection.mdx‎
Lines changed: 4 additions & 8 deletions b/‎snippets/supabase-database-connection.mdx‎
Lines changed: 4 additions & 8 deletions
@@ -17,14 +17,14 @@ You can implement various types of auth:
    * [Example](https://github.com/powersync-ja/powersync-jwks-example/)
 * Experimental: We've also heard from the community that Supabase's newly released [support for external auth providers works](https://supabase.com/blog/third-party-auth-mfa-phone-send-hooks), but we don't have any examples for this yet.
 
-<Note>
-The "Supabase Auth" setting no longer works for Supabase projects created after 25 November 2024. While we are working with Supabase on a fix, please apply this workaround: https://releases.powersync.com/announcements/important-notice-for-supabase-users-using-supabase-jwts
-</Note>
+To implement either **Supabase Auth** or **Anonymous Sign-Ins**, enable the "Use Supabase Auth" setting on the PowerSync instance, and provide your Supabase JWT Secret. Internally, this setting allows PowerSync to verify and use Supabase JWTs directly using HS256 and the provided secret.
 
-To implement either Supabase Auth or Anonymous Sign-Ins, enable the "Use Supabase Auth" setting on the PowerSync instance. (This is also [covered in the Supabase & PowerSync integration guide](/integration-guides/supabase-+-powersync#configuring-powersync))
+Enabling Supabase Auth is also [covered in the Supabase & PowerSync integration guide](/integration-guides/supabase-+-powersync#configuring-powersync).
 
-Internally, Supabase auth signs the token using HS256, using a secret available as `current_setting('app.settings.jwt_secret')` on the database.
+To rotate the secret, generate a new secret in the your Supabase project's API Settings:
 
-To rotate the secret, generate a new secret in the Supabase project settings. The new secret will be automatically picked up by PowerSync within 5 minutes. In this period, some authentication failures are expected.
+<Frame>
+   <img src="/images/authentication/supabase-jwt-secret.png"/>
+</Frame>
 
-The Supabase user UUID will be available as `token_parameters.user_id`. To use a different identifier as the user ID in sync rules (for example user email), use [Custom authentication](/installation/authentication-setup/custom).
+The Supabase user UUID will be available as `request.user_id()` in Sync Rules. To use a different identifier as the user ID in sync rules (for example user email), use [Custom authentication](/installation/authentication-setup/custom).
@@ -113,6 +113,7 @@ sync_rules:
 client_auth:
   # Enable this if using Supabase Auth
   # supabase: true
+  # supabase_jwt_secret: [secret]
 
   # JWKS URIs can be specified here.
   jwks_uri: http://demo-backend:6060/api/auth/keys
 
@@ -1,7 +1,7 @@
 1. In the [PowerSync Dashboard](/usage/tools/powersync-dashboard) Project tree, click on "**Create new instance**":
 
 <Frame>
-  <img src="/images/integration-2.png" width="60%" />
+  <img src="/images/installation/create-new-instance.png" width="60%" />
 </Frame>
 
 2. Give your instance a name, such as "Testing".
 
@@ -11,14 +11,10 @@
      * Supabase also [refers to this password](https://supabase.com/docs/guides/database/managing-passwords) as the _database password_ or _project password_.
    * PowerSync has the Supabase CA certificate pre-configured — `verify-full` SSL mode can be used directly, without any custom certificates.
 2. Click **"Test Connection"** and fix any errors.
-3. Under the **"Client Auth"** tab, enable **"Use Supabase Auth"**:
-  <Frame caption="PowerSync fetches the Supabase JWT key directly from the database.">
-    <img src="/images/integration-4.png"/>
-  </Frame>
+3. Under the **"Client Auth"** tab, enable **"Use Supabase Auth"** and enter your Supabase **JWT Secret**:
+    <Frame caption="PowerSync uses the secret to verify Supabase's JWTs.">
+      <img src="/images/authentication/use-supabase-auth.png"/>
+    </Frame>
 4. Click **"Save".**
 
-<Note>
-The "Supabase Auth" setting no longer works for Supabase projects created after 25 November 2024. While we are working with Supabase on a fix, please apply this workaround: https://releases.powersync.com/announcements/important-notice-for-supabase-users-using-supabase-jwts
-</Note>
-
 PowerSync deploys and configures an isolated cloud environment for you, which will take a few minutes to complete.