Permission error when trying to resubscribe to a channel with Custom JWT #1904
Description
Describe the bug
I'm using a CustomJWT for auth.
When using private broadcast channels, resubscribing to the same channel topic after calling removeChannel() fails with an authorization error, even though the user's session and permissions remain unchanged.
Library affected
supabase-js
Steps to reproduce
- Subscribe to a private broadcast channel
- Wait for successful subscription (status: SUBSCRIBED)
- Call supabase.removeChannel(channel) to cleanup
- Attempt to resubscribe to the same channel topic
- Observe authorization error
Minimal reproduction
Creation of Supabase Client
/**
* Creates a Supabase client instance
*/
export const createClient = (accessToken?: string): SupabaseClient => {
const options: SupabaseClientOptions<"public"> = {
realtime: {
logLevel: "info",
params: {
eventsPerSecond: 10,
},
},
...(accessToken != null && {
global: { headers: { Authorization: `Bearer ${accessToken}` } },
}),
};
const client = createSupabaseClient(supabaseUrl, supabaseAnonKey, options);
if (accessToken) {
client.realtime.setAuth(accessToken);
}
return client;
};Basic resubscribe logic
console.log("sub to conversation");
// Step 1: Initial subscription - SUCCESS
const channel1 = supabase
.channel("conversation:dc3fb8c1-ceef-4c00-9f92-e496acd03593", {
config: { private: true },
})
.on("broadcast", { event: "INSERT" }, (payload) => {
console.log("Message received:", payload);
})
.subscribe((status, error) => {
console.log("Status:", status); // ✅ "SUBSCRIBED"
});
// Step 2: Wait and cleanup
await new Promise((resolve) => setTimeout(resolve, 5000));
console.log("unsub to conversation");
await supabase.removeChannel(channel1);
// Step 3: Wait for cleanup
await new Promise((resolve) => setTimeout(resolve, 5000));
// Step 4: Resubscribe to same topic - FAILS
console.log("resub to conversation");
const channel2 = supabase
.channel("conversation:dc3fb8c1-ceef-4c00-9f92-e496acd03593", {
config: { private: true },
})
.on("broadcast", { event: "INSERT" }, (payload) => {
console.log("Message received:", payload);
})
.subscribe((status, error) => {
console.log("Status:", status); // ❌ "CHANNEL_ERROR"
console.log("Error:", error); // ❌ "Unauthorized: You do not have permissions..."
});System Info
Platform: react-native
Node: 22.18.0
@supabase/supabase-js: ^2.84.0 => 2.84.0Used Package Manager
npm
Logs
LOG sub to conversation
LOG Status: SUBSCRIBED
LOG unsub to conversation
LOG Status: CLOSED
LOG resub to conversation
LOG Status: CHANNEL_ERROR
LOG Error: [Error: "Unauthorized: You do not have permissions to read from this Channel topic: conversation:dc3fb8c1-ceef-4c00-9f92-e496acd03593"]Validations
- Follow our Code of Conduct
- Read the Contributing Guidelines.
- Read the docs.
- Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
- Make sure this is a Supabase JS Library issue and not an issue with the Supabase platform. If it's a Supabase platform related bug, it should likely be reported to supabase/supabase instead.
- Check that this is a concrete bug. For Q&A open a GitHub Discussion or join our Discord Chat Server.
- The provided reproduction is a minimal reproducible example of the bug.