auth issues

Too long strings in user_metadata causing authentication to break

4

# Bug report - [X] I confirm this is a bug with Supabase, not with my own application. - [X] I confirm I have searched the [Docs](https://docs.supabase.com), GitHub [Discussions](https://github.com/supabase/supabase/discussions), and...

kluplau

bug

feat: add MFA for WebAuthn

## What kind of change does this PR introduce? Adds MFA for WebAuthn ## What is the current behavior? Please link any relevant issues here. ## What is the new...

J0

fix: add twilio verify support on mfa

## What kind of change does this PR introduce? We don't store the OTP with Twilio Verify and will need to do the check with Twilio if we want to...

J0

supabase.auth.linkIdentity does not return raw_user_meta_data

7

# Bug report - [x] I confirm this is a bug with Supabase, not with my own application. - [x] I confirm I have searched the [Docs](https://docs.supabase.com), GitHub [Discussions](https://github.com/supabase/supabase/discussions), and...

chanmathew

bug

PUT /USER is abusable

1

# Bug report Hi i just notice that the PUT /USER endpoint can be abused for adding putting data. ![image](https://github.com/user-attachments/assets/653055d9-b83e-409b-8054-cb75b67c0d14) is it intended?

ZhenFTW

bug

linkIdentity errors out if the account already exists

1

# Bug report - [x] I confirm this is a bug with Supabase, not with my own application. - [x] I confirm I have searched the [Docs](https://docs.supabase.com), GitHub [Discussions](https://github.com/supabase/supabase/discussions), and...

xinha-sh

bug

AuthException Not returning valid message and status code for banned_until As per documentation

5

So, Basically, when a user is banned by having their metadata field **banned_until** populated with a date and time, the user is no longer able to log in, as per...

tiltmaster

bug

auth

Various Ways of Password Reset

# Improve documentation [Reset Password PKCE flow ](https://supabase.com/docs/guides/auth/passwords?queryGroups=language&language=js&queryGroups=flow&flow=pkce#resetting-a-password) ## Describe the problem Two improvements here (1) In the document about password reset, it mentions the email template should contain the...

BlakeQG

documentation

In Firebase, the password hash is stored in passwordHash and is hashed using SCRYPT with specific parameters. In Supabase, the password is stored in encrypted_password and is hashed using bcrypt. As a result, when migrating authenticated users, an error occurs due to the different password hashing algorithms.

5

# Bug report The difference between the newly created Supabase user and the migrated Firebase user is primarily in the password handling. Here’s a breakdown of the issues and potential...

Deepak813

bug

WIP: Add SSO via OIDC

3

## What kind of change does this PR introduce? SSO via OIDC in additional to SAML ## What is the current behavior? SSO only with SAML ## What is the...

smndtrl

auth
auth copied to clipboard

Metadata

Too long strings in user_metadata causing authentication to break

feat: add MFA for WebAuthn

fix: add twilio verify support on mfa

supabase.auth.linkIdentity does not return raw_user_meta_data

PUT /USER is abusable

linkIdentity errors out if the account already exists

AuthException Not returning valid message and status code for banned_until As per documentation

Various Ways of Password Reset

WIP: Add SSO via OIDC

← Metadata

Owner

Metadata

auth auth copied to clipboard

Metadata

← Metadata

Owner

Metadata

auth
auth copied to clipboard