supabase-js icon indicating copy to clipboard operation
supabase-js copied to clipboard
verified publisher icon supabase

auth.admin.generateLink doesn't generate PKCE-compatible links

Open empz opened this issue 1 year ago • 2 comments

Describe the bug

Trying to generate a PKCE-enabled Magic Link with supabase.auth.admin.generateLink(...) results in a implicit-flow link.

To Reproduce

const email = "[email protected]";

const supabaseAdmin = createClient(
  env.NEXT_PUBLIC_SUPABASE_URL,
  env.SUPABASE_SERVICE_ROLE_KEY,
  { auth: { flowType: "pkce" } },
);

const { data, error } = await supabaseAdmin.auth.admin.generateLink({
  type: "magiclink",
  email,
})

return data.properties.action_link;

Expected behavior

I'd expect this to return a PKCE-flow compatible Magic Link in the shape of:

https://xxxxxxxxxxxxxxx.supabase.co/auth/v1/verify?token=pkce_xxxxxxxxxxxxxx&type=magiclink&redirect_to=http://localhost:3000/api/auth/callback

Just like the regular client sends via email when doing.

    const { data, error} = await supabase.auth.signInWithOtp({
      email,
      options: {
        emailRedirectTo: redirectURL,
      },
    });

But instead, the generateLink admin function generates a non-PKCE token (it doesn't start with pkce_).

System information

  • OS: Irrelevant
  • Browser (if applies): Irrelevant
  • Version of supabase-js: 2.45.4
  • Version of Node.js: 23.13.1

empz avatar Sep 14 '24 13:09 empz

See this post in the Discord channel for context: https://discord.com/channels/839993398554656828/1284484812320538787

empz avatar Sep 14 '24 13:09 empz

Facing the same issue. Did you find a solution for this?

sundaray avatar Jan 10 '25 19:01 sundaray

would like to elevate this issue

leon0399 avatar Nov 05 '25 12:11 leon0399