Consumer Authentication

See this community project for detailed setup instructions: https://github.com/guillempuche/localfirst_react_server

B2B SaaS Authentication

The high-level approach is:
  • Users authenticate via Stytch
  • Extract the user and org IDs from the Stytch JWT
  • Generate a Supabase JWT by calling a Supabase Edge Function that uses the Supabase JWT Secret for signing a new JWT
    • Set the KID in the JWT header
      • You can obtain this from any other Supabase JWT by extracting the KID value from the header — this value is static, even across database upgrades.
    • Set the AUD field to authenticated
    • Set the SUB field in the JWT payload to the user ID
  • Pass this new JWT into your PowerSync fetchCredentials function
Use the below settings in your PowerSync Dashboard:
Reach out to us directly on our Discord server if you have any issues with setting up auth.