Skip to content

add supabase-auth #1997

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

add supabase-auth #1997

wants to merge 1 commit into from
+336 −0

Conversation

aaazzam
Copy link
Collaborator

@aaazzam aaazzam commented Oct 3, 2025
edited
Loading

Description

Add Supabase authentication provider for FastMCP following the same pattern as existing commercial auth providers (Auth0, Descope, WorkOS).

The SupabaseProvider implements RemoteAuthProvider to verify JWTs issued by Supabase Auth using their JWKS endpoint. It supports Supabase projects using
asymmetric ES256 signing keys (standard for projects created after May 2025, or migrated projects).

Key Features:

  • JWT verification using Supabase's JWKS endpoint (/auth/v1/.well-known/jwks.json)
  • ES256 algorithm support (Elliptic Curve Digital Signature)
  • Environment variable configuration (FASTMCP_SERVER_AUTH_SUPABASE_*)
  • Authorization server metadata forwarding
  • Follows established FastMCP auth provider patterns

Testing:

  • Validated end-to-end with real Supabase project
  • Successfully authenticated users and verified JWTs
  • Protected MCP endpoints working correctly

🤖 Generated with https://claude.com/claude-code

Contributors Checklist

  • My change closes Support Supabase Auth Provider. #1996
  • I have followed the repository's development workflow
  • I have tested my changes manually and by adding relevant tests
  • I have performed all required documentation updates

Review Checklist

  • I have self-reviewed my changes
  • My Pull Request is ready for review

Files Changed:

  • src/fastmcp/server/auth/providers/supabase.py - Provider implementation
  • tests/server/auth/providers/test_supabase.py - Comprehensive test suite (9 tests)

@aaazzam aaazzam changed the title init add supabase-auth Oct 3, 2025
@marvin-context-protocol marvin-context-protocol bot added enhancement Improvement to existing functionality. For issues and smaller PR improvements. auth Related to authentication (Bearer, JWT, OAuth, WorkOS) for client or server. labels Oct 3, 2025
@jlowin
Copy link
Owner

jlowin commented Oct 4, 2025
edited
Loading

Think the only thing missing here is an integration doc in the style of other auth integrations (which we can also generate subsequently if you want)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
auth Related to authentication (Bearer, JWT, OAuth, WorkOS) for client or server. enhancement Improvement to existing functionality. For issues and smaller PR improvements.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support Supabase Auth Provider.
2 participants
@aaazzam @jlowin