I found this dev’s Twitter thread sharing how to leverage Supabase Edge Functions to exchange an Outseta-signed JWT for a Supabase-signed JWT - effectively enabling Outseta for auth to talk to Supabase as the back-end.
I am trying to build this setup in WeWeb (Outseta for auth/user management, Supabase for data collections), but I don’t know what this would look like using WeWeb’s plugins. What I am trying to achieve is this flow:
- User enters their email and password to create an account
- WeWeb makes a REST API call to Outseta’s Register Account endpoint
- Outseta tells Supabase who this user is so that they can securely access their data in WeWeb while I properly enforce Supabase’s RLS on the back-end
- Supabase now carries its own JWT for the user
However, I don’t see an obvious way to add this JWT to Supabase requests when creating/fetching collections from WeWeb.
Is there a secure way to accomplish this such that the JWT is stored securely and is throughout the app for all calls to Supabase (including collection fetches)?