Skip to content

feat: log sb-auth-user-id, sb-auth-session-id, ... on sign in not just refresh token#2342

Merged
cemalkilic merged 1 commit intomasterfrom
hf/add-headers-to-issue-refresh-token
Jan 22, 2026
Merged

feat: log sb-auth-user-id, sb-auth-session-id, ... on sign in not just refresh token#2342
cemalkilic merged 1 commit intomasterfrom
hf/add-headers-to-issue-refresh-token

Conversation

@hf
Copy link
Contributor

@hf hf commented Jan 21, 2026

In #2216 some new headers were added to responses that are able to track the user ID, session and other data which cannot be extracted from JWTs. This aids in debugging and correlation of all requests made by a specific user.

@hf hf requested a review from a team as a code owner January 21, 2026 09:42
@coveralls
Copy link

coveralls commented Jan 21, 2026

Pull Request Test Coverage Report for Build 21204637362

Details

  • 9 of 11 (81.82%) changed or added relevant lines in 8 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 68.861%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/api/samlacs.go 0 1 0.0%
internal/api/token_oidc.go 0 1 0.0%
Totals Coverage Status
Change from base Build 21130794887: 0.0%
Covered Lines: 14823
Relevant Lines: 21526
💛 - Coveralls

@cemalkilic cemalkilic merged commit a486ada into master Jan 22, 2026
7 checks passed
@cemalkilic cemalkilic deleted the hf/add-headers-to-issue-refresh-token branch January 22, 2026 06:50
@supabase-releaser supabase-releaser bot mentioned this pull request Jan 21, 2026
Merged
cstockton pushed a commit that referenced this pull request Jan 28, 2026
@supabase-releaser
chore(master): release 2.186.0 (#2337)
effd662 
🤖 I have created a release *beep* *boop*
---


##
[2.186.0](v2.185.0...v2.186.0)
(2026-01-28)


### Features

* Add email send operation metrics
([#2311](#2311))
([0096575](0096575))
* add Supabase Auth identifier to OAuth redirect URLs
([#2299](#2299))
([2d3dbc6](2d3dbc6))
* log sb-auth-user-id, sb-auth-session-id, ... on sign in not just
refresh token ([#2342](#2342))
([a486ada](a486ada))
* **oauth-server:** store and enforce token_endpoint_auth_method
([#2300](#2300))
([bcd6cd5](bcd6cd5))
* replace JWT OAuth state with `flow_state.id` UUID
([#2331](#2331))
([645654d](645654d))
* upgrade existing sessions to v2 refresh tokens though config value
([#2356](#2356))
([6fb0e8a](6fb0e8a))


### Bug Fixes

* reloader unittest races on writeWg
([#2352](#2352))
([088b714](088b714))
* update migration version
([#2343](#2343))
([61ef4db](61ef4db))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: supabase-releaser[bot] <223506987+supabase-releaser[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cemalkilic cemalkilic cemalkilic approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hf @coveralls @cemalkilic