Supabase JWT Token with Claims
Service Name: Supabase
Service Description: Supabase is an open-source Firebase alternative providing all the backend services you need to build a product. It offers a PostgreSQL database, authentication, instant APIs, real-time subscriptions, and storage.
Service Address: https://supabase.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the project level through Supabase dashboard settings.
Secret Access Scope: JWT tokens grant access to Supabase services and data based on the claims contained within the token. These claims define user identity and permissions within your Supabase project.
Secret Revokement URL: https://supabase.com/dashboard/project/_/auth/users (Manage users and sessions)
Secret Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inhtd Wl5eHd0YmF5dHBxaWpwZnZkIiwicm9sZSI6ImF1dGhlbnRpY2F0ZWQiLCJpYXQiOjE2ODU1NTg0 MDAsImV4cCI6MTY4NTY0NDgwMH0.exampleSignature123456789
Suspicious Activity Investigation Instructions:
- Decode the JWT token using a tool like jwt.io to examine the claims and verify if they match expected values
- Check Supabase logs for unusual authentication patterns or access attempts
- Review user activity logs for the user associated with the token
- Monitor for unexpected database queries or API calls made with the token
- Check for geographic anomalies in access patterns
Mitigation Instructions:
- Immediately revoke the user's session in the Supabase Auth dashboard
- Reset the user's password if the account is compromised
- Rotate your project's JWT secret in the Supabase dashboard settings
- Update JWT expiration times to shorter durations
- Implement additional security measures like Row Level Security (RLS) policies
- Consider enabling Multi-Factor Authentication (MFA) for sensitive user accounts
- Review and update your application's security policies and access controls