.beans/nuzlocke-tracker-snft--support-es256-ecc-p-256-jwt-keys-in-backend-auth.md

---
# nuzlocke-tracker-snft
title: Support ES256 (ECC P-256) JWT keys in backend auth
status: in-progress
type: bug
created_at: 2026-03-22T10:51:30Z
updated_at: 2026-03-22T10:51:30Z
---

Backend JWKS verification only accepts RS256 algorithm, but Supabase JWT key was switched to ECC P-256 (ES256). This causes 401 errors on all authenticated requests. Fix: accept both RS256 and ES256 in the algorithms list, and update tests accordingly.
fix: accept ES256 (ECC P-256) JWT keys alongside RS256 in backend auth Supabase JWT key was switched to ECC P-256, but the JWKS verification only accepted RS256. Add ES256 to the accepted algorithms list. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-22 11:52:42 +01:00			`---`
			`# nuzlocke-tracker-snft`
			`title: Support ES256 (ECC P-256) JWT keys in backend auth`
			`status: in-progress`
			`type: bug`
			`created_at: 2026-03-22T10:51:30Z`
			`updated_at: 2026-03-22T10:51:30Z`
			`---`

			`Backend JWKS verification only accepts RS256 algorithm, but Supabase JWT key was switched to ECC P-256 (ES256). This causes 401 errors on all authenticated requests. Fix: accept both RS256 and ES256 in the algorithms list, and update tests accordingly.`