Supabase
Bug Report: missing destination name oauth_client_id in *models.Session during token refresh #40036
Replies: 21 comments 1 reply
-
|
I am also experiencing this but with magic link login on a new supabse project. |
Beta Was this translation helpful? Give feedback.
-
|
+1, this is affecting me as well, but with OTP logins on a new branch of an existing supabase project: token refreshes consistently fail. It does not seem to affect the main branch, whose session table does not have the |
Beta Was this translation helpful? Give feedback.
-
|
I think this issue is related to the auth repo in the supabase this is not directly link to this repo i am trying to find solution for this and raise PR in the auth repo for this |
Beta Was this translation helpful? Give feedback.
-
|
I am getting this with anonymous login with an old token on local development. All requests from
|
Beta Was this translation helpful? Give feedback.
-
|
I'm also seeing this error suddenly after unpauseing our Supabase server. |
Beta Was this translation helpful? Give feedback.
-
|
I deleted all containers, images and volumes from docker that related to supabase and started from scratch the server: it started working again. |
Beta Was this translation helpful? Give feedback.
-
|
Got a similar issue when trying to get supabase production db into my local supabase setup: despite having updated supabase CLI, I am getting this issue when updating local DB:
|
Beta Was this translation helpful? Give feedback.
-
|
Hi @cemalkilic , I see there's this change, can you help it says: "user can't use Somehow after unpause, Supabase cloud has updated to v2.180.0, and it breaks session refresh. Any ideas how to fix? I'm using https://pub.dev/packages/supabase_flutter 2.8.3 so next I try to upgrade it to 2.10.3 but I do not see it using /oauth/token (https://github.com/search?q=repo%3Asupabase%2Fsupabase-flutter+oauth&type=code). |
Beta Was this translation helpful? Give feedback.
-
|
My temporary solution was to sign out users on web app after Supabase.initialize. This does not solve the issue at all, it just does the same as original poster said, and first sign-in succeeds. After a while, /token responds with 500 Internal Server Error, same as original poster mentioned in Steps to Reproduce. |
Beta Was this translation helpful? Give feedback.
-
|
⏫ +1 I am using After 1 hour, the token does not refresh. On the server I get the following message: |
Beta Was this translation helpful? Give feedback.
-
|
Same issue i have faced too did you get any solution brother ? |
Beta Was this translation helpful? Give feedback.
-
|
I'm facing the same issue on local development. I'm using email and password for signin. Getting the error on |
Beta Was this translation helpful? Give feedback.
-
|
If your supabase project (remote) is not new, what you guys can try is to upgrade the infrastructure to the latest version on |
Beta Was this translation helpful? Give feedback.
-
|
@juhasztibi Same steps for local server? |
Beta Was this translation helpful? Give feedback.
-
Didn't try that, but could work with fresh images and migration. |
Beta Was this translation helpful? Give feedback.
-
|
@juhasztibi thank you, upgrading Supabase cloud infrastructure solved this issue for me. I also disabled pgjwt before upgrade. |
Beta Was this translation helpful? Give feedback.
-
|
Same here. |
Beta Was this translation helpful? Give feedback.
-
|
Locally, I stop docker and removed all volumes and images. Updated supabase CLI and started docker again |
Beta Was this translation helpful? Give feedback.
-
|
I have found the solution by upgrading my |
Beta Was this translation helpful? Give feedback.
-
|
As upgrading the package wasn't working for me, I cleaned my docker and reinstalled everything from scratch, it worked. But a bit to harsh maybe. |
Beta Was this translation helpful? Give feedback.
-
|
Restarting the local image(s) did the trick for me. That's also the moment that the supabase cli pulls in new images so that might be related. |
Beta Was this translation helpful? Give feedback.
-
|
I got exactly the same problem for several days... and after upgrading my Postgres in the supabase/infrastructure... Bug solved ! 
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Description
After a successful Google OAuth sign-in, the session is created correctly, but when Supabase attempts to refresh the session (/token endpoint with grant_type=refresh_token), the server returns:
500: missing destination name oauth_client_id in *models.SessionEnvironment
• Supabase project: Local
• Supabase Auth service (GoTrue): Latest as of Oct 2025
• SDKs:
• supabase_flutter: ^2.5.0
• supabase: ^2.2.0
• Auth provider: Google OAuth
• Database: auth.sessions table includes the column oauth_client_id uuid (added by recent migrations) (this seems to BE THE PROBLEM
Steps to Reproduce
1. Enable Google provider in Supabase → Auth → Providers.
2. Sign in from Flutter (supabase.auth.signInWithOAuth(Provider.google)).
3. Observe first sign-in succeeds and a session record is created.
4. Wait until the token refresh runs automatically (or trigger /token manually).
5. /token responds with 500 Internal Server Error.
Observed Behavior
• Auth logs show: {"component":"api","error":"500: missing destination name oauth_client_id in *models.Session","grant_type":"refresh_token","method":"POST","path":"/token"}
(see screenshot below)
Screenshot
(Attach the screenshot you captured showing oauth_client_id = NULL for all sessions.)
Expected Behavior
GoTrue should either:
• populate oauth_client_id automatically when a session is created from an OAuth provider, or
• treat a NULL value as valid and not panic during refresh serialization.
Impact
• Affects all Supabase projects whose auth.sessions table includes the oauth_client_id column but where the backend doesn’t populate it.
• Breaks token refresh (OAuth sign-in works once, fails afterward).
Beta Was this translation helpful? Give feedback.
All reactions