Skip to content
AppHandoff AppHandoff Docs

Exchange Supabase tokens for session cookies

POST
/auth/exchange-supabase-token
 
curl --request POST \
  --url https://example.com/api/auth/exchange-supabase-token \
  --header 'Content-Type: application/json' \
  --data '{ "access_token": "example", "refresh_token": "example", "redirect_to": "example" }'

Accepts Supabase access/refresh tokens, sets session cookies, returns redirect URL.

Request Body required

Section titled “Request Body required ”
Media type application/json
object
access_token
required
string
refresh_token
required
string
redirect_to
string

Responses

Section titled “ Responses ”

200

Section titled “200 ”

Session established

Media type application/json
object
redirectTo
string

400

Section titled “400 ”

Invalid request

Media type application/json
object
error
required

Human-readable error message

string
code

Stable machine-readable error code for client branching

string
fieldErrors

First validation message per field path

object
key
additional properties
string
issues

Structured validation issues (Zod)

Array<object>
object
path
required
string
message
required
string
retryAfter

Seconds until rate limit resets (429 responses)

number