---
id: auth-setauth
title: "setAuth()"
slug: auth-setauth
custom_edit_url: https://github.com/supabase/supabase/edit/master/web/spec/supabase.yml
---

import Tabs from '@theme/Tabs';
import TabsPanel from '@theme/TabsPanel';

Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.

<Tabs
  defaultActiveId="js"
  groupId="reference/supabase-js"
  values={[{ label: 'JavaScript', value: 'js' }]}>

<TabsPanel id="js" label="js">

```js
function apiFunction(req, res) {
  // Assuming the access token was sent as a header "X-Supabase-Auth"
  const { access_token } = req.get('X-Supabase-Auth') 

  // You can now use it within a Supabase Client 
  const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
  const { user, error } = supabase.auth.setAuth(access_token)

  // This client will now send requests as this user
  const { data } = await supabase.from('your_table').select()
}
```


</TabsPanel>

</Tabs>

## Parameters


<ul className="method-list-group">
  
<li className="method-list-item">
  <h4 className="method-list-item-label">
    <span className="method-list-item-label-name">
      access_token
    </span>
    <span className="method-list-item-label-badge required">
      required
    </span>
    <span className="method-list-item-validation">
      <code>string</code>
    </span>
  </h4>
  <div class="method-list-item-description">

a jwt access token

  </div>
  
</li>

</ul>














## Examples

### Basic example.

This is most useful on server-side functions where you cannot log the user in, but have access to the user's access token.

<Tabs
  defaultActiveId="js"
  groupId="reference/supabase-js"
  values={[{ label: 'JavaScript', value: 'js' }]}>

<TabsPanel id="js" label="js">

```js
function apiFunction(req, res) {
  // Assuming the access token was sent as a header "X-Supabase-Auth"
  const { access_token } = req.get('X-Supabase-Auth') 

  // You can now use it within a Supabase Client 
  const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
  const { user, error } = supabase.auth.setAuth(access_token)

  // This client will now send requests as this user
  const { data } = await supabase.from('your_table').select()
}
```


</TabsPanel>

</Tabs>

### With Express.



<Tabs
  defaultActiveId="js"
  groupId="reference/supabase-js"
  values={[{ label: 'JavaScript', value: 'js' }]}>

<TabsPanel id="js" label="js">

```js

/**
* Make a request from the client to your server function
*/
async function makeApiRequest() {
  const token = newClient.session()?.access_token

  await fetch('https://example.com/withAuth', {
     method: 'GET',
     withCredentials: true,
     credentials: 'include',
     headers: {
      'Content-Type': 'application/json'
      'Authorization': bearer, // Your own auth
      'X-Supabase-Auth': token, // Set the Supabase user
     }
  })
}

/**
* Use the Auth token in your server-side function.
*/
async function apiFunction(req, res) {
  const { access_token } = req.get('X-Supabase-Auth') 

  // You can now use it within a Supabase Client 
  const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
  const { user, error } = supabase.auth.setAuth(access_token)

  // This client will now send requests as this user
  const { data } = await supabase.from('your_table').select()
}
```


</TabsPanel>

</Tabs>