Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

<@!107176742342402048> , so the reset password link signed in the user. Then i was able to grab the type of auth state change from the event, which said it was reset password, so I redirected to the form. 

Then here's where I'm not sure I did the right thing. Instead of using the reset password example that requires the access token, I used the auth.update user method, which didn't require the token. 

Same result.

So the access_token is only required if the user is not signed in, in your case the user was signed in so using the `auth.update` is fine.

It's actually recommended that way in the docs if the user is already authenticated https://supabase.io/docs/reference/javascript/auth-update#update-password-for-authenticated-user