Ability to use any third party auth with asymmetric key

[jbojcic1]

Right now when you want to use Supabase with some third party auth you have two options:

1. If your third party auth is Firebase or Auth0 or AWS Cognito you can use this approach https://supabase.com/docs/guides/auth/third-party/overview
2. Create your own jwt and sign it with jwt secret from the Supabase dashboard.

Option 2 is very cumbersome and adds unnecessary complexity. Option 1 works only for those providers but I don't see why it should not be possible to make it work for any provider that uses asymmetric key (pub/priv key pair where jwt is signed with private key). Can't Supabase allow pasting public key of any auth provider in the settings instead which should be enough to validate the key?

[Revadike]

Currently, the thing that is holding me back from migrating to supabase is it's limited auth. Honestly, they should just support creating custom session tokens and allow us to handle user verification in edge functions.