Launched logoGet my project Launched
All posts

June 27, 2026 · 8 min read

Why Your AI Authentication Flow Keeps Breaking

Static UIs are easy. Sessions, redirects, and protected routes are where AI agents fall apart. Here's why auth breaks — and the patterns that hold.

By Launched team

Your landing page is gorgeous. The dashboard mock is gorgeous. Then you turn on auth, and within three prompts the agent has invented two contradictory session handlers, the login form posts to a route that doesn't exist, and your protected pages either let everyone in or let nobody in. There is no middle.

Why auth is the agent's kryptonite

Auth is not a UI problem; it's a state machine that spans the client, the server, and a third-party identity provider. Each side has to agree on what a session looks like, how it's refreshed, where it's stored, and which requests carry it. AI agents excel at code that lives in one file. Auth lives in seven.

The breakage patterns we see constantly

  • Two session sources of truth: the agent uses cookies in one place and localStorage in another. Nothing agrees.
  • Redirect URLs that point at preview domains: Supabase rejects the callback.
  • Protected routes guarded on the client only: a curl request walks straight in.
  • Server functions that don't forward the auth header: "Unauthorized" on every call, even when logged in.
  • Email confirmation toggled differently than the policies expect: users sign up successfully and then can't read their own row.

Patterns that actually hold

1. One session, server-side

The server is the source of truth. The client receives a session derived from a server check on each protected render. No client-only guards.

2. RLS as the real authorization layer

Don't rely on UI hiding. Row Level Security in Supabase decides what a user can read or write. If RLS would allow it, the UI is allowed to attempt it. If RLS would block it, no UI hack matters.

3. Auth middleware on every server function

In TanStack Start that's requireSupabaseAuth middleware on protected RPCs. In Next it's a session check at the top of every server action. No exceptions.

4. Callback URLs in code, environments in config

Hardcode the callback path; let the origin come from an env var. Then dev, preview, and prod just work.

Where Launched comes in

Auth rescues are a meaningful chunk of our work. We rip out the contradictory layers, install one canonical pattern (server-verified session + RLS + middleware), and hand back something a new engineer can read in 10 minutes. Book a 20-minute call. Related: Own your build.

← Previous

The Sanity Layer: Security Audits for AI-Generated Code

Get my project Launched