Better Auth

BA

Better Auth

Join the community to ask questions about Better Auth and get answers from other members.

Join

bug-reports

help

Rafiul
Rafiul
View on Discord
10/8/2025

Session is null in Nextjs 15 middleware (Express backend) only in prod

Hi guys, I am able to get session in middleware with nodejs runtime in my dev server, but when I deploy in production it doesn't seem to pass any cookies when I make the request to the expressjs auth server.. What is the issue? Here's my middleware.ts ```ts...
Solution:
So I managed to solve this issue. Problem was I was using cross subdomains (different subdomain in frontend and backend). Emphasis on crossSubDomainCookies and defaultCookieAttributes
Cristian Sotomayor
Cristian Sotomayor
View on Discord
10/8/2025

Issue with better-auth v1.3.27 infering values

I have a better-auth instance with a custom session plugin. My code it was working well on the previous version v1.2.27. I had some errors with a 422 error so I upgraded the version. After the upgrade I started to get an issue with the createAuth method. I needed that method to let the backend and frontend have the types of the context. How I can address this issue? As far as I know a fix it could be to use the original better-auth type:...
No description
hueneme
hueneme
View on Discord
10/8/2025

Email Sign-in path

I tried to migrate the old login with BetterAuth. I tried credentials first. Since it just credentials, I tried createAuthClient, make an instance and use authInstance.signIn.email but no matter what I change the end point is /api/auth/sign-in/email How can I change this?...
Cristian Sotomayor
Cristian Sotomayor
View on Discord
10/8/2025

Suddenly I started getting an error 422

I'm working on my personal project and I was trying to setup a new account to test some things and I started getting this issue. I created a new DB instance to test my entire workflow but the signup it's failing I was reading on this channel any related message and I just find out this post but I don't get any hint of how I can fix that error https://discord.com/channels/1288403910284935179/1424030391794270329/1424394455376728146...
No description
console
console
View on Discord
10/7/2025

Organization hooks (afterDelete)

Hey everyone, I’m looking into organization hooks because I need to set a new active organization after a user deletes the one they’re currently using. I was planning to handle this in the afterDeleteOrganization hook, since the docs mention it takes a request as the second parameter — but it doesn’t seem to exist in the actual code. Does anyone know what’s going on here? Could this be a docs issue, or something related to the types? Also, if there’s a better or more proper way to handle this scenario, I’d really appreciate any suggestions....
Eric
Eric
View on Discord
10/7/2025

How to require 2FA for credential accounts only?

I see there have already been some related messages about wanting to require that all users setup two-factor authentication. I used to have this working in my middleware, redirecting the user to a setup 2fa page if they didn't have it enabled, but this doesn't work if they signed in with another method, such as passkey. Is there a proper trigger, such as a database hook, regular hook, or custom session that can help me distinguish between the different ways that someone has logged in? Or even just to know if the user has set a password would be enough to know if I should then ensure 2FA is enabled, but where should I do that check so that I don't query the accounts table too often?...
Solution:
use hooks -> intercept the request and the user that's logging in -> fetch the user accounts -> if user only has oauth accounts, return -> if user has only a password account/the login method in the request is a credential login, throw some response/error, and proceed to do the logic you want to do (e.g. redirect, database logic) the if statements would probably your best friend in avoiding querying the accounts table often, but pretty much you can't really avoid fetching the table every time someone's logging in with the credentials...
pie
pie
View on Discord
10/7/2025

500 error code for auth api endpoints

I've set up better auth correctly, I hope, or at least I've checked 3 times. When I try to create a new user I get an error in the console that in /api/auth/aign-up/email on the web server "A 'user server' file can only export async functions". I did not write this file so is this a bug or is there something I am missing?
No description
zgy
zgy
View on Discord
10/7/2025

config not found

Hey, I am using React Router v7 and better-auth can not find my config. This is the path of the file: app/utils/auth.server.ts I already read this:...
Pietro
Pietro
View on Discord
10/7/2025

additionalFields type not inferred

It doesn't infer any additionalField I add
No description
Luv Sharma
Luv Sharma
View on Discord
10/7/2025

What tech stack should i choose?

what should i choose for better auth ? react + express or nextjs + express ...
Furkan Özay
Furkan Özay
View on Discord
10/7/2025

Email, name and phoneNumber signup

Hello, what I want to do is get the phone number, name, and email from the user during registration, then have them verify their phone number (phone number OTP) and set their password, but I can't decide how to do this. Can you help me?
Firro
Firro
View on Discord
10/7/2025

Apple Sign-in inconsistenly fails to redirect with FaceID

Hey, not sure if anyone else had that issue. But whenever users try to sign in with apple it opens their system faceid scanner which makes sense. But for some reason, sometimes it just doesnt sign them in. Like, its inconsistent. The sign in/up code is this and I checked it actually doesnt redirect the user so I tried redirecting them manually but that also doesnt do the trick...
Kwae (GK)
Kwae (GK)
View on Discord
10/7/2025

OIDC Client Register - Additional data not stored

I've been looking into where the data is stored for ODIC clients that are registered. It seems the API excepts a lot of information but only stores the about 3 data points. client_name: "My App", client_uri: "https://client.example.com", redirect_uris: ["https://client.example.com/callback"], ...
Stoplion
Stoplion
View on Discord
10/7/2025

Tanstack with better auth

In https://www.better-auth.com/docs/integrations/tanstack it mentions 'We recommend using the client SDK or authClient but the tutorial goes on to use auth.api.signInEmail ? I'm confused. Is auth.api the right way or not?
Barrel Of Lube
Barrel Of Lube
View on Discord
10/7/2025

Chrome Extension OAuth Callback

How do i handle the ott code http://localhost/ext/callback?ott=mZ_tdIZjcP5KR4P5toK9epJWdniZNcM9
Moha
Moha
View on Discord
10/6/2025

Making name mandatory in magic link registration

I’m trying to enforce that users provide a name when registering via magic link. Frontend validation isn’t enough, because it leaves the API exposed to registrations without a name. Is there a recommended way to make the name field required on registration while still using magic links for login? I’m currently using the default handler:...
Solution:
I haven't found an official solution or configuration that allows me to do that, but I've managed to do it with this workaround: This is the Express handler: ```js app.all("/api/auth/*splat", async (...args) => {...
bc 🐧🪺
bc 🐧🪺
View on Discord
10/6/2025

Query existing OAuth registered clients

Does BA SDK (either client or server) offer a way to query an existing, registered OAuth client by ID or name? E.g. something like await auth.oauth2.getClient({ name: "client-name" }); Workaround I'm using: query database directly via Drizzle. Seems not ideal...
ProEvilz
ProEvilz
View on Discord
10/6/2025

useSession() - expression not callable?

Hi guys, anyoen have any idea what this means? First time I've encountered it.
No description
Justin Makaila
Justin Makaila
View on Discord
10/6/2025

127.0.0.1 oauth redirects

Hi all, I'm migrating from auth.js and trying to get one of my custom providers ported... The provider doesn't allow localhost as redirect URI's, instead opting for 127.0.0.1. When attempting to redirect to the authorization URL, I'm getting errors from the provider that the client is invalid (due to a localhost redirect URI). However, when I change it to the 127.0.0.1 address, I then get state mismatch errors when coming back from the auth flow. Is there a best-practice for dealing with this? ...
Solution:
check https://discord.com/channels/1288403910284935179/1296058482289676320/1424796428189827193 and see if it helps...
acusti
acusti
View on Discord
10/6/2025

Latest CLI changes drizzle datetime fields from mode: 'timestamp' → mode: 'timestamp_ms'

@Better Auth i’m using drizzle + cloudflare D1 and i added some user.additionalFields to my config, so i ran npx @better-auth/cli generate and all the existing datetime fields were changed from a unix timestamp in seconds to a unix timestamp in milliseconds. here’s a representative example extracted from session, with before: 
    expiresAt: integer('expires_at', { mode: 'timestamp' }).notNull(),
    expiresAt: integer('expires_at', { mode: 'timestamp' }).notNull(),
...
PreviousNext