Better Auth

BA

Better Auth

Join the community to ask questions about Better Auth and get answers from other members.

Join

bug-reports

help

Berci
Berci
View on Discord
8/6/2025

Email OTP Sign in/Sign up

Hello! I’d like to use email-based OTP for both sign-up and sign-in (without any email/password), but the current signIn method only returns the token and user object—it doesn’t actually return a session cookie. I discovered that calling verifyEmail() with (overrideDefaultEmailVerification: true) will automatically sign the user in, but it only works for existing accounts and doesn’t create a new user. Is there any way to handle both cases? I checked the documentation but couldn’t find a way to exchange the token i get from the signIn method for a session cookie directly....
Fuego
Fuego
View on Discord
8/6/2025

SSO Unable to do SAML registration

I try to fill in the data for registerSSOProvider according to this guide https://www.better-auth.com/docs/plugins/sso#register-a-saml-provider, But I get 401 Unauthorized. please help me with this this is just a flow I'm currently testing on local environment. As I understand I need to call this function before my app is deployed, so it will know which SAML provider that my app is working with, but for local I just call it every time user need to authenticated. Is my approach correct?...
No description
Hexi
Hexi
View on Discord
8/6/2025

Typeerror: Invalid url. magic link issue

Hi, I've suddenly got this error only in development where ctx.context.baseURL is undefined. Whenever I edit the auth.ts with manually defining baseURL and removing it it suddenly does work. I am using sveltekit...
No description
astro
astro
View on Discord
8/6/2025

how to reduce db queries

```bash GET /organization-os 200 in 2450ms Query: select "id", "expires_at", "token", "created_at", "updated_at", "ip_address", "user_agent", "user_id", "active_organization_id" from "session" where "session"."token" = $1 -- params: ["vVruXo2YbncR1OAb7vQE5UeyHlisPWHG"] Query: select "id", "name", "email", "email_verified", "image", "onboarded", "created_at", "updated_at" from "user" where "user"."id" = $1 -- params: ["lu2xgWwEaxetZPv-Rx0gC"] Query: select "id", "expires_at", "token", "created_at", "updated_at", "ip_address", "user_agent", "user_id", "active_organization_id" from "session" where "session"."token" = $1 -- params: ["vVruXo2YbncR1OAb7vQE5UeyHlisPWHG"]...
ZéDiogo96
ZéDiogo96
View on Discord
8/6/2025

Organizations Plugin Help

I'm struggling to adapt the organizations plugin to my use case, which requires dynamic roles and permissions created at runtime by users. Since the plugin seems designed around static, compile-time roles, I'm constantly fighting against its architecture. I've tried: Built my own RBAC system to integrate with the plugin Considered using metadata to bridge the gap between static and dynamic roles...
aseppp
aseppp
View on Discord
8/6/2025

have anyone tried login using instagram?

have anyone tried login using instagram?
varundeva
varundeva
View on Discord
8/6/2025

Why few keys in redis has no TTL?

Hey im noticing many keys are there in redis which has no TTL, so it stays forever, session information will be expiry after 30 days, Im using secondary database as redis by passing secondaryStorage: { get: async (key) => {...
No description
jins
jins
View on Discord
8/6/2025

Define different pg schema for auth tables

Is it safe to be creating the auth schema (account, session, user, verification) on the public schema? Auth.js creates a separate next_auth schema for these tables which seems like a more secure method? Supabase has a separate auth schema....
Eduardo
Eduardo
View on Discord
8/6/2025

Vercel: State Mismatch. Verification not found

I'm trying to discover why I get State Mismatch. Verification not found when my app is deployed to Vercel, but not when I test it locally. I can go through the entire OAuth flow in Vercel, but I land on an error page and the logs output this error. Is there any specific Vercel configuration I should be aware of?...
sithu
sithu
View on Discord
8/6/2025

Better-Auth, Polar, and Vercel deployment error

While deploying to Vercel using Better-Auth with Polar, I am getting this warning: ``` 2025-08-05T00:55:05.833Z Run npm run preview to preview your production build locally. 2025-08-05T00:55:05.838Z...
Solution:
Adding this to my vite.config.ts worked: ```js import { sveltekit } from "@sveltejs/kit/vite"; import tailwindcss from "@tailwindcss/vite";...
Mark L
Mark L
View on Discord
8/6/2025

twitter provider: unable_to_get_user_info

I've been setting up a twitter social provider, and I got it working for several hours, but after trying to add scopes, it no longer works. I get Error Code: unable_to_get_user_info so I removed the scopes. but I'm still getting this error. The code is exactly the same as it was earlier today when it was working 🤷🏼‍♂️ I tried logging into my X account and revoke access to my app, so it could request it from scratch, but still the same problem persists....
No description
Shaki
Shaki
View on Discord
8/5/2025

is there a way to update the session after creating an organization?

is there a way to update the session after creating an organization? After the user signs up they are redirected to an onboarding screen where they will create the organization. I then want to update the session to save the organization name but I'm not having any luck
Wandie
Wandie
View on Discord
8/5/2025

Unable to send email verification when using Admin plugin createUser

As in the title, when using the admin plugin's authClient.admin.createUser method, the user is created with an emailVerified value of false. On face value this sounds fine but then when subsequently trying to send verificationEmail using authClient.sendVerificationEmail I get a 400 Bad Request error with the code "YOU_CAN_ONLY_SEND_A_VERIFICATION_EMAIL_TO_AN_UNVERIFIED_EMAIL" ```tsx const {data: newUser, error} = await authClient.admin.createUser({ email: values.email,...
officialankan
officialankan
View on Discord
8/5/2025

organization plugin + projects?

Hi and thanks for an awesome library! I am looking to explore the organization plugin (https://www.better-auth.com/docs/plugins/organization#access-control) but I am a bit confused about the mention of projects. In the schema section, it looks like the plugin handles organizations and, optionally, teams. What are these projects that are mentioned in the docs? Is it simply an example of things to extend to on your own? Or does the plugin actually have any feature that is called projects? Thanks!...
phil
phil
View on Discord
8/5/2025

Is it safe to allow locahost as trusted origin

In basic usage localhost is on of the example values. I'm wondering is it safe to set that in production environments?...
mistryakshar54
mistryakshar54
View on Discord
8/5/2025

Soft deletes for org members table or any org related tables

Is there a way to soft-delete entries in the members table? I need to retain the data since other tables depend on it in my current implementation. I saw an earlier thread about intending to support soft-deleting but not sure what the timelines are for that
Das
Das
View on Discord
8/4/2025

Confused about cookie domain/trustedOrigins

Looking at the Cookies docs the example for cross subdomain cookies looks like this. ``` import { betterAuth } from "better-auth" ...
Sean
Sean
View on Discord
8/4/2025

email verification token not storing in table

For whatever reason when a new user signs up on my application, the email verification token sent to the user is not being stored in the database. If a user does password reset it stores this token just fine. I am not sure when or if it ever worked properly but I am certain that the table is hooked up correct as there are other better-auth endpoints that work as intended. I can provide any code needed to fix this....
Solution:
@Sean I just opened pull request https://github.com/better-auth/better-auth/pull/3912 that change that behavior and introduce displayUsernameValidator that is disconnected of usernameValidator
highzenburger
highzenburger
View on Discord
8/4/2025

JWT and avoid cookies

Hi All, I've got multiple projects pointing to different domains (vs hosted) for the backend and I'd like to use JWT For auth. I have enabled both JWT and Bearer plugins. However, it still tries to go through the cookie route when trying to getSession via ```...
Sean
Sean
View on Discord
8/4/2025

displayUsername is normalizing to lowercase.

Im not certain what has happened but recently my better-auth has been normalizing my displayUsername submitted to the better-auth library. On the network request it appears to be sending it to the API endpoint with the correct uppercase and lowercase letters but my database, neon.tech, is showing it in lowercase only. Has this been an issue for anyone else before? I can provide any code needed to fix this....
PreviousNext