Better Auth

BA

Better Auth

Join the community to ask questions about Better Auth and get answers from other members.

Join

bug-reports

help

1MS1
1MS1
View on Discord
8/25/2025

MCP Oauth how to show consent screen

When using th emcp setup acording to the docs oauth get directly the logged in user without asking him for consent when adding the MCP server to Claude Desktop for example. How can a consent screen similar to Vercer MCP server be added?...
Nelson
Nelson
View on Discord
8/25/2025

How to mock better-auth with MSW?

I tried to use MSW to mock the (GitHub) OAuth flow. However, I have been unsuccessful in getting the session on the server. Here is a minimal reproduction: https://codesandbox.io/p/devbox/better-auth-with-msw-5dy86g ...
No description
elmd
elmd
View on Discord
8/25/2025

OIDC Plugin + Organization Plugin for limiting user OAuth to specific organizations tied to an app

I may have missed this in the documentation, but is there a way for me to combine the OIDC plugin with the Organizations plugin such that when a user tries to authenticate into a specific application, we check that user's membership with an associated organization during the OAuth process, and if the user doesn't have a membership, then authentication into that app should be denied. Basically, I am making an auth-gateway system to where my team can internally tie different applications (and OAuth configs) to different end customers (better-auth organizations plugin) via an administration portal. My team will deploy a client-application that users log into by OIDC, pointed to the auth-gateway application we have setup (both NextJS apps will use better-auth, with auth-gateway being the source of truth and client-application pointing to our auth-gateway with it's configured credentials. In other plugins, I see the ability to add custom fields and callbacks/validators on the actions, but from what I can tell, I can't do that for the OIDC provider plugin....
purnama
purnama
View on Discord
8/25/2025

When calling subscription.cancel how do we know whether it’s cancelled vs active?

I’m using stripe and nextjs. How do I check whether user has already cancelled their subscription? Subscription is still active and the stripe side is updated correctly (shows the cancellation date at the end of the period)...
robc7957
robc7957
View on Discord
8/25/2025

How to block log in for specific providers based on email domain?

My scenario: I have google and microsoft social providers, and I also have some genericOAuth plugin providers for microsoft oauth for specific tenants so the autherisation screen can be skipped when they login. My issue: For users who have a genericOAuth, they should only be able to login using this. I have created a function which checks the email address domain to see if there are any restrictions on which provider they can use. This is to prevent a user creating a google account using their work email address then using the google account to sign in. I have tried to implement this using the before and after hooks, but for the social logins, the email address is not available as the user has not selected which email to use. When the after hook is run, the session has already been created so I can't block it....
luminar
luminar
View on Discord
8/25/2025

This expression is not callable

Hello i get this error on the get session hook. My hook: export function useUserSession() {...
No description
stewie
stewie
View on Discord
8/24/2025

help

i am using better-auth first time and getting confused by the docs i wanna implement auth in my next app like i wanna have a signup and signout button and auth middleware or something to prevent access to routes
zgy
zgy
View on Discord
8/24/2025

Docs: Examples broken except Nextjs

https://www.better-auth.com/docs/examples/remix The examples are all broken except Next.js. Does anyhone has the examples somewhere?...
B3RLIM_BOT
B3RLIM_BOT
View on Discord
8/24/2025

monorepo/turborepo example

Does anyone have a Turborepo setup with multiple apps (for example, apps/web and apps/server) where auth and the database live in /packages, and the /server app handles all authentication between the apps? I’d love to see an example of how this works.
Rupesh
Rupesh
View on Discord
8/24/2025

signup email from sever

I’m calling auth.api.signupWithEmail, and I’m getting the same response as when I call it from authClient.
However, the next getSession call returns null, whereas when signup is called from the client, it works fine.
I went through the method flow but didn’t find anything unusual....
deved9036
deved9036
View on Discord
8/24/2025

Disable Rate Limit on certain routes?

I have a rate limit set up with secondary storage that uses cloudflares KV store, whilst this works great, it creates a key values pair for every api route which creates thousands of kv's. For my case I only want to rate limit the /sign-in/social for example and none of the get-session routes. Is this currently an option?...
No description
iatomic.btc
iatomic.btc
View on Discord
8/24/2025

Monorepo + Hono

@Ping basically i don't want to manually write fetch for all better auth endpoints, would prefer using the auth.api method any ideas on how to go about this pls I have a setup with Hono + Better Auth on the backend and Next.js on the frontend. Backend Better Auth config (running on Hono, port 3000):...
sumanth
sumanth
View on Discord
8/23/2025

oneTap with localhost

I am getting error when testing with localhost 1. I added http://localhost:3000 to Authorized JavaScript origins in google Credentials 2. set Referrer-Policy header in next.config.ts ```ts async headers() {...
No description
nielsbusch
nielsbusch
View on Discord
8/23/2025

OIDC Provider plugin refresh token support?

I have configured the OIDC provider plugin and created an oauth client for Zapier with authorization_code and refresh_token grant types. However Zapier gives the error: Field named refresh_token not found in OAuth2 results when trying to connect to my app. Is refresh token not supported or do I need some additional configuration?
Solution:
I found I need to send the offline_access scope. Then it works.
No description
poteboy
poteboy
View on Discord
8/23/2025

How to keep the same userId when linking anonymous and social accounts?

Hello. I opened this issue earlier: https://github.com/better-auth/better-auth/issues/4180 I’d like to confirm the recommended approach for handling anonymous → social account linking without changing the userId:...
Mark L
Mark L
View on Discord
8/23/2025

Error when using twitter social sign in with multiple callback URLs

I have configured 2 possible callback URLs in x API developer portal: https://mydomain.app/api/auth/callback/twitter http://localhost:3001/api/auth/callback/twitter ...
ehakan
ehakan
View on Discord
8/23/2025

Admin vs Organizations plugin for company internal tool (Google Workspaces)

I'm building an internal tool and usually our permissions are mapped to our google groups memberships. I already have something gets google groups of a user and adds them to the sessions table as a comma separated list, but now I need a proper authz setup. Should i use organizations and map teams to each google group OR should I setup access control using admin and derive a bunch of roles?...
Vishal Anton
Vishal Anton
View on Discord
8/23/2025

Help needed in Linear redirection

baseURL: 'http://localhost:3000/api/v1/auth', ` const authPrefix = '/api/v1/auth'; app.use((req: Request, res: Response, next: NextFunction) => { if (!req.url.startsWith(authPrefix)) return next();...
bolg55
bolg55
View on Discord
8/23/2025

Rename/remove default organization role names?

Is it possible to rename the default names, or exclude them if I create a custom access control? For instance, instead of "member" use "employee"?
jacobdunning
jacobdunning
View on Discord
8/22/2025

Issues using NextJS NextRequest headers in server-side auth.api functions

Running NextJS application deployed on AWS Fargate. Over the last few days, our calls to Better-Auth api functions on the server in API endpoints have all started failing. I checked for version changes in both NextJS and better-auth, and there are none. The code was working fine last week, now getting 401 unauthorized or 400 API errors returned by API calls. I've isolated the issue to the headers object that certain functions use. From better-auth docs, here's organization permissions as an example: await auth.api.hasPermission({ headers: await headers(),...
PreviousNext