Convex + better auth 400 code with no errors
Hey, I was just trying to setup better auth with convex, but for some reason I always get a weird 400 error with "Invalid body parameters" for the
/api/auth/sign-in/social route. No matter what provider I use, it's always the same.
All my .env variables are there and working...How to use `auth` method inside hooks
How can I use the methods on
auth, like auth.api.createOrganization inside auth.emailVerification.afterEmailVerification setup?
Typescript shouts about the variable referencing itself...organization.autoCreateOrganizationOnSignUp doesn't seem to do anything
Hi there
I'm trying to create an org for users on signup. I saw this flag in the plugin config, but it doesn't seem to actually do anything. I signup, verify my email, but not org or member is created...
Error Code: unable_to_get_user_info (X Login)
I tried logging in with X using Better Auth and I keep getting this error code. I would like to know how to fix this
Error updating api key
I am facing an error while trying to update the api key, my code:
```TS
import type { IncomingHttpHeaders } from 'node:http'
import { auth } from '../../lib/auth.ts'
import type { UpdateApiKeyBody } from '../../schemas/api-keys/index.ts'...
useSession() and getSession() are supposed to extend expiresAt right?
Calling useSession() on the client or getSession() on the server is supposed to extend the session expiresAt if past updateAge correct? I cannot for the life of me get it to extend. I'm checking returned data and the DB itself.
Sveltekit - 2.28.0
expiresIn: 4 * 60
updateAge: 30
Running local....
Does Better Auth Support Session/Token Rotation?
In Better Auth, if a session cookie is stolen and reused in another browser, does the library provide any built-in mechanism to prevent session hijacking (like session rotation, device/IP binding, or fingerprint validation)? From what I’ve seen, there doesn’t seem to be session/token rotation for email/password authentication — could you confirm if that’s correct and suggest the recommended approach to mitigate this risk?
google login doesn't work on mobile web but works properly for the desktop
trying to login using a mobile doesn't allow me signin to my application after following the official docs setup
activeOrganizationId stays null after setActiveOrganization
Creating org + setting as active works, but session.activeOrganizationId remains null on next request.
Create org:
```ts
const orgData = await auth.api.createOrganization({
body: {...
Solution:
Do you use cookie cache?
@better-auth/cli ZOD version dependency
Hey all,
The @better-auth/cli ZOD peer dependency is currently set to the following.
Should this not have a ^ in front of the v3?
...
Bearer 2FA
I’m using bearer plugin for auth flow because of tauri mobile app. Default login are working fine when I receive a token - just put it inside localstorage and that’s all. Problem is when I need to sign in with TOTP enabled, after sign-in I receive ‘twoFactorEnabled’ and requesting a TOTP code but I cannot verify it because token that we have not linked to any session yet. I see some other cookies that I can’t use because of tauri cookie limitation such as 2fa, don’t remember and other.
@Better Auth can you please provide a doc link where defined flow of not using any cookies but having 2fa, trust device, remember me features working?...
Next-intl + Stripe
Has anyone had an issue where a calling authClient.subscription.upgrade eventually leads to a localized api endpoint? I figure directly after processing in /api/auth/subscription/upgrade there's a call that's redirected to a localization, but I can't seem to figure out how to fix it (ps I've already tweaked my middleware.ts)
Additional fields, FAILED_TO_CREATE_USER
I have a issue, I have some custom fields and I want to pass them on user creation, but seems to get FAILED_TO_CREATE_USER, with no details more about the error.
Problem generate models with bun (bunx)
```
❯ bunx @better-auth/cli generate
node:internal/modules/esm/resolve:274
throw new ERR_MODULE_NOT_FOUND(
^...
MCP plugin: problems with oauth and how to show consent screen to user
I implemented according to the mcp plugin docs but I cannot add it as a custom connector in Claude Desktop. Neither the localhost nor a version hosted on vercel. When I disable auth / oauth it works seamlessly and all the tools load and work.
A guess would be because of the protected-ressource-metadata that is not inplemented according to the docs?...
Waterfall in custom session plugin
So currently I am using
customSessionPlugin to decorate my session. I have user_preferences schema, that has 1:1 realtionship with user. This create waterfall chain first session-> user->user_preferences. The waterfall between session and user makes absolute sense but I was wondering if we could avoid waterfall between user and user_preferences. I was going through code of fetchSession and it seems this is not possible in better-auth.
Has anyone tackled this before? Any workarounds or patterns you've adopted would be super helpful!...better-auth+prisma+mongodb combo literally doesn't work
When the psiam.schema is generated using the better auth cli generate command, I was surprised that all the ids didn't have the @db.ObjectId
I ignored that at first glance, but then I hit a wall where I literally can't work anymore..
in my user/[id] page I have a server action that fetches the user by id with prisma. The id is right but I get this issue
...
Solution:
I found this solution:
Solution:
1- in auth.ts add the following:...
Hierarchically nested teams
Goal: Get organization with proper hierarchical structure. There is top level team that has more teams (departments) bellow, bellow that departments there is even more teams. Is something like that possible with Nest.js via adding custom field?
How can i prevent same phone number adding by other user?
I can see same phone number can be added by other email account as well.
how to prevent this? some check needed like number already used or unique number.
sms credit is wasting simply...
Metadata on subscriptions not working.
```typescript
const { error: upgradeError } = await authClient.subscription.upgrade({
plan,
successUrl,
cancelUrl,...