How to acces ID token returned by oAuth provider
I'm using the Microsoft oAuth provider. It returns an ID token, which (when decoded) includes some user information I need to access, such as user group memberships.
The ID token gets stored in the 'accounts' table, but I can't work out how to access it. I can't see any way using auth.api.
I know I could query the database independently, but it seems like I shouldn't have to do that to access something that better-auth is storing....
Better-Auth with Express Server
I set up basic Better-Auth in an Express server with sqlite database.
Followings the docs I have auth.js
```
import { betterAuth } from "better-auth";
import Database from "better-sqlite3";...
Property 'signIn' does not exist
```typescript
import { createAuthClient } from "better-auth/react";
export const { signOut, useSession, signIn } = createAuthClient({
baseURL: process.env.BETTER_AUTH_URL!,...
Solution:
first make sure to config your auth correctly and to do the recomend of destructing the object since i dont exactly know your rules config for that but i recomend this way and also the safest way
```ts
const authClient = createAuthClient({
baseURL: process.env.BETTER_AUTH_URL!,
});...
set a default redirect URL
im hosting my auth layer on a cf worker, and my nextjs on another worker.
is there a way to set the redirect to always be on the nextjs worker?
i dont wanna do callbackURL: "http://my.nextjs.app/" for all my calls...
Components not visible (BetterAuthUI)
Only AuthCard and AuthUiProvider is visible on the website. If you see user-button is a component but its not visible in the sidebar. Is it a UI bug? @daveycodez what am I missing? please check
How to use better-auth CLI in a Cloudflare workers + Cloudflare D1 + react-router + drizzle project?
I created a React Router 7 project using the Cloudflare workers template:
pnpm create cloudflare@latest my-react-router-app --framework=react-router . I added D1 bindings and drizzle to this project.
The Problem:
I am struggling to find a pattern where I can somehow export auth in a way the CLI can pick up....Solution:
I recommend making a fake auth file and a real auth file.
The fake one is just your better-auth config except for any fields which require ENV vars.
This file will be the one you would then use for the better-auth cli to read.
The real one would be the one which includes all needed ENV variables for Better Auth to function....
sign in stuck loading in deployed app
Hi there,
I have an issue I am encountering in my deployed app but not local app. When I try to sign-in the user gets successfully authenticated but the loading button is stuck loading.
This issue does not happen locally (of course 😂 ) and I am not too sure why that's happening. I know the request
response shows redirect = false but the same is shown locally and the user gets redirected to their profile....Error when generating SvelteKit tables
When running the
@better-auth/cli generate command in a SvelteKit project it throws the following error
2025-04-17T14:44:42.264Z ERROR [Better Auth]: [#better-auth]: Couldn't read your auth config. Error: Cannot find module '$env/dynamic/private'
For reference, this is my src/lib/db/index.js file where the error is thrown:...Anyway to allow shared emails?
I have a multi-tenant setup, with an extra column "project_id" setup in my schema, with my database itself confining emails to be unique to projects.
Is there any config value I can change to allow sign-ups with existing emails? No matter what I try (so far), I get the error "Sign-up attempt for existing email: ...."...
Why is the accessToken not encrypted by default?
Hi, why is the accessToken in
account not encrypted by default e.g for discord in our persistence?
And what's the easiest way to encrypt/decrypt it? Creating a custom plugin would do the job, I guess? thanks ! 🙂...Solution:
After discussing with @bekacru we'll be implementing this built-in.
Right now it could be possible via custom plugin - but I'm not 100% certain on this.
Our future plans (roughly) are:
* Encrypt accessToken by default...
Anyway to set a non-user input field based on request headers?
I have a database field that needs to be setup on signup, based on request headers. Because this value is handled server side, I've set input to false on this additional field - now I've done that, however, the value from the before hook is entirely ignored.
I can set the field to
input: true however that makes it settable client side, which of course can be overriten, it just doesn't seem as clean
Any ideas?...deleteUser response: FAILED_TO_GET_USER_INFO
Hi, I'm using deleteUser() with sendDeleteAccountVerification.
E-mail is sent with correct token. But whatever I try, the response from my Express API is FAILED_TO_GET_USER_INFO.
I'm on version 1.2.7 in both client and server...
Updating email_verified and image fields
Hi,
My app supports credentials & Google OAuth login. I verify emails when users sign up using the credentials method.
After using the credentials method to sign up, before verifying their email, if the same user (with the same email) signs in with Google, the user table doesn't update the email_verified to true (if Google passes this email, we can safely set the email_verified field) and image field also is left empty....
Unclear how to call phoneNumber signup from frontend
I'm using phone-number for sign-up, my authClient looks like ..
```
export const authClient = createAuthClient({
baseURL: "http://localhost:8081",...
Solution:
You have to send the otp for the verification and make sure to pass signUpOnVerification to set up a temporary email since right better auth requires an email fields and also the same for name. And you can sign in back with signin.phoneNumber .
cli generate not working: "Please run prisma generate"
Hi, I'm very new around better-auth and I need some help figuring out how to set it up properly. I have followed the instructions but for some reason I cannot seem to run the command
npx @better-auth/cli generate. Gives me back an error that says "Please run "prisma generate" and try to import it again. However this has already been done and when I run the command it comes back to the same error.I cant decode better auth session cookie.
Here is the snippet: https://pastecode.dev/s/dcdiax2w
It's golang middleware, i am trying to decode my custom cookie with my secret.
But the decoded user id is not correct, here is the log:...
How to set Bearer token in Next.js
Hello Everyone,
```jsx
import { createAuthClient } from 'better-auth/react';
...
How can I configure something like nextauth `callbacks.signIn`?
When user signin by apple or google oauth, I want to query user information from my exists database, and verify that the user, and return new user information to session
in nextauth I can do something like:
```typescript...
Unclear on how to handle session and cookies in sveltekit
I've followed the sveltekit guide from better auth website However i think it is unclear on how to do sveltekit auth on server side, on the example you do so by doing it on the client but normally you would do a login +page.svelte and then a +page.server.svelte and there you would call the auth.api.signInSocial (or email). Example:
```ts
// auth/login/+page.server.ts
export const actions: Actions = {...
Microsoft Provider
I'm having trouble getting Microsoft authentication to work. I keep running into this error:
ERROR [Better Auth]: State Mismatch. Verification not found { state: '' }
On
signIn.social({ : 'microsoft', : '/' }) and linkSocial({ provider: 'microsoft' });
...