BA
Better Auth6d ago
Damien Cassou

Don't understand how to configure OIDC with an existing provider

I don't understand how to configure better-auth to connect to an exiting OIDC provider. I have an OIDC provider at my company. I wrote the following to register it in auth.js: 
import { betterAuth } from "better-auth";
import { sso } from "better-auth/plugins/sso";
import Database from "better-sqlite3";

const connectUrl = `${process.env.AAA_AUTH_BASE_URL}/auth/core/connect`;

const aaaProvider = {
    providerId: "aaa",
    // The wolters kluwer's app value of the issuer does not match the provided well-known url, so for now
    // we need to use the value provided in the response.
    issuer: process.env.AAA_AUTH_ISSUER_URL,
    domain: "wolterskluwer.com",
    clientId: process.env.AAA_AUTH_CLIENT_ID,
    clientSecret: process.env.AAA_AUTH_SECRET,
    authorizationEndpoint: `${connectUrl}/authorize`,
    tokenEndpoint: `${connectUrl}/token`,
}

export const auth = betterAuth({
    database: new Database("./sqlite.db"),
    plugins: [
        sso({providers: [aaaProvider]})
    ]
});
import { betterAuth } from "better-auth";
import { sso } from "better-auth/plugins/sso";
import Database from "better-sqlite3";

const connectUrl = `${process.env.AAA_AUTH_BASE_URL}/auth/core/connect`;

const aaaProvider = {
    providerId: "aaa",
    // The wolters kluwer's app value of the issuer does not match the provided well-known url, so for now
    // we need to use the value provided in the response.
    issuer: process.env.AAA_AUTH_ISSUER_URL,
    domain: "wolterskluwer.com",
    clientId: process.env.AAA_AUTH_CLIENT_ID,
    clientSecret: process.env.AAA_AUTH_SECRET,
    authorizationEndpoint: `${connectUrl}/authorize`,
    tokenEndpoint: `${connectUrl}/token`,
}

export const auth = betterAuth({
    database: new Database("./sqlite.db"),
    plugins: [
        sso({providers: [aaaProvider]})
    ]
});
Whatever I do, I always get a 400 error on the POST /api/auth/sso/register that I see in my browser: 
{"code":"VALIDATION_ERROR","message":"Invalid body parameters"}
{"code":"VALIDATION_ERROR","message":"Invalid body parameters"}
The documentation mentions signInWithTestUser() and createOIDCProvider() which seem to come from better-auth test suite but don't help me.
Single Sign-On (SSO) | Better Auth
Integrate Single Sign-On (SSO) with your application.
0 Replies
No replies yetBe the first to reply to this messageJoin

Did you find this page helpful?