BA
Better Auth3mo ago
Emil

Centralized Auth with Better Auth Across Multiple Domains – CORS Issues

Hey! I’m using the Better Auth framework in a Next.js dashboard app. I’m now splitting the app into three separate dashboards across different domains and want to use a single server for authentication. However, I’m running into CORS issues. The simplest workaround seems to be running auth separately in each project, but that feels redundant. Has anyone dealt with this and found a clean, centralized solution? Appreciate any insights!
13 Replies
sebastian
sebastian3mo ago
What backend are you using?
Emil
EmilOP3mo ago
Just using next.js api routes for the auth, as per this doc https://www.better-auth.com/docs/integrations/next
Next.js integration | Better Auth
Integrate Better Auth with Next.js.
sebastian
sebastian3mo ago
Oh, then i can't really help. For next.js maybe it would be better to just do the backend 3 times i guess? Doing a separate backend for this would be ideal, better auth provides you with cross domain cookies etc. And you could set up CORS just as easily.
daanish
daanish3mo ago
use domain as '.domain.com' in cookie, advanced and crossSubDomain
Emil
EmilOP3mo ago
Yeah, had the same thought, it's just a little friction to have another service for it, but seems like that's the way to do it Could you elaborate, or point to a text that talks about this? Thanks 😇
sebastian
sebastian3mo ago
Emil
EmilOP3mo ago
Thanks!
daanish
daanish3mo ago
it's like this 
advanced: {
        crossSubDomainCookies: {
            enabled: process.env.NODE_ENV === "production" ? true : false,
            domain: ".roro-ai.com",
        },
    },
advanced: {
        crossSubDomainCookies: {
            enabled: process.env.NODE_ENV === "production" ? true : false,
            domain: ".roro-ai.com",
        },
    },
Emil
EmilOP3mo ago
Thanks! I’m not very experienced with auth, so I’d love your take — do you think it’s better to have a separate auth server, or host auth under one of the dashboard domains?
daanish
daanish3mo ago
host auth under of the dashboard domain if you have more bigger project then implement separate make sense but for smaller project hosted under one is enough also implement trustedOrigin 
trustedOrigins: [
        process.env.FRONTEND_URL!,
        process.env.NEXT_PUBLIC_BACKEND_URL!,
        process.env.NEXT_PUBLIC_MEDIA_URL!
    ],
trustedOrigins: [
        process.env.FRONTEND_URL!,
        process.env.NEXT_PUBLIC_BACKEND_URL!,
        process.env.NEXT_PUBLIC_MEDIA_URL!
    ],
Emil
EmilOP3mo ago
Ok thanks! And with "bigger project", you mean in terms of users or codebase size?
daanish
daanish3mo ago
in term of different services you provide like google where it has multiple project but one auth server can be used for all the other apps in google workspace
Emil
EmilOP3mo ago
ah yes ok, makes sense. Thanks!

Did you find this page helpful?