Bearer Tokens For Authenticating Requests to Backend (Express)
Hi guys! I am trying to implement the bearer tokens plugin so my backend can authenticate users requests.
However, it seems that tokens aren't being set as explained in these docs: https://beta.better-auth.com/docs/plugins/bearer
Our Infrastructure:
- Using better-auth with magic links and Google OAuth (email/password is disabled)
- Frontend: Next.js app with better-auth client
- Backend: Express.js server
The Issue:
The Bearer plugin docs show that tokens should be returned in the set-auth-token header during sign-in, but we're not seeing this header in our responses. Or maybe the onSuccess isn't even being triggered with the google oauth and magic links?
Does the Bearer plugin work with magic links and OAuth, or only with email/password?
Are we missing some configuration to enable token generation?
Should we be looking for the token in a different place or using a different approach?
Bearer Token Authentication | Better Auth
Authenticate API requests using Bearer tokens instead of browser cookies
13 Replies
Hey can you give me an example of how you've implemented the signin process and are checking for the set-auth-token?
@Ping I'm encountering a similar issue.
Backend: Hono
Frontend: Next.js
OAuth with google provider
After signing in with Google, the cookie is set correctly. However, the request headers don't include the authentication cookie when I call getSession, useSession, or hit any other endpoint.
I also tried making a manual fetch request, but the auth token still isn't being sent in the headers.
@stormej Can you test using the authConfig to get it?
sure i can try, this is for the google sign in bit right?
Also this thing is working on localhost and not on the deployed server
Oh what? Interesting
yeah, i have been struggling with this since more than 2 weeks now, i see few other people have this issue as well
So using your current setup, you're able to recieve the
set-auth-token from the onSuccess of a social.signIn call? Or via the global one in the authClient?
And can I know the details of your prod server?
@stormejthis is what my current code looks like
first is the next js client and 2nd this the auth on backend
i have deployed this on a worker
nope
@Ping if you could help it would be really nice 🙏
I don't see the bearer plugin?
i am not using the bearer plugin the issue is with the auth session cookie
You're in the wrong issue, make a new help thread. This is specifically regarding the bearer plugin.
okay