Better Auth•2mo ago

Vercel: State Mismatch. Verification not found

I'm trying to discover why I get State Mismatch. Verification not found when my app is deployed to Vercel, but not when I test it locally. I can go through the entire OAuth flow in Vercel, but I land on an error page and the logs output this error. Is there any specific Vercel configuration I should be aware of?

2 Replies

EduardoOP•2mo ago

My config is like this:

export const auth = betterAuth({
  baseURL: env.NEXT_PUBLIC_BASE_URL,
  trustedOrigins: [env.NEXT_PUBLIC_BASE_URL],
  secret: process.env.NEXTAUTH_SECRET,

  emailAndPassword: { enabled: false },
  plugins: [nextCookies()],

  advanced: {
    crossSubDomainCookies: {
      enabled: true,
      domain: env.COOKIE_DOMAIN,
    },
    cookie: {
      sameSite: "none",
      secure: true,
      domain: env.COOKIE_DOMAIN,
      path: "/",
    },
    defaultCookieAttributes: {
      sameSite: "none",
      secure: true,
    },
    ipAddress: { disableIpTracking: true },
  },

  database: prismaAdapter(prisma, { provider: "postgresql" }),

  socialProviders: {
    google: {
      clientId: env.GOOGLE_CLIENT_ID,
      clientSecret: env.GOOGLE_CLIENT_SECRET,
      scope: GMAIL_SCOPES,
      accessType: "offline",
      prompt: "select_account+consent",
      disableIdTokenSignIn: true,
    },
    microsoft: {
      clientId: env.MICROSOFT_CLIENT_ID,
      clientSecret: env.MICROSOFT_CLIENT_SECRET,
      scope: OUTLOOK_SCOPES,
      tenantId: "common",
      prompt: "consent",
      requireSelectAccount: true,
      disableIdTokenSignIn: true,
    },
  },

export const auth = betterAuth({
  baseURL: env.NEXT_PUBLIC_BASE_URL,
  trustedOrigins: [env.NEXT_PUBLIC_BASE_URL],
  secret: process.env.NEXTAUTH_SECRET,

  emailAndPassword: { enabled: false },
  plugins: [nextCookies()],

  advanced: {
    crossSubDomainCookies: {
      enabled: true,
      domain: env.COOKIE_DOMAIN,
    },
    cookie: {
      sameSite: "none",
      secure: true,
      domain: env.COOKIE_DOMAIN,
      path: "/",
    },
    defaultCookieAttributes: {
      sameSite: "none",
      secure: true,
    },
    ipAddress: { disableIpTracking: true },
  },

  database: prismaAdapter(prisma, { provider: "postgresql" }),

  socialProviders: {
    google: {
      clientId: env.GOOGLE_CLIENT_ID,
      clientSecret: env.GOOGLE_CLIENT_SECRET,
      scope: GMAIL_SCOPES,
      accessType: "offline",
      prompt: "select_account+consent",
      disableIdTokenSignIn: true,
    },
    microsoft: {
      clientId: env.MICROSOFT_CLIENT_ID,
      clientSecret: env.MICROSOFT_CLIENT_SECRET,
      scope: OUTLOOK_SCOPES,
      tenantId: "common",
      prompt: "consent",
      requireSelectAccount: true,
      disableIdTokenSignIn: true,
    },
  },

` Removed some fields for brevity, the full config is here: https://github.com/elie222/inbox-zero/blob/4a791d596f24a209e21b6237b818cf861161d8df/apps/web/utils/auth.ts

GitHub

inbox-zero/apps/web/utils/auth.ts at 4a791d596f24a209e21b6237b818cf...

The world's best AI personal assistant for email. Open source app to help you reach inbox zero fast. - elie222/inbox-zero

Elie•2mo ago

So we've made progress here. And somehow login works for me on both Google and Microsoft but not for Eduardo.

Gaming

Programming

Vercel: State Mismatch. Verification not found

Did you find this page helpful?