CORS error when using Better Auth with subdomain (Next.js)

Signin page: https://app.example.com/signin
API endpoint: https://example.com/api/auth/sign-in/social
Using middleware to rewrite subdomains (so app.example.com)

Configured trustedOrigins as:

trustedOrigins: [
  'https://example.com',
  'https://app.example.com',
  'http://localhost:3000'
]

trustedOrigins: [
  'https://example.com',
  'https://app.example.com',
  'http://localhost:3000'
]

trustedOrigins: [
  'https://example.com',
  'https://app.example.com',
  'http://localhost:3000'
]

trustedOrigins: [
  'https://example.com',
  'https://app.example.com',
  'http://localhost:3000'
]

Still getting a CORS error in the browser when calling the social sign-in endpoint.

In next.config.js I also added headers with Access-Control-Allow-Origin: * (wildcard).

Since this is a single NextJs project with subdomain rewrites, do I still need to manually add CORS headers, or should trustedOrigins handle this automatically?

CORS error when using Better Auth with subdomain (Next.js)

Similar Threads

Similar Threads

Similar Threads