BA
Better Auth3mo ago
arnez

Hierarchically nested teams

Goal: Get organization with proper hierarchical structure. There is top level team that has more teams (departments) bellow, bellow that departments there is even more teams. Is something like that possible with Nest.js via adding custom field?
8 Replies
arnez
arnezOP3mo ago
@Better AuthTitle: Hierarchically nested teams Goal: Get organization with proper hierarchical structure. There is top level team that has more teams (departments) bellow, bellow that departments there is even more teams. Is something like that possible with Nest.js via adding custom field?
Better Auth
Better Auth3mo ago
Currently, Better Auth’s teams feature is designed with a flat structure at the organization level rather than a nested, hierarchical model. You can add custom fields (for example, a parentTeamId) to store relationships between teams, but the core permission logic and endpoints aren’t built to automatically support multi-level hierarchies [1][4]. If you need a deeply nested structure (e.g., a top-level team with departments and sub-departments), you can simulate it by extending the team model with your custom field and then implementing your own logic in your Nest.js application to enforce and manage those relationships. Just be aware that this custom approach won’t automatically integrate with Better Auth’s built-in permission checks or API endpoints—you’ll need to handle those details manually. I hope this helps clarify your options! Sources: [1] Feature: Teams for Organizations [4] Organization | Better Auth
GitHub
Feature: Teams for Organizations · Issue #496 · better-auth/bette...
Is your feature request related to a problem? Please describe. Organization with tens or hundreds of members will need to become more structured. It's very unlikely that all members need to be ...
Organization | Better Auth
The organization plugin allows you to manage your organization's members and teams.
arnez
arnezOP2mo ago
@Better Auth Access to fetch at 'http://localhost:5000/api/auth/sign-up/email' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Better Auth
Better Auth2mo ago
Hi there! This error means that the backend didn’t return the proper CORS header for your request from http://localhost:3000. With Better Auth, you should ensure that this origin is included in your configuration’s trustedOrigins so that the server knows to allow it [1]. Also, if you're using Docker or a custom network, double-check that the hostname in your auth config matches the one used by your client; mismatches can cause the server to return an unexpected origin header [1]. Finally, be sure your CORS middleware is registered before mounting your Better Auth handlers (as recommended in our integration guides) to ensure the preflight requests are handled correctly [4]. Let me know if you need any more help! Sources: [1] Better auth Dockerized authClient Issues [4] Better Auth Fastify Integration Guide | Better Auth
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
Better auth Dockerized authClient Issues · Issue #3874 · better-a...
Is this suited for github? Yes, this is suited for github To Reproduce Set up a better-auth backend inside a Docker container at http://localhost:3001/api/auth Set up a frontend Next.js app at http...
Better Auth Fastify Integration Guide | Better Auth
Learn how to seamlessly integrate Better Auth with your Fastify application.
arnez
arnezOP2mo ago
ž
Better Auth
Better Auth2mo ago
Hi there! This error indicates that your Nest.js backend isn’t properly configuring CORS to allow requests from your Next.js frontend. Here are a few steps to help you resolve the issue: 1. Ensure you enable CORS in your Nest.js application. In a Nest.js app (which typically uses Express under the hood), you can do this by calling: 
   // main.ts
   const app = await NestFactory.create(AppModule);
   app.enableCors({
     origin: ['http://localhost:3000', 'http://your-other-frontend.com'], // add all allowed origins
     credentials: true,
   });
   await app.listen(5000);
   
   // main.ts
   const app = await NestFactory.create(AppModule);
   app.enableCors({
     origin: ['http://localhost:3000', 'http://your-other-frontend.com'], // add all allowed origins
     credentials: true,
   });
   await app.listen(5000);

This will add the proper Access-Control-Allow-Origin header to your responses. 2. Double-check your Better Auth configuration. Better Auth uses a trusted origins array to determine which origins it should echo back. Make sure your configuration includes all your frontend URLs: 
   export const auth = betterAuth({
     trustedOrigins: ['http://localhost:3000', 'http://your-other-frontend.com'],
     // ... other config options
   });
   
   export const auth = betterAuth({
     trustedOrigins: ['http://localhost:3000', 'http://your-other-frontend.com'],
     // ... other config options
   });

This ensures that Better Auth sends the correct CORS header when processing authentication requests [6]. 3. If you’re deploying behind a reverse proxy or containerizing your apps, verify that the headers aren’t being overwritten by any intermediate services (similar issues have been seen in Docker setups [2]). Following these steps should help the server respond with the necessary CORS headers and resolve the issue. Let me know if you need any more help! Sources: [2] Better auth Dockerized authClient Issues [6] Better Auth Fastify Integration Guide | Better Auth
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
Better auth Dockerized authClient Issues · Issue #3874 · better-a...
Is this suited for github? Yes, this is suited for github To Reproduce Set up a better-auth backend inside a Docker container at http://localhost:3001/api/auth Set up a frontend Next.js app at http...
Better Auth Fastify Integration Guide | Better Auth
Learn how to seamlessly integrate Better Auth with your Fastify application.
arnez
arnezOP2mo ago
@Better Auth Access to fetch at 'http://localhost:5000/api/auth/sign-up/email' from origin 'http://localhost:3000/' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. I use separate next.js app as backend and 2 next.js apps as frontend
Better Auth
Better Auth2mo ago
It sounds like your backend isn’t returning the correct CORS headers for the Better Auth endpoints. When credentials are involved (which is often the case with authentication), you can’t use the wildcard (*) for Access-Control-Allow-Origin—you must explicitly pass your frontend origin (in your case, "http://localhost:3000") [5]. Here are a few steps to address the issue: 1. Ensure that your Next.js backend is configured with proper CORS middleware (for example, using the npm cors package or custom middleware) so that every request to your Better Auth endpoints returns an Access-Control-Allow-Origin header matching the incoming origin. 2. Update your Better Auth configuration by adding "http://localhost:3000" (and any other frontend origins) to the trustedOrigins array. This tells Better Auth to echo back the correct origin on responses [5], [3]. 3. Double-check that any reverse proxy or server configuration isn’t overriding or stripping these headers. Following these best practices should resolve the preflight CORS errors you're encountering. Sources: [3] CORS Issue [5] Better Auth Fastify Integration Guide | Better Auth
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth

Did you find this page helpful?