Issues using NextJS NextRequest headers in server-side auth.api functions
Running NextJS application deployed on AWS Fargate. Over the last few days, our calls to Better-Auth api functions on the server in API endpoints have all started failing. I checked for version changes in both NextJS and better-auth, and there are none. The code was working fine last week, now getting 401 unauthorized or 400 API errors returned by API calls.
I've isolated the issue to the headers object that certain functions use. From better-auth docs, here's organization permissions as an example:
await auth.api.hasPermission({
headers: await headers(),
body: {
permissions: {
project: ["create"] // This must match the structure in your access control
}
}
});
Two questions to help me debug this:
1. What fields are included in the headers that are used in auth.api.* functions? How can I check which field is missing from the headers to try to figure out what's missing?
2. Has anyone else encountered a similar issue?
I've isolated the issue to the headers object that certain functions use. From better-auth docs, here's organization permissions as an example:
await auth.api.hasPermission({
headers: await headers(),
body: {
permissions: {
project: ["create"] // This must match the structure in your access control
}
}
});
Two questions to help me debug this:
1. What fields are included in the headers that are used in auth.api.* functions? How can I check which field is missing from the headers to try to figure out what's missing?
2. Has anyone else encountered a similar issue?
