BA
Better Auth2mo ago
ldp

Auth client in Next server actions - always getting 401

Hi! I'm trying to use the auth client in a next server action, but any api I hit on the server side is always unauthorized. Is there some way to configure the auth client with the user's server-side session? I know I can do auth.api.doThing but I'd greatly prefer to use the auth client for the sake of consistency. Also, I know I can run these on the client, but there is a very specific reason this specific call is on the server. 
const myServerAction = () => {
  // i have the authorized session
  const session = auth.api.getSession({ headers: await getHeaders() });
  // always 401's, but only on the server.  any way to pass/configure the session?
  const { data, error } = await authClient.organization.create({
    // ...args
  });
}
const myServerAction = () => {
  // i have the authorized session
  const session = auth.api.getSession({ headers: await getHeaders() });
  // always 401's, but only on the server.  any way to pass/configure the session?
  const { data, error } = await authClient.organization.create({
    // ...args
  });
}
3 Replies
The Untraceable
The Untraceable2mo ago
Don't use auth client in server actions Thats only for client side 
const metadata = { someKey: "someValue" };
 
const data = await auth.api.createOrganization({
    body: {
        name: "My Organization", // required
        slug: "my-org", // required
        logo: "https://example.com/logo.png",
        metadata,
        userId: "some_user_id", // server-only
        keepCurrentActiveOrganization: false,
    },
    // This endpoint requires session cookies.
    headers: await headers(),
});
const metadata = { someKey: "someValue" };
 
const data = await auth.api.createOrganization({
    body: {
        name: "My Organization", // required
        slug: "my-org", // required
        logo: "https://example.com/logo.png",
        metadata,
        userId: "some_user_id", // server-only
        keepCurrentActiveOrganization: false,
    },
    // This endpoint requires session cookies.
    headers: await headers(),
});
I don't see why you wouldn't want to use it server side
ldp
ldpOP2mo ago
yeah i had that auth.api version working already, was just checking if there was a way. thanks for the reply.
I don't see why you wouldn't want to use it server side
to maintain a unified api across environments. if the api footprint was exactly the same, and only the client initialization / reference was different, that would be one thing, but they're totally distinct APIs that you and any coworkers need to grok, depending on what env context they're in at the time if auth.api and authClient had the same exact footprint, i wouldn't think twice about it eg: auth.api.organization.create() would be equivalent, but from glancing at the types, it seems to just have all of the functions directly on auth.api for server side, but not for authClient
The Untraceable
The Untraceable2mo ago
Ah right I see what you mean I do also wish that for server apis it did follow the api.plugin_name.function but unfortunately not really possible; auth client is meant for client side, auth.api is meant for server side strictly

Did you find this page helpful?