i cant acess better auth, with cross domains in my frontend
i have this config in my backend using elysia
const app = new Elysia()
.use(cors())
.mount(auth.handler)
export const auth = betterAuth({
advanced: {
defaultCookieAttributes: {
sameSite: "none",
secure: true,
partitioned: true
}
},
trustedOrigins: "app.frontend.com"
the url of my backend in production is "app.backend.com" thats the url my frontend use
when i try to acess the backend using the frontend in next, its not getting the user.
3 Replies
@Better Auth
Hi there! Here’s a roundup addressing some common Better Auth questions from our Discord community:
1. Discord OAuth Email Concerns
Several users have asked about privacy issues when collecting real email addresses via Discord OAuth. Good news: you can opt to use a dummy email or even the Discord snowflake ID instead to avoid privacy concerns [1], [4]. 2. Bot Permissions During OAuth
Many developers want to grant specific bot permissions during Discord OAuth. Better Auth now supports an optional permissions parameter if you include the
Some community members have wondered how to keep user profile images in sync with their Discord profiles. Although Better Auth creates users on social login, updating the stored image when a user's profile picture changes may need additional custom logic or hooks. Check out the discussions and suggestions around this topic for guidance on implementing profile hooks [14], [19]. 4. Handling Consent Prompts and OAuth Redirects
A few users have reported that Discord always prompts for authorization or that there are issues with the OAuth URL (for example, missing the ++ prefix on the redirect_uri). For the consent prompt, setting the
Several users have asked about privacy issues when collecting real email addresses via Discord OAuth. Good news: you can opt to use a dummy email or even the Discord snowflake ID instead to avoid privacy concerns [1], [4]. 2. Bot Permissions During OAuth
Many developers want to grant specific bot permissions during Discord OAuth. Better Auth now supports an optional permissions parameter if you include the
bot scope. This allows you to request precise bot capabilities during authorization without breaking existing integrations [5], [6].
3. Updating User Images on LoginSome community members have wondered how to keep user profile images in sync with their Discord profiles. Although Better Auth creates users on social login, updating the stored image when a user's profile picture changes may need additional custom logic or hooks. Check out the discussions and suggestions around this topic for guidance on implementing profile hooks [14], [19]. 4. Handling Consent Prompts and OAuth Redirects
A few users have reported that Discord always prompts for authorization or that there are issues with the OAuth URL (for example, missing the ++ prefix on the redirect_uri). For the consent prompt, setting the
prompt option to "none" might help reduce repeated consent screens [22]. Also, ensure your Better Auth versionGitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
Build software better, together
GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.
GitHub
Build software better, together
GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
correctly includes the required ++ prefix for Discord OAuth URLs to avoid state mismatch errors [12], [9].
These topics represent some of the most common inquiries and discussions on Better Auth best practices. If you have a specific use case or run into issues, feel free to ask—we’re here to help!
Let me know if you need more details on any of these points. Happy coding!
Sources:
[1] feat: Discord Oauth without the email scope
[4] feat:Add Discord OAuth email scope configuration field
[5] feat: add Discord bot permissions parameter support
[6] feat(discord): allow specification of permissions
[9] Discord Provider throwing
state_mismatch error every time in latest versions
[12] Discord OAuth redirect_uri requires double plus signs (++) prefix - Better Auth generates invalid URLs
[14] Feat: Profile Hooks
[19] Updating Discord image everytime the user logs in.
[22] Discord login always prompts for authorization
— Better Auth is powered by https://clarm.comGitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
better-auth/better-auth
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
GitHub
feat: Discord Oauth without the email scope · Issue #2059 · bette...
Is this suited for github? Yes, this is suited for github Is your feature request related to a problem? Please describe. I find collecting email addresses a potential privacy concern depending on t...
GitHub
feat:Add Discord OAuth email scope configuration field by Summerlyt...
Collecting the real email address is a privacy concern. By implementing this simple fix, it allows users to replace said address with a dummy address easily. I understand you can write over the ema...
GitHub
feat: add Discord bot permissions parameter support by TheUntraceab...
When using the Discord social plugin, you can set the bot scope, and this scope can have an additional permissions scope, referring to the permissions of the Discord Bot once authorized.
This pull ...