39 replies

[1.4.3] Stateless Session Management – Error 'ACCOUNT_NOT_FOUND'

1. What's the Issue?

I'm using TanStack React Start with a middleware that calls getAccessToken on every request.
Because the dev server (Vite) triggers hot reload after each code change, the in-memory data about the authenticated user is lost.
After the reload, better-auth no longer recognizes the user session and getAccessToken throws an ACCOUNT_NOT_FOUND error.

I expected getAccessToken to work consistently as long as the session cookie is still valid, even across dev server reloads.

2. Error Messages

[InternalAPIError: Account not found] {
  status: 'BAD_REQUEST',
  body: { code: 'ACCOUNT_NOT_FOUND', message: 'Account not found' },
  headers: {},
  statusCode: 400
}

[InternalAPIError: Account not found] {
  status: 'BAD_REQUEST',
  body: { code: 'ACCOUNT_NOT_FOUND', message: 'Account not found' },
  headers: {},
  statusCode: 400
}

3. How to Reproduce
1. Use better-auth version 1.4.3 with stateless session management.
2. In TanStack React Start, create a middleware that calls getAccessToken.
3. Start a dev server using Vite.
4. Log in so that the session cookie is stored in the browser.
5. Modify any file → Vite triggers hot reload → the server restarts.
6. Make any request that triggers the middleware.
7. getAccessToken throws ACCOUNT_NOT_FOUND because user account data stored in memory disappears after the reload.

Additional info:
My config:

export const auth = betterAuth({
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID,
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
      tenantId: process.env.MICROSOFT_TENANT_ID,
      redirectUri: process.env.MICROSOFT_REDIRECT_URI,
      authority: 'https://login.microsoftonline.com',
      scope: ['openid', 'profile', 'email', 'offline_access', 'User.Read'],
      prompt: 'select_account',
    },
  },
  session: {
    cookieCache: {
      enabled: true,
      maxAge: 7 * 24 * 60 * 60,
      strategy: 'jwe',
      refreshCache: true,
      version: '1',
    },
  },
  account: {
    storeStateStrategy: 'cookie',
    storeAccountCookie: true,
  },
  plugins: [tanstackStartCookies()],
});

export const auth = betterAuth({
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID,
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
      tenantId: process.env.MICROSOFT_TENANT_ID,
      redirectUri: process.env.MICROSOFT_REDIRECT_URI,
      authority: 'https://login.microsoftonline.com',
      scope: ['openid', 'profile', 'email', 'offline_access', 'User.Read'],
      prompt: 'select_account',
    },
  },
  session: {
    cookieCache: {
      enabled: true,
      maxAge: 7 * 24 * 60 * 60,
      strategy: 'jwe',
      refreshCache: true,
      version: '1',
    },
  },
  account: {
    storeStateStrategy: 'cookie',
    storeAccountCookie: true,
  },
  plugins: [tanstackStartCookies()],
});

Better Auth•3mo ago•

39 replies

Dominik

[1.4.3] Stateless Session Management – Error 'ACCOUNT_NOT_FOUND'

[InternalAPIError: Account not found] {
  status: 'BAD_REQUEST',
  body: { code: 'ACCOUNT_NOT_FOUND', message: 'Account not found' },
  headers: {},
  statusCode: 400
}

[InternalAPIError: Account not found] {
  status: 'BAD_REQUEST',
  body: { code: 'ACCOUNT_NOT_FOUND', message: 'Account not found' },
  headers: {},
  statusCode: 400
}

export const auth = betterAuth({
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID,
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
      tenantId: process.env.MICROSOFT_TENANT_ID,
      redirectUri: process.env.MICROSOFT_REDIRECT_URI,
      authority: 'https://login.microsoftonline.com',
      scope: ['openid', 'profile', 'email', 'offline_access', 'User.Read'],
      prompt: 'select_account',
    },
  },
  session: {
    cookieCache: {
      enabled: true,
      maxAge: 7 * 24 * 60 * 60,
      strategy: 'jwe',
      refreshCache: true,
      version: '1',
    },
  },
  account: {
    storeStateStrategy: 'cookie',
    storeAccountCookie: true,
  },
  plugins: [tanstackStartCookies()],
});

export const auth = betterAuth({
  socialProviders: {
    microsoft: {
      clientId: process.env.MICROSOFT_CLIENT_ID,
      clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
      tenantId: process.env.MICROSOFT_TENANT_ID,
      redirectUri: process.env.MICROSOFT_REDIRECT_URI,
      authority: 'https://login.microsoftonline.com',
      scope: ['openid', 'profile', 'email', 'offline_access', 'User.Read'],
      prompt: 'select_account',
    },
  },
  session: {
    cookieCache: {
      enabled: true,
      maxAge: 7 * 24 * 60 * 60,
      strategy: 'jwe',
      refreshCache: true,
      version: '1',
    },
  },
  account: {
    storeStateStrategy: 'cookie',
    storeAccountCookie: true,
  },
  plugins: [tanstackStartCookies()],
});

[1.4.3] Stateless Session Management – Error 'ACCOUNT_NOT_FOUND'

Similar Threads

[1.4.3] Stateless Session Management – Error 'ACCOUNT_NOT_FOUND'

Similar Threads

Similar Threads

Similar Threads