Configuring SSO with custom Organization logic
Plugins related✅Solved
I'm trying to configure SSO using better-auth and ran into a few issues
Architecture: Next.js (better auth client) / Express (back, better auth server).
I have a database with organizations (mongo). A user can join multiple organizations, and an organization can configure SSO for its members. Currently, this SSO config is stored in my organization collection (not in better-auth tables)
Desired flow:
- User clicks Login with SSO
- User enters the domain (if necessary)
- Client retrieves the providerType and providerId
- client.signIn.sso is triggered
- Callback/redirect
My questions:
- The SSO plugin doesn't seem to provide a getProvider function to dynamically retrieve a provider details linked to an organization
- Since better-auth provides client.sso.register, would it be better to rely on that instead?
- If using client.sso.register, is there a method to unregister a provider (e.g., if the organization is deleted)?
- Is there a way to list or edit registered providers?
- How to avoid duplicating SSO config data?
Note: I am not using the better-auth organization plugin.
I'm curious to know if that will be something that will come up in the future
Or if anyone else has faced a similar workflow, how did you make it work?
Architecture: Next.js (better auth client) / Express (back, better auth server).
I have a database with organizations (mongo). A user can join multiple organizations, and an organization can configure SSO for its members. Currently, this SSO config is stored in my organization collection (not in better-auth tables)
Desired flow:
- User clicks Login with SSO
- User enters the domain (if necessary)
- Client retrieves the providerType and providerId
- client.signIn.sso is triggered
- Callback/redirect
My questions:
- The SSO plugin doesn't seem to provide a getProvider function to dynamically retrieve a provider details linked to an organization
- Since better-auth provides client.sso.register, would it be better to rely on that instead?
- If using client.sso.register, is there a method to unregister a provider (e.g., if the organization is deleted)?
- Is there a way to list or edit registered providers?
- How to avoid duplicating SSO config data?
Note: I am not using the better-auth organization plugin.
I'm curious to know if that will be something that will come up in the future
Or if anyone else has faced a similar workflow, how did you make it work?
Solution
To help others find answers, you can mark your question as solved via
Right click solution message -> Apps -> ✅ Mark Solution
Was this page helpful?
