All of the changes made will be available here.

Better Auth is comprehensive authentication library for TypeScript that provides a wide range of features to make authentication easier and more secure.

DocumentationGitHubCommunity

BETTER-AUTH.

v1.3.17

🚀 Features

  • sso: Provide default service provider metadata – @dvanmali

🐞 Bug Fixes

  • nuxt: Avoid load env base url for SSR – @himself65
    View changes on GitHub

v1.3.16

No significant changes

    View changes on GitHub

v1.3.15

🐞 Bug Fixes

  • types: Include null in getSession return type – @jcajuab
    View changes on GitHub

v1.3.14

🚀 Features

  • passkey: Allow multiple passkey origins – @kevcube
  • sso: DefaultSSO options and ACS endpoint – @Kinfe123

🐞 Bug Fixes

  • Wrap Math.floor around the division when calculating TTL – @DevDuki @himself65
  • api-key:
    • Calling client on server side – @himself65
  • mcp:
    • Missing Content-Type header for mcp DCR – @Berndwl
  • organization:
    • Pass ctx to DB hooks – @ping-maxwell
    • Allow passing id through beforeCreateOrganization@ping-maxwell
  • username:
    • Username should respect send on sign config – @QuintenStr
    View changes on GitHub

v1.3.13

🚀 Features

  • Add returnHeaders to getSession@frectonz
  • last-login-method: Update OAuth login method tracking for multiple auth type – @Kinfe123

🐞 Bug Fixes

  • client: BaseURL is undefined for SSR – @himself65
  • organization: Remove autoCreateOnSignUp option as it's not implemented yet – @Bekacru
  • passkey: Remove email from query – @himself65
    View changes on GitHub

v1.3.12

🚀 Features

  • discord: Allow specification of permissions – @TheUntraceable @Bekacru
  • email-otp: Allow returning undefined in generateOTP@ping-maxwell

🐞 Bug Fixes

  • Device authorization plugin – @bytaesu
  • Reduce any type in generator.ts – @himself65
  • Refresh secondary storage sessions on user update – @frectonz
  • Allow disable database transaction – @himself65
  • adapter:
    • Returning null as string for optional id references – @jslno
  • api-key:
    • Cascade api keys on user deletion – @ping-maxwell
  • create-adapter:
    • Disable transaction by default – @ping-maxwell
  • organization:
    • Decouple client and server permission checks – @Bekacru
    • Membership check for organizations with large member counts – @Badbird5907 @himself65
  • stripe:
    • OnCustomerCreate should be called even if update user isn't returned – @Bekacru
    View changes on GitHub

v1.3.11

🚀 Features

  • Flip emailVerified when link the account – @himself65

🐞 Bug Fixes

  • Check if user exists before banning the user – @anmol-fzr @himself65
  • Timestamp issues in kysely – @frectonz @himself65
  • Respect errorCallbackURL in failed oauth flows – @frectonz
  • plugins: Asynchronous init@LightTab2 @himself65
    View changes on GitHub

v1.3.10

   Maintenance update: We fixed lots of issues from the community. Thanks to everyone for contributing to better-auth.

🚀 Features

  • Add getActiveRoleMember – @fathisiddiqi @Kinfe123 @himself65
  • Database transaction support – @himself65
  • logger: Option to disable colors – @martiinii @himself65
  • passkey: Error codes in passkey client – @frectonz @Kinfe123 @Bekacru
  • sqlite: Remove autoincrement for SQLite – @pspeter3

🐞 Bug Fixes

  • Ignore cookiecache on auth sensitive functions – @Kinfe123
  • Custom field for refreshTokenExpiresAt@himself65
  • Return local IP in development mode – @DiiiaZoTe @himself65
  • Make cookie cache respect dontRememberMe mode – @frectonz
  • Normalize zod imports – @gabrielmar
  • Check endpoint conflicts respect method@himself65
  • Respect username validator – @azaek @himself65
  • Set clientId in ProviderOptions to unknown by default – @himself65
  • Pick the first clientId for oauth provider – @himself65
  • Remove use of global.crypto@himself65
  • Should infer types correctly when empty list of plugins is provided – @frectonz
  • Correct MongoDB adapter import path in CLI – @aajeeth-m
  • Make sure fetch function doesn't get called repeatedly on onMount@frectonz
  • Prevent lastLoginMethod plugin from setting cookie on failed auth – @Kinfe123
  • admin:
    • Change the order of role and user id check when both are provider on userHasPermission – @Bekacru
  • anonymous:
    • Prevent false positive error on first anonymous sign-in – @ajanraj @himself65
  • cli:
    • info shows the correct version – @himself65
    • Add missing JSON type to schema generation – @TheGB0077 @Kinfe123
  • demo:
    • Update forgot password link to /forget-password – @GivenBY
  • docs:
    • Remove duplicated RFC compliance mention – @TheUntraceable
  • expo:
    • window.crypto is undefined – @himself65
    • Missing peer deps – @himself65
  • lastLoginMethod:
    • Inherit cross-subdomain cookie settings in lastLoginMethod plugin – @lumpinif
  • memory-adapter:
    • Should respect where connector – @jslno
  • multi-session:
    • Multi-session cookie name preface preventing multiple accounts signed in – @PacifismPostMortem
  • one-time-token:
    • Typo and clean – @gabrielmar
  • organization:
    • checkRolePermission shouldn't be a promise – @ping-maxwell
    • Member and team hooks should apply on create organization – @Bekacru
    • Before org create hooks not applying customized data – @Bekacru
    • [security] updateOrgRole should check for userId properly – @Bekacru
    • Restrict role check by user id – @himself65
  • prisma:
    • Handle optional field relation types correctly – @LiYulin-s
  • stripe:
    • Properly resolve plans by lookup keys – @AlexProgrammerDE
    • Subscription is created without completing payment – @himself65
    • Prevent multiple free trials for same user – @RikhiSingh
    • Use correct request method for billing-portal – @danielepintore
  • tiktok:
    • Remove client_secrect from authorizationUrl – @arslan2012
  • username:
    • Add missing normalization – @bortoz @himself65
    • Sign in should work with post normalization – @Bekacru @himself65
  • vue:
    • Correct baseURL – @himself65
    View changes on GitHub

v1.3.9

🚀 Features

  • Add support for not in operator – @Bekacru
  • Lynx integration – @himself65
  • mcp: Customize resource in protected resource metadata – @frectonz
  • rate-limiter: Allow disabling custom paths to not be rate limited – @Bekacru

🐞 Bug Fixes

  • Cloudflare build warning with node:sqlite@himself65
  • Shouldn't update personal sub when upgrading with org ref id – @Bekacru
  • Properly generate OpenAPI schema for nested ZodObject and ZodOptional – @Kinfe123
  • Respect allow different email linking option on callbacks – @Bekacru
  • expo: Handle link social – @frectonz
  • jwt: Revert set default iat for /token endpoint – @dvanmali
  • mcp: Remove duplicate /api/auth from wwwAuthenticateValue and properly format the header – @paoloricciuti
  • org: List user teams had incorrect path method in jsdoc – @ping-maxwell
  • paypal: Use base64.encode@himself65
  • stripe: Prevent multiple free trials – @hendrik-krebs
  • tiktok: Refresh token flow uses client_key@Manokii
    View changes on GitHub

v1.3.8

🚀 Features

  • Support to infer error types from endpoint – @himself65
  • Support node:sqlite@himself65
  • Remote sign a jwt payload – @dvanmali @himself65
  • Support device authorization – @himself65
  • Support custom schema merging in SIWE plugin – @himself65
  • Add figma provider – @ShobhitPatra @Kinfe123
  • Enhance Microsoft Entra ID type definitions – @Kinfe123
  • Add onUpdate field on db schema generation – @himself65
  • Add onInvitationAccepted callback for org invitations – @Kinfe123
  • Add query parameter to useSession().refetch() for cache control consistency – @adriandlam @himself65
  • Add last login method plugin – @Bekacru
  • Check endpoint conflits – @himself65
  • Add json field type – @dvanmali
  • Add @default and @updatedAt for prisma generator – @himself65
  • Use defaultNow() for drizzle timestamp fields – @Badbird5907 @himself65
  • admin:
    • Get user – @0xJJW @ping-maxwell
    • /admin/update-user role as array – @alliefitter
  • atlassian:
    • Add atlassian social provider – @ShobhitPatra
  • cli:
    • Add info script – @himself65
  • cognito:
    • Add amazon cognito provider – @ShobhitPatra
  • demo:
    • Improve sign-up component – @himself65
  • jwt:
    • Add disableSettingJwtHeader flag to prevent issuance of signed jwt – @dvanmali
    • Jwks remote url – @dvanmali
  • mcp:
    • Add protected-resource metadata endpoint – @frectonz @himself65
  • microsoft:
    • Add support for setting authority – @Stadly
  • openapi:
    • Support Scalar Theme – @bytaesu
  • org:
    • Dynamic Access Control – @ping-maxwell @himself65
  • organization:
    • Organization life cycle hooks – @Bekacru @ping-maxwell
  • paypal:
    • Add paypal OAuth2 provider – @ShobhitPatra
  • salesforce:
    • Add salesforce provider – @ShobhitPatra @himself65
  • social:
    • Add Line provider – @linyiru
    • Add Kakao, Naver provider – @bytaesu
  • stripe:
    • Add locale to stripe billing portal options – @melsonic @himself65

🐞 Bug Fixes

  • Constant time compare – @himself65
  • Secondary storage should allow returning both string and parsed json – @Bekacru
  • Telemetry should be opt in not opt out – @frectonz
  • Show error stack in debug mode – @himself65
  • Move stack check into inner function – @himself65
  • Check x-api-key for all auth endpoint – @himself65
  • Avoid general oauth flow duplicate user – @himself65
  • Small dx for device login – @himself65
  • Invalid pages on docs throw a 500 server error instead of 404 – @Kinfe123
  • Make zod as dependency – @himself65
  • Device authorization interval – @himself65
  • Schema onUpdate not working – @himself65
  • Member not exist on org – @himself65
  • Never type still requires setting clientId to never – @szcharlesji @himself65
  • Team id zod schema meta property for array type – @Kinfe123
  • Resolve field naming inconsistency in account listing endpoint – @Kinfe123
  • Changelogs incorrect mentions – @okisdev
  • Leave error from fetch API as-is – @himself65
  • Update organization requiring all additional fields for update payload – @Bekacru
  • Prevent build error for node:sqlite – @bytaesu
  • Prevent undefined from passed to adapter in username plugin – @Kinfe123
  • Add missing defaultValue on core schema – @himself65
  • Strict social provider type – @himself65
  • apple:
    • Ensures name is always present in profile for mapProfileToUser – @ShobhitPatra
    • Allow audience to be `string
  • cli:
    • Check for undefined defaultValue instead of truthy value when generating drizzle schema – @eni4sure
    • generate throws error with default export – @himself65
    • Incorrect drizzle schema gen – @ping-maxwell
    • Simplify and correct comma insertion logic in plugin array – @bytaesu
  • client:
    • Prevent proxy promise-like behavior – @Aditya-ingole21 @Bekacru @Kinfe123 @himself65
    • Prevent proxy promise-like behavior – @Aditya-ingole21 @Bekacru @Kinfe123 @himself65
    • Avoid atom to be proxy – @himself65
  • custom-session:
    • Also mutate multi-session response – @ping-maxwell
  • db:
    • Special case schema generation ID@himself65
  • expo:
    • Fix the inability to dynamically import a dependency – @fax1ty @himself65
    • Fix signout clobbering store session properties – @arin-c
  • oauth2:
    • Correct basic auth header construction for refresh token – @CodeWithAlexander
  • oidc:
    • Allow custom schemas – @julen @ping-maxwell
    • Specify foreign key references in the schema – @julen @himself65
  • oidc-provider:
    • Handle string timestamps in user profile claims – @Louis454545
  • organization:
    • Was possible to remove sole org owner – @gwoodbridge
  • stripe:
    • Fix unset values on session completed with trial – @Ooscaar
    • Allow sync function to get plans – @himself65
    View changes on GitHub