Getting a JWT from Google Auth for Convex
Hi there! In the past couple of days I was working on a POC to re-build one of my projects. I thought of using TanStack Start as a Router framework, with Better Auth for all the auth handling, and Convex as my reactive backend.
With Better Auth, I was expecting to be able to connect via Google (and some other social providers later), and have Better Auth providing me a very simple way to manage the session. And it does! Very cool to see how Better Auth does all these things without needing a full SaaS. I'm using it without a database, to make the auth layer even simpler, as I just need to know that the user is signed in so far.
Now for Convex, to add an authorization layer, they specify that it needs a JWT shaped ID token (https://docs.convex.dev/auth) and that's where I'm struggling. I don't seem to be able to get them from Google using better-auth. I did make sure that my project in Google Auth Platform has the proper scopes (openid, profile, email), and passed these to the socialProviders.google configuration, along with accessType: 'offline' and responseType: ['id_token'] but it doesn't change the output of the useSession hook. I've also tried adding the better-auth's jwt plugin but it doesn't do anything either. I'm guessing for the latter to work I'll actually need a database to connect it to better-auth? I was trying to avoid that, and I'm not sure why it would be necessary, but if I need one then I can try that.
I know that's a very long message, I tried to be as thorough as possible with the context, hopefully that'll help unblock me! Thank you!
Authentication | Convex Developer Hub
Add authentication to your Convex app.
0 Replies