saze
BABetter Auth
•Created by ernicani on 4/3/2025 in #help
Apple authentificaiton
you will need to generate the apple client secret yourself, you can set up a script to do just that eg
privateKey is the p8 file's contents and token is your apple client secret
11 replies
BABetter Auth
•Created by Pulse on 3/29/2025 in #help
Need Help with Multi-Tenant, 2FA, and Role-Based Authentication in NestJS using BetterAuth
@Ping , can you help here?
7 replies
BABetter Auth
•Created by 7ocomotive on 3/14/2025 in #help
ERROR [Better Auth]: State Mismatch. Verification not found
Only API errors will redirect to the provided route, client-side errors will go to the errorCallbackURL in your sign-in options. For the Desktop site issue, maybe open an issue in the gh repo
6 replies
BABetter Auth
•Created by Katsu on 2/28/2025 in #help
Calling signIn.social with extended field data.
You could pass a default value in your auth config, then redirect users who authenticates via oauth to a profile page where they can set their username
5 replies
BABetter Auth
•Created by 7ocomotive on 3/14/2025 in #help
ERROR [Better Auth]: State Mismatch. Verification not found
The error /api/auth/error?error=please_restart_the_process occurs because the authentication state token is being invalidated in both scenarios.
For context, better-auth creates a one-time state token during OAuth initialization that expires after 10 minutes and is deleted immediately after successful authentication. This is security best practice.
In your two scenarios:
Mobile Chrome "Desktop site" toggle: This likely causes the browser context to change mid-flow, corrupting the state parameter passed between requests.
Back button after authentication: When you first authenticate, the state token is consumed and deleted. When you go back and try again with the same account, Google completes authentication but returns to an app that can't verify the state (because it's already been used). For better UX, you can pass a custom error url in your auth config with onAPIError.errorURL https://www.better-auth.com/docs/reference/options#onapierror
6 replies
BABetter Auth
•Created by saze on 3/3/2025 in #bug-reports
Social Login state mismatch error
This has been solved in 1 2.3
8 replies
BABetter Auth
•Created by saze on 3/3/2025 in #bug-reports
Social Login state mismatch error
I just did it is not a patched issue as it is still occuring
8 replies
BABetter Auth
•Created by saze on 3/3/2025 in #bug-reports
Social Login state mismatch error
No
8 replies
BABetter Auth
•Created by saze on 2/25/2025 in #bug-reports
getSession returning null in dev mode
This wasn't a bug but rather my use of secure cookies and cross-domain cookies in both development & production environments. I have disabled these in dev mode and now able to sign-in.
8 replies
BABetter Auth
•Created by lambert on 2/19/2025 in #help
Refetching session for additionalFields change
You have a couple of ways you can include the additionalField to your session,you can use customSession plugin
https://www.better-auth.com/docs/concepts/session-management#customizing-session-response
Or inferAdditionalFieldPlugin
https://www.better-auth.com/docs/concepts/typescript#inferring-additional-fields-on-client
3 replies
BABetter Auth
•Created by Elm on 2/18/2025 in #help
Implement manual OTP - next-auth migration
I am using the nextjs auth server for my expo app as well. And it all works well. Just make sure to include your mobile app url scheme in the trusted origins and if your nextjs app is using middleware, include it in the allowed origins too, to avoid CORS issues.
3 replies