bc 🐧🪺
bc 🐧🪺
Explore posts from servers
RRefineBABetter Auth
PostsComments
BABetter Auth
Created by bc 🐧🪺 on 3/27/2025 in #help
Next Auth `iss` claim missing
I got it! Fixed by adding this to oidcProvider config: 
  getAdditionalUserInfoClaim: (user, scopes) => ({
        ...scopes,
        iss: "https://localhost:8000/api/auth",
      }),
  getAdditionalUserInfoClaim: (user, scopes) => ({
        ...scopes,
        iss: "https://localhost:8000/api/auth",
      }),
5 replies
BABetter Auth
Created by bc 🐧🪺 on 3/27/2025 in #help
Next Auth `iss` claim missing
No description
5 replies
BABetter Auth
Created by bc 🐧🪺 on 3/27/2025 in #help
Next Auth `iss` claim missing
No description
5 replies
BABetter Auth
Created by bc 🐧🪺 on 3/27/2025 in #help
Next Auth `iss` claim missing
Here are the claims that come back to the client (notice these are most of the standard scope claims, just missing iss): 
"claims": {
  "sub": "...",
  "aud": "...",
  "iat": 1743113287,
  "given_name": "First",
  "family_name": "Last",
  "name": "First Last",
  "profile": "",
  "updated_at": "2025-03-20T06:54:55.855Z",
  "email": "[email protected]",
  "email_verified": true,
  "exp": 1743116887
},
"claims": {
  "sub": "...",
  "aud": "...",
  "iat": 1743113287,
  "given_name": "First",
  "family_name": "Last",
  "name": "First Last",
  "profile": "",
  "updated_at": "2025-03-20T06:54:55.855Z",
  "email": "[email protected]",
  "email_verified": true,
  "exp": 1743116887
},
5 replies
BABetter Auth
Created by Hasan on 3/12/2025 in #help
Keycloak SSO Integration
This makes sense especially with natural initial development turbulence + many other use cases to cover beyond this one as a general auth lib. Thank you so much for this information, I will keep an eye out for developments, we are still planning on using BA as an OIDC OP right now (replacing keycloak).
7 replies
BABetter Auth
Created by Hasan on 3/12/2025 in #help
Keycloak SSO Integration
Are there any plans to make Better Auth work for stateless use cases (e.g. OIDC RP), i.e. become a complete next-auth replacement? BA replaces next-auth in stateful fashion already. It would be so cool if BA could be the 1 auth library for all modern use cases! Especially since databases are not always practical on clients, it's a bit heavy and redundant to have a database on each OIDC RP for example If this is simply not a goal for BA, understood, we will keep using next-auth or similar. We've experienced some pains with next-auth ourselves, much as @Hasan laid out above
7 replies
BABetter Auth
Created by Hasan on 3/12/2025 in #help
Keycloak SSO Integration
Hey @Hasan , we have the same situation. Asked about it here: https://discord.com/channels/1288403910284935179/1339334939237421167/1339334939237421167
7 replies
BABetter Auth
Created by bc 🐧🪺 on 12/31/2024 in #help
OIDC Provider Plans
Got it, that's really cool. I understand you have a ton of things to think about right now for better auth. Thanks @bekacru , awesome project btw
7 replies
BABetter Auth
Created by bc 🐧🪺 on 12/31/2024 in #help
OIDC Provider Plans
Curious if this could fully replace providers like Keycloak, ORY Hydra and such in a tech stack
7 replies
BABetter Auth
Created by bc 🐧🪺 on 12/31/2024 in #help
OIDC Provider Plans
To clarify, I was asking about official compliance, are there plans for better auth to become a compliant OIDC provider with the conformance suite and official certification from the OIDC foundation? I understand there is a ways to go for that to be in the cards (e.g. JWKS support) but just curious if it's on the roadmap
7 replies
BABetter Auth
Created by bc 🐧🪺 on 12/31/2024 in #help
OIDC Provider Plans
https://openid.net/certification/about-conformance-suite/
7 replies