All of the changes made will be available here.

Better Auth is comprehensive authentication library for TypeScript that provides a wide range of features to make authentication easier and more secure.

DocumentationGitHubCommunity

BETTER-AUTH.

v1.3.5

🚀 Features

  • List organization memebrs with pagination and filter queries – @Bekacru
  • Return false from generateId callback to imply database-generated ID – @aleclarson
  • Support multiple aud for apple oauth – @Kinfe123
  • Allow getUserInfo to return number type – @himself65
  • Remove revoked session from active sessions list – @himself65
  • Add telemetry – @frectonz, @himself65
  • cli:
    • Added --yes for generate/migrate, deprecated --y – @nktnet1
  • oidc-provider:
    • Add client to getAdditionalUserInfoClaim callback – @grant0417
    • Allow passing oauth consent code via query params – @grant0417
  • organization:
    • Additional fields support separate client-server projects – @ping-maxwell
    • Add membersLimit param to allow to fetch more or less members than the membership limit – @Bekacru
    • Add option for requiring email verificaiton – @Bekacru
  • passkey:
    • Allow custom passkey name during registration – @Fyoxy
  • stripe:
    • Create billing portal session – @rhitune2

🐞 Bug Fixes

  • Shouldn't refresh a token if access token expires is undefined or null – @Bekacru
  • Ensure session is added to context when reading from cookie cache – @gaganref
  • Make sveltekit plugin ALS-agnostic – @Kinfe123
  • Use same expires at date for cookie session data payload and signature – @PacifismPostMortem
  • Resolve notion oauth user info extraction – @Kinfe123
  • Cast dates from db to Date when using date methods – @erquhart
  • Twitter refresh token requires basic authentication – @bytechase
  • Pass loginHint to Microsoft oauth URL – @widavies
  • Cast dates from session to Date when using date methods – @erquhart
  • Incorrect initialization of remaining value within API key – @eaoliver
  • Add missing team reference in teamMember schema – @Kinfe123
  • Await ctx in middleware – @himself65
  • Plugins options type compatibility issue with exactOptionalPropertyTypes enabled in ts-config – @Kinfe123
  • Client secret should be optional in configuring the generic oauth plugin – @frectonz @Bekacru
  • Ensure zod v4 type annotations work with core types – @Kinfe123
  • Remove deep array merge when merging hooks context – @Adityakk9031
  • Allow returning response object to skip after hooks – @Bekacru
  • Handle inconsistent user update error in phone number plugin – @Kinfe123
  • admin:
    • Export type definitions from the admin plugin – @daidr
  • cli:
    • --yes option does not work on @better-auth/cli generate@phanect
    • Prisma schema generate mismatch on custom plugin table names – @Kinfe123
    • Only show the overwrite message when the schema file exists and the code has changed – @frectonz
  • deps:
    • Update better-auth dependencies –
  • expo:
    • Improve cookie expiration handling – @Kinfe123
  • generic-oauth:
    • Set account id from mapped user fields when creating account – @charlietlamb
  • jwt:
    • Ensure alg is added to the jwks when generating via /token endpoint – @elliottminns
    • Expose jwt options to plugins – @grant0417
  • magic-link:
    • Magic link URL construction – @Kinfe123
  • mcp:
    • Redirect returns json instead of 302 – @ping-maxwell
  • mssql:
    • "text" datatype is not working with mssql – @ludoblues
  • org:
    • Use correct slug lookup when setting active org – @Kinfe123
  • organization:
    • Updated types for the user argument in allowUserToCreateOrganization to support custom fields – @TimurBas
    • Team members should be cleaned up on delete team – @Kinfe123
    • Convert emails to lower case for invitation lookups – @gwoodbridge
  • organizaton:
    • Avoid cross organization member role updates – @max-om
  • plugins:
    • Export siwe plugin – @chunterb
  • reddit:
    • Refresh access token should use basic auth – @Kinfe123
  • stripe:
    • Prevent duplicate trials when switching plans – @Bekacru
    • Update customer id should also trigger secondary storage update – @Bekacru
    • Fallback to subscription id instead of picking the first sub if id is provided – @Bekacru
  • tiktok:
    • Client id is not used for TikTok social provider – @himself65
  • username:
    • isUsernameAvailable should validate usernames – @ping-maxwell
    • isUsernameAvailable should validate usernames " – @Bekacru
    • Remove normalize transform for displayUsername – @oskar-gmerek
    View changes on GitHub

better-auth@1.3.4

Patch Changes

  • Added listMembers API with pagination, sorting, and filtering.
  • Added membersLimit param to getFullOrganization.
  • Improved client inference for additional fields in organization schemas.
  • Fixed date handling by casting DB values to Date objects before using date methods.
  • Fixed Notion OAuth to extract user info correctly.
  • Ensured session is set in context when reading from cookie cach

@better-auth/stripe@1.3.4

Patch Changes

  • ac6baba: chore: fix typo on freeTrial
  • c2fb1aa: Fix duplicate trials when switching plans

@better-auth/sso@1.3.4

No changes

@better-auth/expo@1.3.4

No changes

@better-auth/cli@1.3.4

No changes

v1.3.3

🚀 Features

  • sso: Support disabling setting email verified from a provider – @Bekacru

🐞 Bug Fixes

  • Issue when setting rate limit storage with a different model name – @dkendrick
  • organization: List organization teams should prioritize query param team id – @Bekacru
  • sso: Include mapping inside samlConfig payload – @natetewelde
  • stripe: Revert a change where incomplete stripe session is getting updated to active on upgrade – @Bekacru
    View changes on GitHub

v1.3.2

🐞 Bug Fixes

  • Improve setting active org performance – @Kinfe123
    View changes on GitHub

v1.3.1

🐞 Bug Fixes

  • Changed the Twitter provider to use "post" authentication instead of "basic" when validating the authorization code – @dagmawibabi
  • organization:
    • Dixed organization schema inference when multiple plugins are present in the plugins array – @ping-maxwell
    • Multi teams breaking active organization id type inference – @Bekacru
    View changes on GitHub

v1.3.0

🚀 Features

  • Sveltekit cookie helper plugin – @Kinfe123
  • SSO plugin with OIDC and SAML support – @Bekacru
  • Linear social provider – @JedPattersonn
  • Add encryption for OTPs and other verification information – @ping-maxwell
  • Notion provider – @ephraimduncan
  • Add sendOnSignIn option to make sending verification link in sign in route explicit – @kmate19
  • Add inferAuth to infer plugin types and more on the client without needing client plugins – @Bekacru
  • Add rememberMe option to signUpEmail@aleclarson
  • Add slack social provider – @ephraimduncan
  • Add an option to encrypt oauth tokens by default – @Bekacru
  • OnPasswordReset callback – @Kinfe123
  • AfterEmailVerification callback – @Kinfe123
  • SIWE plugin – @rokitgg
  • admin:
    • Update user – @Bekacru
  • anonymous:
    • Update generateName to support returning a promise – @btx-systems
  • api-key:
    • Async support for verify key – @Kinfe123 @Bekacru
    • requireName to enforce name on keys – @ping-maxwell
  • docs:
    • APIMethod, documents all server & client auth examples – @ping-maxwell
  • drizzle:
    • Support camel case schema generation – @Bekacru
  • email-otp:
    • Support email verification override – @Bekacru
  • generic-oauth:
    • Add support for additional token URL params in generic OAuth – @CaoMeiYouRen
  • magic-link:
    • Support errorCallbackURL & newUserCallbackURL – @ping-maxwell
  • oidc:
    • Add refresh token support to discovery document and token endpoint – @tinkerer-shubh
    • Support JWKs with JWT plugin – @NefixEstrada
    • Add support for public clients with PKCE authentication – @pekastel
  • oidc-provider:
    • Trusted clients – @BadPirate
    • Support encrypting and hashing secrets – @Bekacru
  • organization:
    • listUserInvitations adds the ability to list all invitations for a given user – @ping-maxwell
    • AdditionalFields for org, member, invitation & team – @ping-maxwell
    • Multi-team support – @Bekacru
  • social-providers:
    • Add Faceit Social Provider – @Whats-A-MattR
    • Add Faceit Social Provider " – @Bekacru
  • sso:
    • Configurable provider limit – @Kinfe123
  • stripe:
    • Pass context obejct to stripe plugin callbacks – @Bekacru
  • username:
    • Check username availability – @ping-maxwell
    • Add custom username normalization option – @bortoz

🐞 Bug Fixes

  • Import setCookie from tanstack start core package – @asterikx
  • Exclude current user from username update checks – @kylekz
  • Correct way detect facebook limited token jwt – @reslear
  • Update Discord link to use the correct invite URL in blogs section – @vagxrth
  • Linking accounts for anon users with one tap and passkey – @Kinfe123
  • Don't require email for account linking – @arlyon
  • Add image option to signUpEmail types and schema – @acusti
  • Implement standard Base64 encoding for HTTP Basic Auth in token refresh and validation – @naimkhrof
  • Schema generation when using advanced.databse.useNumberId – @body20002
  • Mysql foreign key constraints on generate – @Kinfe123
  • Zodv4 migration leftover due to conflict – @Kinfe123
  • Sso typecheck – @Kinfe123
  • Global onSuccess callback hook not being called – @Kinfe123
  • admin:
    • Throw an error if user id in /remove-user is invalid – @ping-maxwell
    • Before create hook was not triggered when creating a user through the admin plugin – @Kinfe123
    • Pass ctx to user create db hook – @ping-maxwell
  • api-key:
    • Incorrect rate limit error status code – @ping-maxwell
    • Incorrect rate limit error status code – @ping-maxwell
    • Non-expiring API keys (with expiresAt set to null) were being deleted by mistake – @reslear
  • cli:
    • Format drizzle schema output – @Kinfe123
  • db:
    • Add varchar to postgres string mapping and normalize type comparison – @tinkerer-shubh
  • drizzle-cli:
    • Use serial as PK when useNumberId is enabled – @ismi-abbas
    • Use serial as PK when useNumberId is enabled – @ismi-abbas
  • dropbox:
    • Added support for the token access type option – @Kinfe123
  • email-otp:
    • Throw USER_NOT_FOUND when sign-up is disabled – @tinkerer-shubh
    • Throw USER_NOT_FOUND when sign-up is disabled – @tinkerer-shubh
  • expo:
    • Expo plugin should import types from the types path – @Kinfe123
  • generic-oauth:
    • Error callback should avoid malformed URLs when the original URL already has query parameters – @Lqm1
  • jwt:
    • Allow to generate JWKS with other algorithm than the default one – @LightTab2
  • mcp:
    • Issue with hardcoded baseURL in withMcpAuth – @lazakrisz
  • mongodb:
    • Honor custom generateId in create – @tinkerer-shubh
  • next-cookies:
    • Don't throw in monorepo workspaces – @ping-maxwell
  • oauth:
    • Google prompt doesn't allow +@ping-maxwell
    • Extended oauth2 tokens with refresh_token_expires_in field – @0xCodeMaieutics
  • oidc-provider:
    • Relax offline_access scope validation by removing prompt=consent requirement – @tinkerer-shubh
  • open-api:
    • Include additional fields – @Kinfe123
  • organization:
    • List-teams endpoint returns unknown@ping-maxwell
    • Allow org owner to update their own roles – @frectonz
  • origin-check:
    • Support protocol-specific wildcard trusted origins – @nascode
  • phone-number:
    • Verification value should be removed after successful password reset – @Bekacru
  • social-providers:
    • Twitch provider not returning if email is valid – @Pantotone
  • sso:
    • Saml redirection – @Kinfe123
  • stripe:
    • Allow upgrading incomplete subscriptions – @Kinfe123
    • Prevent duplicate customers – @dagmawibabi
  • two-factor:
    • Incorrect default OTP period & fix incorrect docs – @ping-maxwell
    • Incorrect default OTP period & fix incorrect docs – @ping-maxwell
    • Getting totp uri shouldn't require twoFactor enabled – @occorune
    • Otp separator mismatch – @Kinfe123
    • Use twoFactorEnabled flag instead of database lookup for OTP validation – @bairdj
  • username:
    • Add callbackURL option to signInUsername@aleclarson
    View changes on GitHub