What is NextAuth / Auth.js?

Back to the picker

Auth

NextAuth / Auth.js

Open-source auth for Next.js (and now other frameworks).

Official site

Monthly cost

Free

Popularity

5/5

LLM knowledge

5/5

Difficulty

Medium

#open-source#typescript

What NextAuth / Auth.js is good at

Strengths

+Free
+Many providers
+Self-hosted

Tradeoffs

−UI you build yourself
−Session model opinionated

Coding-agent prompt

Drop into Claude / Cursor to get idiomatic NextAuth / Auth.js code.

You're using NextAuth / Auth.js. Follow these rules:

- Configure in `auth.config.ts`; export `auth`, `signIn`, `signOut` helpers.
- Sessions as JWTs for edge-compatibility; database sessions only if you need server-side revocation.
- Callbacks (`jwt`, `session`) are your extension points — keep them pure and fast.
- Protect routes with the middleware (`export { auth as middleware }`).
- Providers: start with `Credentials` for email+password, `Google` / `GitHub` for OAuth.
- Set `AUTH_SECRET` in env; rotate it to invalidate all sessions.

Beginner's guide to NextAuth / Auth.js

In one line: Free, open-source auth for Next.js and other frameworks.

Auth.js (formerly NextAuth) is a library you install into your own app — no external service. You choose providers (Google, GitHub, email) and it handles the OAuth dance.

Try it in your terminal

```
npm install next-auth
```
Install the library.

Popular pairings with NextAuth / Auth.js

Next.jsFrontend
Known-good pairing with NextAuth / Auth.js.

Browse all categories

Frontend Styling / UI & Animation Backend Compute / Hosting Database ORM / Query Layer Auth File Storage Monitoring / APM Product Analytics Web Analytics Transactional Email Payments AI / LLM Search CMS / Content CI/CD