Skip to main content
Shield with key icon

NextAuth.js

Authentication for Next.js

Open Source. Full Stack. Own Your Data.

Easy

Easy

  • Built in support for popular services
    (Google, Facebook, Auth0, Apple…)
  • Built in email / passwordless / magic link
  • Use with any username / password store
  • Use with OAuth 1.0 & 2.0 services
Flexible

Flexible

  • Built for Serverless, runs anywhere
  • Bring Your Own Database - or none!
    (MySQL, Postgres, MSSQL, MongoDB…)
  • Choose database sessions or JWT
  • Secure web pages and API routes
Secure

Secure

  • Signed, prefixed, server-only cookies
  • HTTP POST + CSRF Token validation
  • JWT with JWS / JWE / JWK / JWK
  • Tab syncing, auto-revalidation, keepalives
  • Doesn't rely on client side JavaScript

Add authentication in minutes!

Server /pages/api/auth/[...nextauth].js

import NextAuth from 'next-auth'import AppleProvider from 'next-auth/providers/apple'import FacebookProvider from 'next-auth/providers/facebook'import GoogleProvider from 'next-auth/providers/google'import EmailProvider from 'next-auth/providers/email'
export default NextAuth({  providers: [    // OAuth authentication providers...    AppleProvider({      clientId: process.env.APPLE_ID,      clientSecret: process.env.APPLE_SECRET    }),    FacebookProvider({      clientId: process.env.FACEBOOK_ID,      clientSecret: process.env.FACEBOOK_SECRET    }),    GoogleProvider({      clientId: process.env.GOOGLE_ID,      clientSecret: process.env.GOOGLE_SECRET    }),    // Passwordless / email sign in    EmailProvider({      server: process.env.MAIL_SERVER,      from: 'NextAuth.js <no-reply@example.com>'    }),  ]})

Client (App) /pages/_app.jsx

import { SessionProvider } from "next-auth/react"
export default App({  Component, pageProps: { session, ...pageProps }}) {  return (    <SessionProvider session={session}>      <Component {...pageProps}/>    </SessionProvider>  )}

Client (Page) /pages/index.js

import { useSession, signIn, signOut } from "next-auth/react"
export default function Component() {  const { data: session } = useSession()  if(session) {    return <>      Signed in as {session.user.email} <br/>      <button onClick={() => signOut()}>Sign out</button>    </>  }  return <>    Not signed in <br/>    <button onClick={() => signIn()}>Sign in</button>  </>}

NextAuth.js is an open source community project.