Own Your Auth

The most comprehensive authentication framework for the web

README

Better Auth is an authentication and authorization framework. It provides a comprehensive set of features out of the box and includes a Plugin ecosystem that simplifies adding advanced functionalities.

npx auth init
Trusted By
OpenAI
databricks
strapi
Axiom
OpenAI
databricks
strapi
Axiom
Features
01Framework Agnostic
Works with your stack.
First-class support for Next.js, Nuxt, SvelteKit, Astro, Hono, Express, and 20+ more.
+14
02Email & Password
Built-in credential auth.
Session management, email verification, and password reset out of the box.
user@email.com
••••••••
03Social Sign-on
40+ social providers.
Google, GitHub, Apple, Discord, Microsoft, and more — each a few lines of config.
Sign in with Google
+34
04Organizations
Multi-tenancy built in.
Teams, roles, invitations, and member management with fine-grained access control.
A
B
C
+
owneradminmember
05Enterprise
SSO, SAML & SCIM.
Enterprise SSO, SAML 2.0, SCIM provisioning, and directory sync for B2B products.
+
06Plugins
50+ and growing.
Passkeys, magic links, anonymous auth, API keys, JWTs, and a community ecosystem.
passkeys2famagic-linkjwtapi-keysanonymousoidcotpbearermulti-session
07Agent Auth
Auth for AI agents.
MCP server auth, async auth flows, token exchange, and agent-to-agent delegation.
$agent.auth()sk-••••
08Infrastructure
Security & observability.
Bot detection, real-time behavior analysis, IP blocking, email validation, and more.
blocked
challenged
allowed
09Dashboard
User management.
Manage users, sessions, and organizations. Track sign-ups, active users, and growth.
10:50 AMJohncreated a session
10:48 AMSarahupdated profile
10:45 AMAlexjoined organization
10:42 AMEmmarevoked token
10:38 AMMikeenabled 2FA
10:50 AMJohncreated a session
10:48 AMSarahupdated profile
10:45 AMAlexjoined organization
10:42 AMEmmarevoked token
10:38 AMMikeenabled 2FA
Declarative Config
import { betterAuth } from "better-auth"export const auth = betterAuth({  emailAndPassword: {    enabled: true,  },  socialProviders: {    google: {      clientId: process.env.GOOGLE_CLIENT_ID!,      clientSecret: process.env.GOOGLE_CLIENT_SECRET!,    },    github: {      clientId: process.env.GITHUB_CLIENT_ID!,      clientSecret: process.env.GITHUB_CLIENT_SECRET!,    },  },  plugins: [    twoFactor(),    passkey(),    organization(),  ],})
Bring Your Own Database

Use any database you want. Connect directly with a connection string, or use your favorite ORM adapter. Your data stays in your database.

import { betterAuth } from "better-auth"import { Pool } from "pg"export const auth = betterAuth({  database: new Pool({    connectionString: process.env.DATABASE_URL,  }),})
AI Native

Your auth lives in your codebase — so AI can configure it. Ships with MCP server, Claude Code skills, and Cursor rules.

Cursor

npx @better-auth/cli mcp --cursor

Claude Code

claude mcp add better-auth

Open Code

npx @better-auth/cli mcp --open-code
OAuth Providers
35+

social providers

GoogleGitHubAppleMicrosoftDiscord
SlackTwitterFacebookLinkedInGitLab
TwitchSpotifyFigmaNotionAtlassian
SalesforceHuggingFaceRobloxRedditTikTok
PayPalDropboxZoomVercelLinear
KickKakaoLineVKNaver
Plugin Ecosystem33 official
browse all →
Two FactorAuthenticationPasskeyAuthenticationMagic LinkAuthenticationEmail OTPAuthenticationUsernameAuthenticationOne TapAuthenticationPhone NumberAuthenticationAnonymousAuthenticationBearerAuthenticationGeneric OAuthAuthenticationOne Time TokenAuthenticationSIWEAuthenticationOrganizationOrganizationAdminOrganizationMulti SessionOrganizationAPI KeyOrganizationSSOEnterpriseTwo FactorAuthenticationPasskeyAuthenticationMagic LinkAuthenticationEmail OTPAuthenticationUsernameAuthenticationOne TapAuthenticationPhone NumberAuthenticationAnonymousAuthenticationBearerAuthenticationGeneric OAuthAuthenticationOne Time TokenAuthenticationSIWEAuthenticationOrganizationOrganizationAdminOrganizationMulti SessionOrganizationAPI KeyOrganizationSSOEnterprise
OIDC ProviderEnterpriseSCIMEnterpriseOAuth ProxyEnterpriseJWTSecurityHIBPSecurityCaptchaSecurityStripeIntegrationPolarIntegrationOpen APIIntegrationDubIntegrationAutumnIntegrationDodo PaymentsIntegrationCreemIntegrationMCPAIDevice AuthAuthenticationLast LoginAuthenticationOIDC ProviderEnterpriseSCIMEnterpriseOAuth ProxyEnterpriseJWTSecurityHIBPSecurityCaptchaSecurityStripeIntegrationPolarIntegrationOpen APIIntegrationDubIntegrationAutumnIntegrationDodo PaymentsIntegrationCreemIntegrationMCPAIDevice AuthAuthenticationLast LoginAuthentication
Monitoring & Agentic Dashboard

The best user management and monitoring platform.

Monitor sign-ups, manage users, track sessions, and surface security insights — with an agentic Cmd+K to do it all in natural language.

better-auth.com/dashboard/the-next-big-thing
OverviewUsersOrgsEvents
User Management
CRUD, sessions, bans
Live Events
Real-time auth feed
Agent Dashboard
Cmd+K agentic UI
Security Insights
Actionable alerts
Sentinel

Security infrastructure for your app.

Bot detection, brute force protection, disposable email blocking, geo restrictions, and more — all working in real time before threats reach your users.

SentinelMonitor and analyze security events
ActionIdentifierReasonPathTime
Blocked
akash.prish@dropmeon.com::1
Disposable Email/sign-up/email2 min ago
Blocked
kamef69609@cucadas.comUnknown IP
Disposable Email/sign-up/email4 min ago
Challenged
195.142.xx.xx
Suspicious IP/sign-in7 min ago
Blocked
bot-crawler-7x52.14.xx.xx
Bot Detected/api/auth12 min ago
Blocked
admin@tempmail.ninja::1
Breached Password/sign-up/email18 min ago
Bot DetectionBrute ForceBreached PasswordsImpossible TravelRate LimitingGeo BlockingSuspicious IPsDisposable EmailsEmail AbuseFree Trial AbuseStale Users
Contributors

Built by a community of 746+ contributors.

Roll your own auth with confidence in minutes.

© 2026 Better Auth Inc.
|