All of the changes made will be available here.

Better Auth is comprehensive authentication library for TypeScript that provides a wide range of features to make authentication easier and more secure.

DocumentationGitHubCommunity

BETTER-AUTH.

v1.3.7

πŸš€ Features

  • Add disableRedirect to linkSocial – @frectonz
  • admin:
    • Add control to prevent admin users from deleting themselves – @yakupensarsayin
  • cli:
    • Resolves tsconfig references for path aliases – @ericc-ch
    • Support sveltekit $ imports in CLI generate cmd – @Kinfe123
  • email-otp:
    • Add check verification otp endpoint – @jasongerbes
  • jwt:
    • Sign with jwt for artbitrary payload – @Bekacru
  • vk:
    • Add user name mapping by default – @Daniel-dev-s

🐞 Bug Fixes

  • Throw proper error if session is null when deleting organization – @Kinfe123
  • Prevent file system access when telemetry is disabled – @Kinfe123
  • Memory leak in custom session plugin – @tehnrd
  • Use wider types for database hooks payloads – @Bekacru
  • admin:
    • ImpersonatedBy not appearing in client (type fix) – @atharvadeosthale
  • cli:
    • Clean up unused pg and mysql import in drizzle schema generator – @Kinfe123
    • Add FK onDelete cascade and CURRENT_TIMESTAMP defaults on generation – @Kinfe123
    • Clean up unused pg and mysql import in drizzle schema generator – @Kinfe123
  • organization:
    • Prevent fk constraint violation when creating invitation without teams – @Kinfe123
    • Resend invitation should reuse existing invitation instead of creating duplicate – @gingeekrishna
  • sso:
    • [⚠︎Security] - membership check should be required before allowing users to create sso for an organization – @Bekacru
  • stripe:
    • Prevent undefined assignment to optional properties – @Kinfe123
  • sveltekit:
    • Use permissive typing for RequestEvent params – @n00ki
  • telemetry:
    • process referenced on non-nodejs runtime – @Kinfe123
Β Β Β Β View changes on GitHub

v1.3.5

πŸš€ Features

  • List organization memebrs with pagination and filter queries – @Bekacru
  • Return false from generateId callback to imply database-generated ID – @aleclarson
  • Support multiple aud for apple oauth – @Kinfe123
  • Allow getUserInfo to return number type – @himself65
  • Remove revoked session from active sessions list – @himself65
  • Add telemetry – @frectonz, @himself65
  • cli:
    • Added --yes for generate/migrate, deprecated --y – @nktnet1
  • oidc-provider:
    • Add client to getAdditionalUserInfoClaim callback – @grant0417
    • Allow passing oauth consent code via query params – @grant0417
  • organization:
    • Additional fields support separate client-server projects – @ping-maxwell
    • Add membersLimit param to allow to fetch more or less members than the membership limit – @Bekacru
    • Add option for requiring email verificaiton – @Bekacru
  • passkey:
    • Allow custom passkey name during registration – @Fyoxy
  • stripe:
    • Create billing portal session – @rhitune2

🐞 Bug Fixes

  • Shouldn't refresh a token if access token expires is undefined or null – @Bekacru
  • Ensure session is added to context when reading from cookie cache – @gaganref
  • Make sveltekit plugin ALS-agnostic – @Kinfe123
  • Use same expires at date for cookie session data payload and signature – @PacifismPostMortem
  • Resolve notion oauth user info extraction – @Kinfe123
  • Cast dates from db to Date when using date methods – @erquhart
  • Twitter refresh token requires basic authentication – @bytechase
  • Pass loginHint to Microsoft oauth URL – @widavies
  • Cast dates from session to Date when using date methods – @erquhart
  • Incorrect initialization of remaining value within API key – @eaoliver
  • Add missing team reference in teamMember schema – @Kinfe123
  • Await ctx in middleware – @himself65
  • Plugins options type compatibility issue with exactOptionalPropertyTypes enabled in ts-config – @Kinfe123
  • Client secret should be optional in configuring the generic oauth plugin – @frectonz @Bekacru
  • Ensure zod v4 type annotations work with core types – @Kinfe123
  • Remove deep array merge when merging hooks context – @Adityakk9031
  • Allow returning response object to skip after hooks – @Bekacru
  • Handle inconsistent user update error in phone number plugin – @Kinfe123
  • admin:
    • Export type definitions from the admin plugin – @daidr
  • cli:
    • --yes option does not work on @better-auth/cli generate – @phanect
    • Prisma schema generate mismatch on custom plugin table names – @Kinfe123
    • Only show the overwrite message when the schema file exists and the code has changed – @frectonz
  • deps:
    • Update better-auth dependencies –
  • expo:
    • Improve cookie expiration handling – @Kinfe123
  • generic-oauth:
    • Set account id from mapped user fields when creating account – @charlietlamb
  • jwt:
    • Ensure alg is added to the jwks when generating via /token endpoint – @elliottminns
    • Expose jwt options to plugins – @grant0417
  • magic-link:
    • Magic link URL construction – @Kinfe123
  • mcp:
    • Redirect returns json instead of 302 – @ping-maxwell
  • mssql:
    • "text" datatype is not working with mssql – @ludoblues
  • org:
    • Use correct slug lookup when setting active org – @Kinfe123
  • organization:
    • Updated types for the user argument in allowUserToCreateOrganization to support custom fields – @TimurBas
    • Team members should be cleaned up on delete team – @Kinfe123
    • Convert emails to lower case for invitation lookups – @gwoodbridge
  • organizaton:
    • Avoid cross organization member role updates – @max-om
  • plugins:
    • Export siwe plugin – @chunterb
  • reddit:
    • Refresh access token should use basic auth – @Kinfe123
  • stripe:
    • Prevent duplicate trials when switching plans – @Bekacru
    • Update customer id should also trigger secondary storage update – @Bekacru
    • Fallback to subscription id instead of picking the first sub if id is provided – @Bekacru
  • tiktok:
    • Client id is not used for TikTok social provider – @himself65
  • username:
    • isUsernameAvailable should validate usernames – @ping-maxwell
    • isUsernameAvailable should validate usernames " – @Bekacru
    • Remove normalize transform for displayUsername – @oskar-gmerek
Β Β Β Β View changes on GitHub

[email protected]

Patch Changes

  • Added listMembers API with pagination, sorting, and filtering.
  • Added membersLimit param to getFullOrganization.
  • Improved client inference for additional fields in organization schemas.
  • Fixed date handling by casting DB values to Date objects before using date methods.
  • Fixed Notion OAuth to extract user info correctly.
  • Ensured session is set in context when reading from cookie cach

@better-auth/[email protected]

Patch Changes

  • ac6baba: chore: fix typo on freeTrial
  • c2fb1aa: Fix duplicate trials when switching plans

@better-auth/[email protected]

No changes

@better-auth/[email protected]

No changes

@better-auth/[email protected]

No changes

v1.3.3

πŸš€ Features

  • sso: Support disabling setting email verified from a provider – @Bekacru

🐞 Bug Fixes

  • Issue when setting rate limit storage with a different model name – @dkendrick
  • organization: List organization teams should prioritize query param team id – @Bekacru
  • sso: Include mapping inside samlConfig payload – @natetewelde
  • stripe: Revert a change where incomplete stripe session is getting updated to active on upgrade – @Bekacru
Β Β Β Β View changes on GitHub

v1.3.2

🐞 Bug Fixes

  • Improve setting active org performance – @Kinfe123
Β Β Β Β View changes on GitHub