From 6b03a45a14d905aa070068290adfedfd4c5f4e2d Mon Sep 17 00:00:00 2001
From: Dylan Vanmali <dvanmali@users.noreply.github.com>
Date: Sun, 3 May 2026 12:12:23 -0700
Subject: [PATCH] chore(oauth-provider): correct optional typing for
 refreshToken sessionId field (#9324)

Co-authored-by: Taesu <bytaesu@gmail.com>
---
 .changeset/yellow-shirts-heal.md           | 5 +++++
 packages/oauth-provider/src/introspect.ts  | 4 ++--
 packages/oauth-provider/src/token.ts       | 4 +++-
 packages/oauth-provider/src/types/index.ts | 2 +-
 4 files changed, 11 insertions(+), 4 deletions(-)
 create mode 100644 .changeset/yellow-shirts-heal.md

diff --git a/.changeset/yellow-shirts-heal.md b/.changeset/yellow-shirts-heal.md
new file mode 100644
index 0000000000..022816a4bb
--- /dev/null
+++ b/.changeset/yellow-shirts-heal.md
@@ -0,0 +1,5 @@
+---
+"@better-auth/oauth-provider": patch
+---
+
+Make `sessionId` optional in refresh token types to match the refresh token schema.
diff --git a/packages/oauth-provider/src/introspect.ts b/packages/oauth-provider/src/introspect.ts
index 5683d33a40..abde79a13a 100644
--- a/packages/oauth-provider/src/introspect.ts
+++ b/packages/oauth-provider/src/introspect.ts
@@ -288,14 +288,14 @@ async function validateRefreshToken(
 		};
 	}
 
-	let sessionId: string | undefined = refreshToken.sessionId ?? undefined;
+	let sessionId = refreshToken.sessionId ?? undefined;
 	if (sessionId) {
 		const session = await ctx.context.adapter.findOne<Session>({
 			model: "session",
 			where: [
 				{
 					field: "id",
-					value: refreshToken.sessionId,
+					value: sessionId,
 				},
 			],
 		});
diff --git a/packages/oauth-provider/src/token.ts b/packages/oauth-provider/src/token.ts
index aded56363a..45dc550362 100644
--- a/packages/oauth-provider/src/token.ts
+++ b/packages/oauth-provider/src/token.ts
@@ -301,7 +301,9 @@ async function createRefreshToken(
 	}
 
 	// Issue new refresh token
-	const refreshToken = await ctx.context.adapter.create({
+	const refreshToken = await ctx.context.adapter.create<
+		OAuthRefreshToken<Scope[]> & { id: string }
+	>({
 		model: "oauthRefreshToken",
 		data: {
 			token: await storeToken(opts.storeTokens, token, "refresh_token"),
diff --git a/packages/oauth-provider/src/types/index.ts b/packages/oauth-provider/src/types/index.ts
index 1372a11add..36c0257e5b 100644
--- a/packages/oauth-provider/src/types/index.ts
+++ b/packages/oauth-provider/src/types/index.ts
@@ -1037,7 +1037,7 @@ export interface OAuthRefreshToken<
 	Scopes extends readonly Scope[] = InternallySupportedScopes[],
 > {
 	token: string;
-	sessionId: string;
+	sessionId?: string;
 	userId: string;
 	referenceId?: string;
 	clientId?: string;