github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-24 08:01:56 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

[GH-ISSUE #6635] [1.4.6 Regression] SSO plugin breaks on Cloudflare Workers #10576

New Issue
Closed
opened 2026-04-13 06:48:39 -05:00 by GiteaMirror · 5 comments
GiteaMirror commented 2026-04-13 06:48:39 -05:00
Owner
Copy Link

Originally created by @tnkuehne on GitHub (Dec 9, 2025).
Original GitHub issue: https://github.com/better-auth/better-auth/issues/6635

Is this suited for github?

  • Yes, this is suited for github

To Reproduce

I use SvelteKit on Cloudflare Workers with node compat enabled

  1. Update from 1.4.5 to 1.4.6
  2. vite build
  3. wrangler dev
  4. open web app

Current vs. Expected behavior

[wrangler:error] TypeError: The argument 'path' The argument must be a file URL object, a file URL string, or an absolute path string.. Received 'undefined'
    at createRequire (node:module:34:15)
    at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/chunk-DieNfLhd.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/chunk-DieNfLhd.mjs:50:33)
    at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/get-migration-CDvYpogu.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/get-migration-CDvYpogu.mjs:1:1)
    at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/api/index.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/api/index.mjs:2:1)
    at node_modules/.pnpm/@better-auth+sso@1.4.6_better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0__c3526d3b26d68ac07d733b5f871e0085/node_modules/@better-auth/sso/dist/index.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/@better-auth+sso@1.4.6_better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0__c3526d3b26d68ac07d733b5f871e0085/node_modules/@better-auth/sso/dist/index.mjs:3:1)
    at .svelte-kit/output/server/chunks/auth.js (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/auth.js:30:1)
[wrangler:error] TypeError: Cannot read properties of null (reading 'transport')
    at fn (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/index.js:2823:30)
    at null.<anonymous> (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/index.js:3156:17)
    at NoopContextManager$1.with (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/esm3.js:416:18)
    at ContextAPI$1.with (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/esm3.js:473:48)
    at null.<anonymous> (file:///home/timo/ZedProjects/enterprise/.svelte-kit/outp

In 1.4.5 I never saw this error

What version of Better Auth are you using?

1.4.6

System info

{
  "system": {
    "platform": "linux",
    "arch": "x64",
    "version": "#36~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Oct 15 15:45:17 UTC 2",
    "release": "6.14.0-36-generic",
    "cpuCount": 16,
    "cpuModel": "AMD Ryzen 7 PRO 5850U with Radeon Graphics",
    "totalMemory": "27.23 GB",
    "freeMemory": "14.95 GB"
  },
  "node": {
    "version": "v22.19.0",
    "env": "development"
  },
  "packageManager": {
    "name": "pnpm",
    "version": "10.23.0"
  },
  "frameworks": [
    {
      "name": "svelte",
      "version": "^5.45.6"
    },
    {
      "name": "@sveltejs/kit",
      "version": "^2.49.1"
    }
  ],
  "databases": [
    {
      "name": "drizzle",
      "version": "^0.45.0"
    },
    {
      "name": "@neondatabase/serverless",
      "version": "^1.0.2"
    }
  ],
  "betterAuth": {
    "version": "^1.4.6",
    "config": {
      "baseURL": "http://localhost:8787",
      "account": {
        "accountLinking": {
          "enabled": true,
          "allowDifferentEmails": true
        }
      },
      "socialProviders": {
        "microsoft": {
          "clientId": "[REDACTED]",
          "clientSecret": "[REDACTED]",
          "tenantId": "common",
          "authority": "https://login.microsoftonline.com",
          "prompt": "select_account"
        }
      },
      "plugins": [
        {
          "name": "email-otp",
          "config": {
            "id": "email-otp",
            "endpoints": {},
            "hooks": {
              "after": [
                {}
              ]
            },
            "$ERROR_CODES": {
              "OTP_EXPIRED": "OTP expired",
              "INVALID_OTP": "Invalid OTP",
              "TOO_MANY_ATTEMPTS": "Too many attempts"
            },
            "rateLimit": [
              {
                "window": 60,
                "max": 3
              },
              {
                "window": 60,
                "max": 3
              },
              {
                "window": 60,
                "max": 3
              },
              {
                "window": 60,
                "max": 3
              }
            ]
          }
        },
        {
          "name": "admin",
          "config": {
            "id": "admin",
            "hooks": {
              "after": [
                {}
              ]
            },
            "endpoints": {},
            "$ERROR_CODES": {
              "FAILED_TO_CREATE_USER": "Failed to create user",
              "USER_ALREADY_EXISTS": "User already exists.",
              "USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL": "User already exists. Use another email.",
              "YOU_CANNOT_BAN_YOURSELF": "You cannot ban yourself",
              "YOU_ARE_NOT_ALLOWED_TO_CHANGE_USERS_ROLE": "You are not allowed to change users role",
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_USERS": "You are not allowed to create users",
              "YOU_ARE_NOT_ALLOWED_TO_LIST_USERS": "You are not allowed to list users",
              "YOU_ARE_NOT_ALLOWED_TO_LIST_USERS_SESSIONS": "You are not allowed to list users sessions",
              "YOU_ARE_NOT_ALLOWED_TO_BAN_USERS": "You are not allowed to ban users",
              "YOU_ARE_NOT_ALLOWED_TO_IMPERSONATE_USERS": "You are not allowed to impersonate users",
              "YOU_ARE_NOT_ALLOWED_TO_REVOKE_USERS_SESSIONS": "You are not allowed to revoke users sessions",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_USERS": "You are not allowed to delete users",
              "YOU_ARE_NOT_ALLOWED_TO_SET_USERS_PASSWORD": "[REDACTED]",
              "BANNED_USER": "You have been banned from this application",
              "YOU_ARE_NOT_ALLOWED_TO_GET_USER": "You are not allowed to get user",
              "NO_DATA_TO_UPDATE": "No data to update",
              "YOU_ARE_NOT_ALLOWED_TO_UPDATE_USERS": "You are not allowed to update users",
              "YOU_CANNOT_REMOVE_YOURSELF": "You cannot remove yourself",
              "YOU_ARE_NOT_ALLOWED_TO_SET_NON_EXISTENT_VALUE": "You are not allowed to set a non-existent role value",
              "YOU_CANNOT_IMPERSONATE_ADMINS": "You cannot impersonate admins"
            },
            "schema": {
              "user": {
                "fields": {
                  "role": {
                    "type": "string",
                    "required": false,
                    "input": false
                  },
                  "banned": {
                    "type": "boolean",
                    "defaultValue": false,
                    "required": false,
                    "input": false
                  },
                  "banReason": {
                    "type": "string",
                    "required": false,
                    "input": false
                  },
                  "banExpires": {
                    "type": "date",
                    "required": false,
                    "input": false
                  }
                }
              },
              "session": {
                "fields": {
                  "impersonatedBy": {
                    "type": "string",
                    "required": false
                  }
                }
              }
            }
          }
        },
        {
          "name": "organization",
          "config": {
            "id": "organization",
            "endpoints": {},
            "schema": {
              "organization": {
                "fields": {
                  "name": {
                    "type": "string",
                    "required": true,
                    "sortable": true
                  },
                  "slug": {
                    "type": "string",
                    "required": true,
                    "unique": true,
                    "sortable": true
                  },
                  "logo": {
                    "type": "string",
                    "required": false
                  },
                  "createdAt": {
                    "type": "date",
                    "required": true
                  },
                  "metadata": {
                    "type": "string",
                    "required": false
                  }
                }
              },
              "member": {
                "fields": {
                  "organizationId": {
                    "type": "string",
                    "required": true,
                    "references": {
                      "model": "organization",
                      "field": "id"
                    },
                    "index": true
                  },
                  "userId": {
                    "type": "string",
                    "required": true,
                    "references": {
                      "model": "user",
                      "field": "id"
                    },
                    "index": true
                  },
                  "role": {
                    "type": "string",
                    "required": true,
                    "sortable": true,
                    "defaultValue": "member"
                  },
                  "createdAt": {
                    "type": "date",
                    "required": true
                  }
                }
              },
              "invitation": {
                "fields": {
                  "organizationId": {
                    "type": "string",
                    "required": true,
                    "references": {
                      "model": "organization",
                      "field": "id"
                    },
                    "index": true
                  },
                  "email": {
                    "type": "string",
                    "required": true,
                    "sortable": true,
                    "index": true
                  },
                  "role": {
                    "type": "string",
                    "required": false,
                    "sortable": true
                  },
                  "status": {
                    "type": "string",
                    "required": true,
                    "sortable": true,
                    "defaultValue": "pending"
                  },
                  "expiresAt": {
                    "type": "date",
                    "required": true
                  },
                  "createdAt": {
                    "type": "date",
                    "required": true
                  },
                  "inviterId": {
                    "type": "string",
                    "references": {
                      "model": "user",
                      "field": "id"
                    },
                    "required": true
                  }
                }
              },
              "session": {
                "fields": {
                  "activeOrganizationId": {
                    "type": "string",
                    "required": false
                  }
                }
              }
            },
            "$Infer": {
              "Organization": {},
              "Invitation": {},
              "Member": {},
              "Team": {},
              "TeamMember": {},
              "ActiveOrganization": {}
            },
            "$ERROR_CODES": {
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_ORGANIZATION": "You are not allowed to create a new organization",
              "YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_ORGANIZATIONS": "You have reached the maximum number of organizations",
              "ORGANIZATION_ALREADY_EXISTS": "Organization already exists",
              "ORGANIZATION_SLUG_ALREADY_TAKEN": "Organization slug already taken",
              "ORGANIZATION_NOT_FOUND": "Organization not found",
              "USER_IS_NOT_A_MEMBER_OF_THE_ORGANIZATION": "User is not a member of the organization",
              "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_ORGANIZATION": "You are not allowed to update this organization",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_ORGANIZATION": "You are not allowed to delete this organization",
              "NO_ACTIVE_ORGANIZATION": "No active organization",
              "USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION": "User is already a member of this organization",
              "MEMBER_NOT_FOUND": "Member not found",
              "ROLE_NOT_FOUND": "Role not found",
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM": "You are not allowed to create a new team",
              "TEAM_ALREADY_EXISTS": "Team already exists",
              "TEAM_NOT_FOUND": "Team not found",
              "YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER": "You cannot leave the organization as the only owner",
              "YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER": "You cannot leave the organization without an owner",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER": "You are not allowed to delete this member",
              "YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION": "You are not allowed to invite users to this organization",
              "USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION": "User is already invited to this organization",
              "INVITATION_NOT_FOUND": "Invitation not found",
              "YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION": "You are not the recipient of the invitation",
              "EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION": "Email verification required before accepting or rejecting invitation",
              "YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION": "You are not allowed to cancel this invitation",
              "INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION": "Inviter is no longer a member of the organization",
              "YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE": "You are not allowed to invite a user with this role",
              "FAILED_TO_RETRIEVE_INVITATION": "Failed to retrieve invitation",
              "YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_TEAMS": "You have reached the maximum number of teams",
              "UNABLE_TO_REMOVE_LAST_TEAM": "Unable to remove last team",
              "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER": "You are not allowed to update this member",
              "ORGANIZATION_MEMBERSHIP_LIMIT_REACHED": "Organization membership limit reached",
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION": "You are not allowed to create teams in this organization",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION": "You are not allowed to delete teams in this organization",
              "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM": "You are not allowed to update this team",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_TEAM": "You are not allowed to delete this team",
              "INVITATION_LIMIT_REACHED": "Invitation limit reached",
              "TEAM_MEMBER_LIMIT_REACHED": "Team member limit reached",
              "USER_IS_NOT_A_MEMBER_OF_THE_TEAM": "User is not a member of the team",
              "YOU_CAN_NOT_ACCESS_THE_MEMBERS_OF_THIS_TEAM": "You are not allowed to list the members of this team",
              "YOU_DO_NOT_HAVE_AN_ACTIVE_TEAM": "You do not have an active team",
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM_MEMBER": "You are not allowed to create a new member",
              "YOU_ARE_NOT_ALLOWED_TO_REMOVE_A_TEAM_MEMBER": "You are not allowed to remove a team member",
              "YOU_ARE_NOT_ALLOWED_TO_ACCESS_THIS_ORGANIZATION": "You are not allowed to access this organization as an owner",
              "YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION": "You are not a member of this organization",
              "MISSING_AC_INSTANCE": "Dynamic Access Control requires a pre-defined ac instance on the server auth plugin. Read server logs for more information",
              "YOU_MUST_BE_IN_AN_ORGANIZATION_TO_CREATE_A_ROLE": "You must be in an organization to create a role",
              "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_ROLE": "You are not allowed to create a role",
              "YOU_ARE_NOT_ALLOWED_TO_UPDATE_A_ROLE": "You are not allowed to update a role",
              "YOU_ARE_NOT_ALLOWED_TO_DELETE_A_ROLE": "You are not allowed to delete a role",
              "YOU_ARE_NOT_ALLOWED_TO_READ_A_ROLE": "You are not allowed to read a role",
              "YOU_ARE_NOT_ALLOWED_TO_LIST_A_ROLE": "You are not allowed to list a role",
              "YOU_ARE_NOT_ALLOWED_TO_GET_A_ROLE": "You are not allowed to get a role",
              "TOO_MANY_ROLES": "This organization has too many roles",
              "INVALID_RESOURCE": "The provided permission includes an invalid resource",
              "ROLE_NAME_IS_ALREADY_TAKEN": "That role name is already taken",
              "CANNOT_DELETE_A_PRE_DEFINED_ROLE": "Cannot delete a pre-defined role"
            },
            "options": {
              "ac": {
                "statements": {
                  "organization": [
                    "update",
                    "delete"
                  ],
                  "member": [
                    "create",
                    "update",
                    "delete"
                  ],
                  "invitation": [
                    "create",
                    "cancel"
                  ],
                  "team": [
                    "create",
                    "update",
                    "delete"
                  ],
                  "ac": [
                    "create",
                    "read",
                    "update",
                    "delete"
                  ],
                  "onboarding": [
                    "create",
                    "read",
                    "update",
                    "delete"
                  ],
                  "management": [
                    "create",
                    "read",
                    "update",
                    "delete"
                  ]
                }
              },
              "roles": {
                "owner": {
                  "statements": {
                    "onboarding": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "management": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "organization": [
                      "update",
                      "delete"
                    ],
                    "member": [
                      "create",
                      "update",
                      "delete"
                    ],
                    "invitation": [
                      "create",
                      "cancel"
                    ],
                    "team": [
                      "create",
                      "update",
                      "delete"
                    ],
                    "ac": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ]
                  }
                },
                "admin": {
                  "statements": {
                    "onboarding": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "management": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "organization": [
                      "update"
                    ],
                    "invitation": [
                      "create",
                      "cancel"
                    ],
                    "member": [
                      "create",
                      "update",
                      "delete"
                    ],
                    "team": [
                      "create",
                      "update",
                      "delete"
                    ],
                    "ac": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ]
                  }
                },
                "member": {
                  "statements": {
                    "onboarding": [
                      "read"
                    ],
                    "organization": [],
                    "member": [],
                    "invitation": [],
                    "team": [],
                    "ac": [
                      "read"
                    ]
                  }
                },
                "supervisor": {
                  "statements": {
                    "onboarding": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "organization": [],
                    "member": [],
                    "invitation": [],
                    "team": [],
                    "ac": [
                      "read"
                    ]
                  }
                },
                "manager": {
                  "statements": {
                    "onboarding": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "management": [
                      "create",
                      "read",
                      "update",
                      "delete"
                    ],
                    "organization": [],
                    "member": [],
                    "invitation": [],
                    "team": [],
                    "ac": [
                      "read"
                    ]
                  }
                }
              }
            }
          }
        },
        {
          "name": "sso",
          "config": {
            "id": "sso",
            "endpoints": {},
            "schema": {
              "ssoProvider": {
                "modelName": "ssoProvider",
                "fields": {
                  "issuer": {
                    "type": "string",
                    "required": true,
                    "fieldName": "issuer"
                  },
                  "oidcConfig": {
                    "type": "string",
                    "required": false,
                    "fieldName": "oidcConfig"
                  },
                  "samlConfig": {
                    "type": "string",
                    "required": false,
                    "fieldName": "samlConfig"
                  },
                  "userId": {
                    "type": "string",
                    "references": {
                      "model": "user",
                      "field": "id"
                    },
                    "fieldName": "userId"
                  },
                  "providerId": {
                    "type": "string",
                    "required": true,
                    "unique": true,
                    "fieldName": "providerId"
                  },
                  "organizationId": {
                    "type": "string",
                    "required": false,
                    "fieldName": "organizationId"
                  },
                  "domain": {
                    "type": "string",
                    "required": true,
                    "fieldName": "domain"
                  }
                }
              }
            }
          }
        },
        {
          "name": "passkey",
          "config": {
            "id": "passkey",
            "endpoints": {},
            "schema": {
              "passkey": {
                "fields": {
                  "name": {
                    "type": "string",
                    "required": false
                  },
                  "publicKey": {
                    "type": "string",
                    "required": true
                  },
                  "userId": {
                    "type": "string",
                    "references": {
                      "model": "user",
                      "field": "id"
                    },
                    "required": true,
                    "index": true
                  },
                  "credentialID": {
                    "type": "string",
                    "required": true,
                    "index": true
                  },
                  "counter": {
                    "type": "number",
                    "required": true
                  },
                  "deviceType": {
                    "type": "string",
                    "required": true
                  },
                  "backedUp": {
                    "type": "boolean",
                    "required": true
                  },
                  "transports": {
                    "type": "string",
                    "required": false
                  },
                  "createdAt": {
                    "type": "date",
                    "required": false
                  },
                  "aaguid": {
                    "type": "string",
                    "required": false
                  }
                }
              }
            },
            "$ERROR_CODES": {
              "CHALLENGE_NOT_FOUND": "Challenge not found",
              "YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY": "You are not allowed to register this passkey",
              "FAILED_TO_VERIFY_REGISTRATION": "Failed to verify registration",
              "PASSKEY_NOT_FOUND": "Passkey not found",
              "AUTHENTICATION_FAILED": "Authentication failed",
              "UNABLE_TO_CREATE_SESSION": "Unable to create session",
              "FAILED_TO_UPDATE_PASSKEY": "Failed to update passkey"
            }
          }
        },
        {
          "name": "sveltekit-cookies",
          "config": {
            "id": "sveltekit-cookies",
            "hooks": {
              "after": [
                {}
              ]
            }
          }
        }
      ],
      "telemetry": {
        "enabled": false
      },
      "advanced": {}
    }
  }
}

Which area(s) are affected? (Select all that apply)

Package

Auth config (if applicable)

import { dev } from "$app/environment";
import { getRequestEvent } from "$app/server";
import { env } from "$env/dynamic/private";
import { BETTER_AUTH_URL } from "$env/static/private";
import { ac, roles } from "$lib/permissions";
import { db } from "$lib/server/db";
import {
    sendOTPEmail,
    sendOTPSignInEmail,
    sendOTPVerificationEmail,
    sendOrganizationInvitationEmail,
} from "$lib/server/email";
import { betterAuth } from "better-auth/minimal";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { sso } from "@better-auth/sso";
import {
    admin as adminPlugin,
    emailOTP,
    organization,
} from "better-auth/plugins";
import { passkey } from "@better-auth/passkey";
import { sveltekitCookies } from "better-auth/svelte-kit";

const MICROSOFT_CLIENT_ID = env.MICROSOFT_CLIENT_ID;
const MICROSOFT_CLIENT_SECRET = env.MICROSOFT_CLIENT_SECRET;
if (!MICROSOFT_CLIENT_ID || !MICROSOFT_CLIENT_SECRET) {
    throw new Error(
        "Missing required environment variable: MICROSOFT_CLIENT_ID or MICROSOFT_CLIENT_SECRET",
    );
}

export const auth = betterAuth({
    baseURL: BETTER_AUTH_URL,
    database: drizzleAdapter(db, {
        provider: "pg",
    }),
    account: {
        accountLinking: {
            enabled: true,
            allowDifferentEmails: true,
        },
    },
    socialProviders: {
        microsoft: {
            clientId: MICROSOFT_CLIENT_ID,
            clientSecret: MICROSOFT_CLIENT_SECRET,
            tenantId: "common",
            authority: "https://login.microsoftonline.com",
            prompt: "select_account",
        },
    },
    plugins: [
        emailOTP({
            async sendVerificationOTP({ email, otp, type }) {
                if (dev) {
                    console.log(`OTP ${otp} sent to ${email}`);
                    return Promise.resolve();
                }
                if (type === "sign-in") {
                    await sendOTPSignInEmail(otp, email);
                } else if (type === "email-verification") {
                    await sendOTPVerificationEmail(otp, email);
                } else {
                    await sendOTPEmail(otp, email);
                }
            },
            disableSignUp: true,
        }),
        adminPlugin(),
        organization({
            ac,
            roles,
            async sendInvitationEmail(data) {
                const inviteLink = `${BETTER_AUTH_URL}/accept-invitation/${data.id}`;
                if (dev) {
                    console.log(`Invite link: ${inviteLink}`);
                    return Promise.resolve();
                }
                await sendOrganizationInvitationEmail(
                    data.email,
                    data.inviter.user.name,
                    data.inviter.user.email,
                    data.organization.name,
                    inviteLink,
                );
            },
        }),
        sso({
            organizationProvisioning: {
                disabled: false,
                defaultRole: "member",
            },
        }),
        passkey({
            rpID: dev ? "localhost" : new URL(BETTER_AUTH_URL).hostname,
            rpName: "mendra AI",
            origin: dev ? "http://localhost:5173" : BETTER_AUTH_URL,
        }),
        sveltekitCookies(getRequestEvent),
    ],
    telemetry: {
        enabled: false,
    },
    advanced: dev
        ? {}
        : {
              ipAddress: {
                  ipAddressHeaders: ["cf-connecting-ip"],
              },
          },
});

Additional context

No response

Originally created by @tnkuehne on GitHub (Dec 9, 2025). Original GitHub issue: https://github.com/better-auth/better-auth/issues/6635 ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce I use SvelteKit on Cloudflare Workers with node compat enabled 1. Update from 1.4.5 to 1.4.6 2. vite build 3. wrangler dev 4. open web app ### Current vs. Expected behavior ```console [wrangler:error] TypeError: The argument 'path' The argument must be a file URL object, a file URL string, or an absolute path string.. Received 'undefined' at createRequire (node:module:34:15) at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/chunk-DieNfLhd.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/chunk-DieNfLhd.mjs:50:33) at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/get-migration-CDvYpogu.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/get-migration-CDvYpogu.mjs:1:1) at node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/api/index.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0_@sveltejs+vite-plugin-s_c710132df62df20bd3cef737d1d8b456/node_modules/better-auth/dist/api/index.mjs:2:1) at node_modules/.pnpm/@better-auth+sso@1.4.6_better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0__c3526d3b26d68ac07d733b5f871e0085/node_modules/@better-auth/sso/dist/index.mjs (file:///home/timo/ZedProjects/enterprise/node_modules/.pnpm/@better-auth+sso@1.4.6_better-auth@1.4.6_@sveltejs+kit@2.49.1_@opentelemetry+api@1.9.0__c3526d3b26d68ac07d733b5f871e0085/node_modules/@better-auth/sso/dist/index.mjs:3:1) at .svelte-kit/output/server/chunks/auth.js (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/auth.js:30:1) [wrangler:error] TypeError: Cannot read properties of null (reading 'transport') at fn (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/index.js:2823:30) at null.<anonymous> (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/index.js:3156:17) at NoopContextManager$1.with (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/esm3.js:416:18) at ContextAPI$1.with (file:///home/timo/ZedProjects/enterprise/.svelte-kit/output/server/chunks/esm3.js:473:48) at null.<anonymous> (file:///home/timo/ZedProjects/enterprise/.svelte-kit/outp ``` In 1.4.5 I never saw this error ### What version of Better Auth are you using? 1.4.6 ### System info ```bash { "system": { "platform": "linux", "arch": "x64", "version": "#36~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Oct 15 15:45:17 UTC 2", "release": "6.14.0-36-generic", "cpuCount": 16, "cpuModel": "AMD Ryzen 7 PRO 5850U with Radeon Graphics", "totalMemory": "27.23 GB", "freeMemory": "14.95 GB" }, "node": { "version": "v22.19.0", "env": "development" }, "packageManager": { "name": "pnpm", "version": "10.23.0" }, "frameworks": [ { "name": "svelte", "version": "^5.45.6" }, { "name": "@sveltejs/kit", "version": "^2.49.1" } ], "databases": [ { "name": "drizzle", "version": "^0.45.0" }, { "name": "@neondatabase/serverless", "version": "^1.0.2" } ], "betterAuth": { "version": "^1.4.6", "config": { "baseURL": "http://localhost:8787", "account": { "accountLinking": { "enabled": true, "allowDifferentEmails": true } }, "socialProviders": { "microsoft": { "clientId": "[REDACTED]", "clientSecret": "[REDACTED]", "tenantId": "common", "authority": "https://login.microsoftonline.com", "prompt": "select_account" } }, "plugins": [ { "name": "email-otp", "config": { "id": "email-otp", "endpoints": {}, "hooks": { "after": [ {} ] }, "$ERROR_CODES": { "OTP_EXPIRED": "OTP expired", "INVALID_OTP": "Invalid OTP", "TOO_MANY_ATTEMPTS": "Too many attempts" }, "rateLimit": [ { "window": 60, "max": 3 }, { "window": 60, "max": 3 }, { "window": 60, "max": 3 }, { "window": 60, "max": 3 } ] } }, { "name": "admin", "config": { "id": "admin", "hooks": { "after": [ {} ] }, "endpoints": {}, "$ERROR_CODES": { "FAILED_TO_CREATE_USER": "Failed to create user", "USER_ALREADY_EXISTS": "User already exists.", "USER_ALREADY_EXISTS_USE_ANOTHER_EMAIL": "User already exists. Use another email.", "YOU_CANNOT_BAN_YOURSELF": "You cannot ban yourself", "YOU_ARE_NOT_ALLOWED_TO_CHANGE_USERS_ROLE": "You are not allowed to change users role", "YOU_ARE_NOT_ALLOWED_TO_CREATE_USERS": "You are not allowed to create users", "YOU_ARE_NOT_ALLOWED_TO_LIST_USERS": "You are not allowed to list users", "YOU_ARE_NOT_ALLOWED_TO_LIST_USERS_SESSIONS": "You are not allowed to list users sessions", "YOU_ARE_NOT_ALLOWED_TO_BAN_USERS": "You are not allowed to ban users", "YOU_ARE_NOT_ALLOWED_TO_IMPERSONATE_USERS": "You are not allowed to impersonate users", "YOU_ARE_NOT_ALLOWED_TO_REVOKE_USERS_SESSIONS": "You are not allowed to revoke users sessions", "YOU_ARE_NOT_ALLOWED_TO_DELETE_USERS": "You are not allowed to delete users", "YOU_ARE_NOT_ALLOWED_TO_SET_USERS_PASSWORD": "[REDACTED]", "BANNED_USER": "You have been banned from this application", "YOU_ARE_NOT_ALLOWED_TO_GET_USER": "You are not allowed to get user", "NO_DATA_TO_UPDATE": "No data to update", "YOU_ARE_NOT_ALLOWED_TO_UPDATE_USERS": "You are not allowed to update users", "YOU_CANNOT_REMOVE_YOURSELF": "You cannot remove yourself", "YOU_ARE_NOT_ALLOWED_TO_SET_NON_EXISTENT_VALUE": "You are not allowed to set a non-existent role value", "YOU_CANNOT_IMPERSONATE_ADMINS": "You cannot impersonate admins" }, "schema": { "user": { "fields": { "role": { "type": "string", "required": false, "input": false }, "banned": { "type": "boolean", "defaultValue": false, "required": false, "input": false }, "banReason": { "type": "string", "required": false, "input": false }, "banExpires": { "type": "date", "required": false, "input": false } } }, "session": { "fields": { "impersonatedBy": { "type": "string", "required": false } } } } } }, { "name": "organization", "config": { "id": "organization", "endpoints": {}, "schema": { "organization": { "fields": { "name": { "type": "string", "required": true, "sortable": true }, "slug": { "type": "string", "required": true, "unique": true, "sortable": true }, "logo": { "type": "string", "required": false }, "createdAt": { "type": "date", "required": true }, "metadata": { "type": "string", "required": false } } }, "member": { "fields": { "organizationId": { "type": "string", "required": true, "references": { "model": "organization", "field": "id" }, "index": true }, "userId": { "type": "string", "required": true, "references": { "model": "user", "field": "id" }, "index": true }, "role": { "type": "string", "required": true, "sortable": true, "defaultValue": "member" }, "createdAt": { "type": "date", "required": true } } }, "invitation": { "fields": { "organizationId": { "type": "string", "required": true, "references": { "model": "organization", "field": "id" }, "index": true }, "email": { "type": "string", "required": true, "sortable": true, "index": true }, "role": { "type": "string", "required": false, "sortable": true }, "status": { "type": "string", "required": true, "sortable": true, "defaultValue": "pending" }, "expiresAt": { "type": "date", "required": true }, "createdAt": { "type": "date", "required": true }, "inviterId": { "type": "string", "references": { "model": "user", "field": "id" }, "required": true } } }, "session": { "fields": { "activeOrganizationId": { "type": "string", "required": false } } } }, "$Infer": { "Organization": {}, "Invitation": {}, "Member": {}, "Team": {}, "TeamMember": {}, "ActiveOrganization": {} }, "$ERROR_CODES": { "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_ORGANIZATION": "You are not allowed to create a new organization", "YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_ORGANIZATIONS": "You have reached the maximum number of organizations", "ORGANIZATION_ALREADY_EXISTS": "Organization already exists", "ORGANIZATION_SLUG_ALREADY_TAKEN": "Organization slug already taken", "ORGANIZATION_NOT_FOUND": "Organization not found", "USER_IS_NOT_A_MEMBER_OF_THE_ORGANIZATION": "User is not a member of the organization", "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_ORGANIZATION": "You are not allowed to update this organization", "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_ORGANIZATION": "You are not allowed to delete this organization", "NO_ACTIVE_ORGANIZATION": "No active organization", "USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION": "User is already a member of this organization", "MEMBER_NOT_FOUND": "Member not found", "ROLE_NOT_FOUND": "Role not found", "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM": "You are not allowed to create a new team", "TEAM_ALREADY_EXISTS": "Team already exists", "TEAM_NOT_FOUND": "Team not found", "YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER": "You cannot leave the organization as the only owner", "YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER": "You cannot leave the organization without an owner", "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER": "You are not allowed to delete this member", "YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION": "You are not allowed to invite users to this organization", "USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION": "User is already invited to this organization", "INVITATION_NOT_FOUND": "Invitation not found", "YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION": "You are not the recipient of the invitation", "EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION": "Email verification required before accepting or rejecting invitation", "YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION": "You are not allowed to cancel this invitation", "INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION": "Inviter is no longer a member of the organization", "YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE": "You are not allowed to invite a user with this role", "FAILED_TO_RETRIEVE_INVITATION": "Failed to retrieve invitation", "YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_TEAMS": "You have reached the maximum number of teams", "UNABLE_TO_REMOVE_LAST_TEAM": "Unable to remove last team", "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER": "You are not allowed to update this member", "ORGANIZATION_MEMBERSHIP_LIMIT_REACHED": "Organization membership limit reached", "YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION": "You are not allowed to create teams in this organization", "YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION": "You are not allowed to delete teams in this organization", "YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM": "You are not allowed to update this team", "YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_TEAM": "You are not allowed to delete this team", "INVITATION_LIMIT_REACHED": "Invitation limit reached", "TEAM_MEMBER_LIMIT_REACHED": "Team member limit reached", "USER_IS_NOT_A_MEMBER_OF_THE_TEAM": "User is not a member of the team", "YOU_CAN_NOT_ACCESS_THE_MEMBERS_OF_THIS_TEAM": "You are not allowed to list the members of this team", "YOU_DO_NOT_HAVE_AN_ACTIVE_TEAM": "You do not have an active team", "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM_MEMBER": "You are not allowed to create a new member", "YOU_ARE_NOT_ALLOWED_TO_REMOVE_A_TEAM_MEMBER": "You are not allowed to remove a team member", "YOU_ARE_NOT_ALLOWED_TO_ACCESS_THIS_ORGANIZATION": "You are not allowed to access this organization as an owner", "YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION": "You are not a member of this organization", "MISSING_AC_INSTANCE": "Dynamic Access Control requires a pre-defined ac instance on the server auth plugin. Read server logs for more information", "YOU_MUST_BE_IN_AN_ORGANIZATION_TO_CREATE_A_ROLE": "You must be in an organization to create a role", "YOU_ARE_NOT_ALLOWED_TO_CREATE_A_ROLE": "You are not allowed to create a role", "YOU_ARE_NOT_ALLOWED_TO_UPDATE_A_ROLE": "You are not allowed to update a role", "YOU_ARE_NOT_ALLOWED_TO_DELETE_A_ROLE": "You are not allowed to delete a role", "YOU_ARE_NOT_ALLOWED_TO_READ_A_ROLE": "You are not allowed to read a role", "YOU_ARE_NOT_ALLOWED_TO_LIST_A_ROLE": "You are not allowed to list a role", "YOU_ARE_NOT_ALLOWED_TO_GET_A_ROLE": "You are not allowed to get a role", "TOO_MANY_ROLES": "This organization has too many roles", "INVALID_RESOURCE": "The provided permission includes an invalid resource", "ROLE_NAME_IS_ALREADY_TAKEN": "That role name is already taken", "CANNOT_DELETE_A_PRE_DEFINED_ROLE": "Cannot delete a pre-defined role" }, "options": { "ac": { "statements": { "organization": [ "update", "delete" ], "member": [ "create", "update", "delete" ], "invitation": [ "create", "cancel" ], "team": [ "create", "update", "delete" ], "ac": [ "create", "read", "update", "delete" ], "onboarding": [ "create", "read", "update", "delete" ], "management": [ "create", "read", "update", "delete" ] } }, "roles": { "owner": { "statements": { "onboarding": [ "create", "read", "update", "delete" ], "management": [ "create", "read", "update", "delete" ], "organization": [ "update", "delete" ], "member": [ "create", "update", "delete" ], "invitation": [ "create", "cancel" ], "team": [ "create", "update", "delete" ], "ac": [ "create", "read", "update", "delete" ] } }, "admin": { "statements": { "onboarding": [ "create", "read", "update", "delete" ], "management": [ "create", "read", "update", "delete" ], "organization": [ "update" ], "invitation": [ "create", "cancel" ], "member": [ "create", "update", "delete" ], "team": [ "create", "update", "delete" ], "ac": [ "create", "read", "update", "delete" ] } }, "member": { "statements": { "onboarding": [ "read" ], "organization": [], "member": [], "invitation": [], "team": [], "ac": [ "read" ] } }, "supervisor": { "statements": { "onboarding": [ "create", "read", "update", "delete" ], "organization": [], "member": [], "invitation": [], "team": [], "ac": [ "read" ] } }, "manager": { "statements": { "onboarding": [ "create", "read", "update", "delete" ], "management": [ "create", "read", "update", "delete" ], "organization": [], "member": [], "invitation": [], "team": [], "ac": [ "read" ] } } } } } }, { "name": "sso", "config": { "id": "sso", "endpoints": {}, "schema": { "ssoProvider": { "modelName": "ssoProvider", "fields": { "issuer": { "type": "string", "required": true, "fieldName": "issuer" }, "oidcConfig": { "type": "string", "required": false, "fieldName": "oidcConfig" }, "samlConfig": { "type": "string", "required": false, "fieldName": "samlConfig" }, "userId": { "type": "string", "references": { "model": "user", "field": "id" }, "fieldName": "userId" }, "providerId": { "type": "string", "required": true, "unique": true, "fieldName": "providerId" }, "organizationId": { "type": "string", "required": false, "fieldName": "organizationId" }, "domain": { "type": "string", "required": true, "fieldName": "domain" } } } } } }, { "name": "passkey", "config": { "id": "passkey", "endpoints": {}, "schema": { "passkey": { "fields": { "name": { "type": "string", "required": false }, "publicKey": { "type": "string", "required": true }, "userId": { "type": "string", "references": { "model": "user", "field": "id" }, "required": true, "index": true }, "credentialID": { "type": "string", "required": true, "index": true }, "counter": { "type": "number", "required": true }, "deviceType": { "type": "string", "required": true }, "backedUp": { "type": "boolean", "required": true }, "transports": { "type": "string", "required": false }, "createdAt": { "type": "date", "required": false }, "aaguid": { "type": "string", "required": false } } } }, "$ERROR_CODES": { "CHALLENGE_NOT_FOUND": "Challenge not found", "YOU_ARE_NOT_ALLOWED_TO_REGISTER_THIS_PASSKEY": "You are not allowed to register this passkey", "FAILED_TO_VERIFY_REGISTRATION": "Failed to verify registration", "PASSKEY_NOT_FOUND": "Passkey not found", "AUTHENTICATION_FAILED": "Authentication failed", "UNABLE_TO_CREATE_SESSION": "Unable to create session", "FAILED_TO_UPDATE_PASSKEY": "Failed to update passkey" } } }, { "name": "sveltekit-cookies", "config": { "id": "sveltekit-cookies", "hooks": { "after": [ {} ] } } } ], "telemetry": { "enabled": false }, "advanced": {} } } } ``` ### Which area(s) are affected? (Select all that apply) Package ### Auth config (if applicable) ```typescript import { dev } from "$app/environment"; import { getRequestEvent } from "$app/server"; import { env } from "$env/dynamic/private"; import { BETTER_AUTH_URL } from "$env/static/private"; import { ac, roles } from "$lib/permissions"; import { db } from "$lib/server/db"; import { sendOTPEmail, sendOTPSignInEmail, sendOTPVerificationEmail, sendOrganizationInvitationEmail, } from "$lib/server/email"; import { betterAuth } from "better-auth/minimal"; import { drizzleAdapter } from "better-auth/adapters/drizzle"; import { sso } from "@better-auth/sso"; import { admin as adminPlugin, emailOTP, organization, } from "better-auth/plugins"; import { passkey } from "@better-auth/passkey"; import { sveltekitCookies } from "better-auth/svelte-kit"; const MICROSOFT_CLIENT_ID = env.MICROSOFT_CLIENT_ID; const MICROSOFT_CLIENT_SECRET = env.MICROSOFT_CLIENT_SECRET; if (!MICROSOFT_CLIENT_ID || !MICROSOFT_CLIENT_SECRET) { throw new Error( "Missing required environment variable: MICROSOFT_CLIENT_ID or MICROSOFT_CLIENT_SECRET", ); } export const auth = betterAuth({ baseURL: BETTER_AUTH_URL, database: drizzleAdapter(db, { provider: "pg", }), account: { accountLinking: { enabled: true, allowDifferentEmails: true, }, }, socialProviders: { microsoft: { clientId: MICROSOFT_CLIENT_ID, clientSecret: MICROSOFT_CLIENT_SECRET, tenantId: "common", authority: "https://login.microsoftonline.com", prompt: "select_account", }, }, plugins: [ emailOTP({ async sendVerificationOTP({ email, otp, type }) { if (dev) { console.log(`OTP ${otp} sent to ${email}`); return Promise.resolve(); } if (type === "sign-in") { await sendOTPSignInEmail(otp, email); } else if (type === "email-verification") { await sendOTPVerificationEmail(otp, email); } else { await sendOTPEmail(otp, email); } }, disableSignUp: true, }), adminPlugin(), organization({ ac, roles, async sendInvitationEmail(data) { const inviteLink = `${BETTER_AUTH_URL}/accept-invitation/${data.id}`; if (dev) { console.log(`Invite link: ${inviteLink}`); return Promise.resolve(); } await sendOrganizationInvitationEmail( data.email, data.inviter.user.name, data.inviter.user.email, data.organization.name, inviteLink, ); }, }), sso({ organizationProvisioning: { disabled: false, defaultRole: "member", }, }), passkey({ rpID: dev ? "localhost" : new URL(BETTER_AUTH_URL).hostname, rpName: "mendra AI", origin: dev ? "http://localhost:5173" : BETTER_AUTH_URL, }), sveltekitCookies(getRequestEvent), ], telemetry: { enabled: false, }, advanced: dev ? {} : { ipAddress: { ipAddressHeaders: ["cf-connecting-ip"], }, }, }); ``` ### Additional context _No response_
GiteaMirror added the lockedbug labels 2026-04-13 06:48:39 -05:00
GiteaMirror commented 2026-04-13 06:48:40 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Dec 9, 2025):

This is a known regression: Better Auth 1.4.6 introduces Node.js-specific code (like createRequire and path) into the SSO flow, which breaks on Cloudflare Workers because those APIs aren't available there. The error comes from migration/database code that expects Node primitives, and the Worker build ends up calling createRequire(undefined) and crashing when it can't resolve a file path [details].

To work around this:

  • Make sure SSO/social sign-in is always initiated from the client using authClient.api.signInSSO from better-auth/client, not from the server or backend routes. Only the callback endpoint should be handled server-side [details].
  • In Cloudflare Workers, do not export a singleton auth instance. Instead, instantiate the auth client inside each request handler to ensure request context is available [details].
  • If you need full compatibility, you may need to downgrade to a version before the regression (e.g., 1.3.4) or try the suggested beta (1.4.6-beta.4) to see if it resolves the issue [details].
  • Note: Disabling telemetry in config does not fully prevent the error, as some Node.js modules are still imported unconditionally in affected versions [details].

There are trade-offs: instantiating per request breaks CLI features and type inference, and you may need to manage schema manually or use a Node environment for migrations. Full Cloudflare Workers compatibility is still a work in progress [details].

If you want a code example or more details on the workaround, let me know!

To reply, just mention @dosu.

How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other

Chat with Dosu Open in Cursor Join Discord Share on X

<!-- gh-comment-id:3631271550 --> @dosubot[bot] commented on GitHub (Dec 9, 2025): <!-- Answer --> This is a known regression: Better Auth 1.4.6 introduces Node.js-specific code (like `createRequire` and `path`) into the SSO flow, which breaks on Cloudflare Workers because those APIs aren't available there. The error comes from migration/database code that expects Node primitives, and the Worker build ends up calling `createRequire(undefined)` and crashing when it can't resolve a file path [[details](https://github.com/better-auth/better-auth/issues/6613)]. To work around this: - Make sure SSO/social sign-in is always initiated from the client using `authClient.api.signInSSO` from `better-auth/client`, not from the server or backend routes. Only the callback endpoint should be handled server-side [[details](https://github.com/better-auth/better-auth/issues/6613)]. - In Cloudflare Workers, do not export a singleton `auth` instance. Instead, instantiate the auth client inside each request handler to ensure request context is available [[details](https://github.com/better-auth/better-auth/issues/5413)]. - If you need full compatibility, you may need to downgrade to a version before the regression (e.g., 1.3.4) or try the suggested beta (`1.4.6-beta.4`) to see if it resolves the issue [[details](https://github.com/better-auth/better-auth/issues/6613)]. - Note: Disabling telemetry in config does not fully prevent the error, as some Node.js modules are still imported unconditionally in affected versions [[details](https://github.com/better-auth/better-auth/issues/3998)]. There are trade-offs: instantiating per request breaks CLI features and type inference, and you may need to manage schema manually or use a Node environment for migrations. Full Cloudflare Workers compatibility is still a work in progress [[details](https://github.com/better-auth/better-auth/issues/5413)]. If you want a code example or more details on the workaround, let me know! <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/c0ad3639-78df-42cf-b794-8770dbb3dc35?feedback_type=other)</sup> [![Chat with Dosu](https://dosu.dev/dosu-chat-badge.svg)](https://app.dosu.dev/cdda13d9-dd27-4d31-b09a-5d8bec92de21/ask?utm_source=github)&nbsp;[![Open in Cursor](https://dosu.dev/dosu-in-cursor.svg)](https://cursor.com/link/prompt?text=This%20is%20a%20known%20regression%3A%20Better%20Auth%201.4.6%20introduces%20Node.js-specific%20code%20%28like%20%60createRequire%60%20and%20%60path%60%29%20into%20the%20SSO%20flow%2C%20which%20breaks%20on%20Cloudflare%20Workers%20because%20those%20APIs%20aren%27t%20available%20there.%20The%20error%20comes%20from%20migration/database%20code%20that%20expects%20Node%20primitives%2C%20and%20the%20Worker%20build%20ends%20up%20calling%20%60createRequire%28undefined%29%60%20and%20crashing%20when%20it%20can%27t%20resolve%20a%20file%20path%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/6613%29%5D.%0A%0ATo%20work%20around%20this%3A%0A%0A-%20Make%20sure%20SSO/social%20sign-in%20is%20always%20initiated%20from%20the%20client%20using%20%60authClient.api.signInSSO%60%20from%20%60better-auth/client%60%2C%20not%20from%20the%20server%20or%20backend%20routes.%20Only%20the%20callback%20endpoint%20should%20be%20handled%20server-side%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/6613%29%5D.%0A-%20In%20Cloudflare%20Workers%2C%20do%20not%20export%20a%20singleton%20%60auth%60%20instance.%20Instead%2C%20instantiate%20the%20auth%20client%20inside%20each%20request%20handler%20to%20ensure%20request%20context%20is%20available%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/5413%29%5D.%0A-%20If%20you%20need%20full%20compatibility%2C%20you%20may%20need%20to%20downgrade%20to%20a%20version%20before%20the%20regression%20%28e.g.%2C%201.3.4%29%20or%20try%20the%20suggested%20beta%20%28%601.4.6-beta.4%60%29%20to%20see%20if%20it%20resolves%20the%20issue%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/6613%29%5D.%0A-%20Note%3A%20Disabling%20telemetry%20in%20config%20does%20not%20fully%20prevent%20the%20error%2C%20as%20some%20Node.js%20modules%20are%20still%20imported%20unconditionally%20in%20affected%20versions%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/3998%29%5D.%0A%0AThere%20are%20trade-offs%3A%20instantiating%20per%20request%20breaks%20CLI%20features%20and%20type%20inference%2C%20and%20you%20may%20need%20to%20manage%20schema%20manually%20or%20use%20a%20Node%20environment%20for%20migrations.%20Full%20Cloudflare%20Workers%20compatibility%20is%20still%20a%20work%20in%20progress%20%5B%5Bdetails%5D%28https%3A//github.com/better-auth/better-auth/issues/5413%29%5D.%0A%0AIf%20you%20want%20a%20code%20example%20or%20more%20details%20on%20the%20workaround%2C%20let%20me%20know%21)&nbsp;[![Join Discord](https://img.shields.io/badge/join-5865F2?logo=discord&logoColor=white&label=)](https://go.dosu.dev/discord-bot)&nbsp;[![Share on X](https://img.shields.io/badge/X-share-black)](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/better-auth/better-auth/issues/6635)
GiteaMirror commented 2026-04-13 06:48:41 -05:00
Author
Owner
Copy Link

@tnkuehne commented on GitHub (Dec 9, 2025):

I don’t think Dosubot is correct here

<!-- gh-comment-id:3633110921 --> @tnkuehne commented on GitHub (Dec 9, 2025): I don’t think Dosubot is correct here
GiteaMirror commented 2026-04-13 06:48:41 -05:00
Author
Owner
Copy Link

@jinsley8 commented on GitHub (Dec 9, 2025):

I'm seeing the same error #6638

<!-- gh-comment-id:3633141086 --> @jinsley8 commented on GitHub (Dec 9, 2025): I'm seeing the same error #6638
GiteaMirror commented 2026-04-13 06:48:42 -05:00
Author
Owner
Copy Link

@AlfayezDev commented on GitHub (Dec 9, 2025):

Confirmed, reverting to 1.4.5 fixed it

<!-- gh-comment-id:3633355096 --> @AlfayezDev commented on GitHub (Dec 9, 2025): Confirmed, reverting to 1.4.5 fixed it
GiteaMirror commented 2026-04-13 06:48:42 -05:00
Author
Owner
Copy Link

@tnkuehne commented on GitHub (Dec 13, 2025):

In 1.4.7-beta, it is resolved.

<!-- gh-comment-id:3649456864 --> @tnkuehne commented on GitHub (Dec 13, 2025): In `1.4.7-beta`, it is resolved.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label bug locked
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#10576
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?