[GH-ISSUE #6650] [OIDC Provider]: Missing OAuth 2.0 Token Revocation Endpoint (RFC 7009) #10584

New Issue

Closed

opened 2026-04-13 06:49:20 -05:00 by GiteaMirror · 2 comments

GiteaMirror commented 2026-04-13 06:49:20 -05:00

Owner

Copy Link

Originally created by @inducingchaos on GitHub (Dec 9, 2025).
Original GitHub issue: https://github.com/better-auth/better-auth/issues/6650

Is this suited for github?

• Yes, this is suited for github

To Reproduce

1. Configure BetterAuth with OIDC provider plugin
2. Issue OAuth access tokens via the /oauth2/token endpoint
3. Attempt to revoke tokens using the standard OAuth 2.0 Token Revocation endpoint
4. Observe that /oauth2/revoke endpoint does not exist

Expected endpoint:

POST /api/auth/oauth2/revoke
Content-Type: application/x-www-form-urlencoded

token=<access_token_or_refresh_token>
token_type_hint=access_token # optional
client_id=<client_id>

Current vs. Expected behavior

Current behavior:
The OIDC plugin does not implement the OAuth 2.0 Token Revocation endpoint (RFC 7009). When users log out or need to revoke tokens, there's no standard way to invalidate tokens server-side. Tokens remain valid in the database until they expire naturally.

Expected behavior:
The OIDC plugin should implement /oauth2/revoke endpoint per RFC 7009 that:

• Accepts token (required), token_type_hint (optional), and client_id (required for public clients)
• Validates the token and client_id
• Deletes the token record from the database
• Returns 200 OK even for invalid/expired tokens (security best practice to prevent token enumeration)

Impact:

• Users cannot properly log out (tokens remain valid)
• Security concern: compromised tokens cannot be immediately revoked
• No way to implement proper token lifecycle management

Reference implementation:
I've created a polyfill plugin that implements the revocation endpoint. Here's the implementation for reference:

// polyfills/oidc-provider.ts
import type { BetterAuthPlugin } from "better-auth"
import { APIError } from "better-auth"
import { createAuthEndpoint } from "better-auth/plugins"
import { eq, or } from "drizzle-orm"
import { db } from "~/server/data/store"
import { oauthAccessTokens } from "~/server/data/store/tables"

export const oidcProviderPolyfill = () => {
    return {
        id: "oidc-polyfill",
        endpoints: {
            revoke: createAuthEndpoint(
                "/oauth2/revoke",
                {
                    method: "POST",
                    metadata: {
                        allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"]
                    }
                },
                async ctx => {
                    let body = ctx.body
                    if (body instanceof FormData) body = Object.fromEntries(body.entries())

                    if (!body || typeof body !== "object") {
                        throw new APIError("BAD_REQUEST", {
                            error_description: "request body is required",
                            error: "invalid_request"
                        })
                    }

                    const { token, token_type_hint, client_id } = body as {
                        token?: string | string[]
                        token_type_hint?: string | string[]
                        client_id?: string | string[]
                    }

                    if (!token) {
                        throw new APIError("BAD_REQUEST", {
                            error_description: "token is required",
                            error: "invalid_request"
                        })
                    }

                    const tokenValue = Array.isArray(token) ? token[0] : token
                    const clientIdValue = Array.isArray(client_id) ? client_id[0] : client_id
                    const tokenTypeHint = Array.isArray(token_type_hint) ? token_type_hint[0] : token_type_hint

                    if (!clientIdValue) {
                        throw new APIError("BAD_REQUEST", {
                            error_description: "client_id is required",
                            error: "invalid_request"
                        })
                    }

                    // Find token by type hint for optimization, or search both if no hint
                    const tokenRecord = await db
                        .select()
                        .from(oauthAccessTokens)
                        .where(tokenTypeHint === "refresh_token" ? eq(oauthAccessTokens.refreshToken, tokenValue) : tokenTypeHint === "access_token" ? eq(oauthAccessTokens.accessToken, tokenValue) : or(eq(oauthAccessTokens.accessToken, tokenValue), eq(oauthAccessTokens.refreshToken, tokenValue)))
                        .limit(1)
                        .then(rows => rows[0] ?? null)

                    // Verify client_id matches (security: prevent token theft)
                    if (tokenRecord && tokenRecord.clientId !== clientIdValue) {
                        // RFC 7009: Return 200 OK even for invalid tokens
                        return ctx.json({}, { status: 200 })
                    }

                    // Delete the token if found
                    if (tokenRecord) {
                        await db.delete(oauthAccessTokens).where(eq(oauthAccessTokens.id, tokenRecord.id))
                    }

                    // RFC 7009: Always return 200 OK, even if token is invalid/expired
                    return ctx.json({}, { status: 200 })
                }
            )
        }
    } satisfies BetterAuthPlugin
}

What version of Better Auth are you using?

1.4.5

System info

{                                                       "system": {                                             "platform": "darwin",                                 "arch": "arm64",                                      "version": "Darwin Kernel Version 25.0.0: Wed Sep 17 21:38:03 PDT 2025; root:xnu-12377.1.9~141/RELEASE_ARM64_T8112",                                              "release": "25.0.0",                                  "cpuCount": 8,                                        "cpuModel": "Apple M2",                               "totalMemory": "8.00 GB",                             "freeMemory": "0.16 GB"
  },                                                    "node": {                                               "version": "v22.20.0",                                "env": "development"                                },
  "packageManager": {                                     "name": "pnpm",                                       "version": "10.20.0"                                },
  "frameworks": [                                         {                                                       "name": "next",                                       "version": "16.0.8"                                 },                                                    {                                                       "name": "react",                                      "version": "catalog:react"                          }                                                   ],                                                    "databases": [                                          {                                                       "name": "postgres",                                   "version": "^3.4.7"                                 },                                                    {                                                       "name": "drizzle",                                    "version": "catalog:drizzle"                        }                                                   ],                                                    "betterAuth": {                                         "version": "catalog:better-auth",                     "config": {                                             "appName": "ALTERED",                                 "baseURL": "http://localhost:258",                    "secret": "[REDACTED]",                               "socialProviders": {                                    "google": {                                             "clientId": "[REDACTED]",                             "clientSecret": "[REDACTED]"                        }                                                   },                                                    "plugins": [                                            {                                                       "name": "next-cookies",                               "config": {                                             "id": "next-cookies",                                 "hooks": {                                              "after": [                                              {}                                                  ]                                                   }                                                   }                                                   },                                                    {                                                       "name": "oidc",                                       "config": {                                             "id": "oidc",                                         "hooks": {                                              "after": [                                              {}                                                  ]                                                   },                                                    "endpoints": {},                                      "schema": {                                             "oauthApplication": {                                   "modelName": "oauthApplication",                      "fields": {                                             "name": {                                               "type": "string"                                    },                                                    "icon": {                                               "type": "string",                                     "required": false                                   },                                                    "metadata": {                                           "type": "string",                                     "required": false                                   },                                                    "clientId": {
                    "type": "string",                                     "unique": true                                      },                                                    "clientSecret": {
                    "type": "string",
                    "required": false                                   },                                                    "redirectUrls": {                                       "type": "string"                                    },                                                    "type": {                                               "type": "string"                                    },                                                    "disabled": {
                    "type": "boolean",                                    "required": false,                                    "defaultValue": false                               },                                                    "userId": {                                             "type": "string",                                     "required": false,                                    "references": {                                         "model": "user",                                      "field": "id",                                        "onDelete": "cascade"                               },                                                    "index": true                                       },                                                    "createdAt": {                                          "type": "date"                                      },                                                    "updatedAt": {                                          "type": "date"                                      }                                                   }                                                   },                                                    "oauthAccessToken": {                                   "modelName": "oauthAccessToken",                      "fields": {
                  "accessToken": {                                        "type": "string",
                    "unique": true                                      },                                                    "refreshToken": {
                    "type": "string",                                     "unique": true                                      },                                                    "accessTokenExpiresAt": {                               "type": "date"                                      },                                                    "refreshTokenExpiresAt": {                              "type": "date"                                      },                                                    "clientId": {                                           "type": "string",                                     "references": {                                         "model": "oauthApplication",
                      "field": "clientId",
                      "onDelete": "cascade"                               },
                    "index": true
                  },
                  "userId": {                                             "type": "string",
                    "required": false,                                    "references": {
                      "model": "user",
                      "field": "id",
                      "onDelete": "cascade"
                    },
                    "index": true
                  },
                  "scopes": {                                             "type": "string"
                  },
                  "createdAt": {
                    "type": "date"                                      },
                  "updatedAt": {                                          "type": "date"
                  }
                }
              },
              "oauthConsent": {
                "modelName": "oauthConsent",
                "fields": {                                             "clientId": {
                    "type": "string",                                     "references": {
                      "model": "oauthApplication",
                      "field": "clientId",
                      "onDelete": "cascade"
                    },
                    "index": true                                       },
                  "userId": {                                             "type": "string",
                    "references": {
                      "model": "user",
                      "field": "id",
                      "onDelete": "cascade"
                    },                                                    "index": true
                  },                                                    "scopes": {
                    "type": "string"
                  },
                  "createdAt": {
                    "type": "date"
                  },                                                    "updatedAt": {
                    "type": "date"                                      },
                  "consentGiven": {
                    "type": "boolean"
                  }
                }
              }                                                   },
            "options": {                                            "codeExpiresIn": 600,
              "defaultScope": "openid",
              "accessTokenExpiresIn": 3600,
              "refreshTokenExpiresIn": 604800,                      "allowPlainCodeChallengeMethod": true,
              "storeClientSecret": "[REDACTED]",                    "loginPage": "/sign-in",
              "trustedClients": [
                {
                  "clientId": "[REDACTED]",
                  "name": "ALTERED for Raycast",
                  "type": "public",
                  "clientSecret": "[REDACTED]",
                  "icon": "icon.png",                                   "redirectUrls": [
                    "https://raycast.com/redirect?packageName=Extension"
                  ],
                  "disabled": false,
                  "skipConsent": true,                                  "metadata": {
                    "platform": "raycast"
                  }                                                   }
              ],                                                    "scopes": [
                "openid",                                             "profile",
                "email",
                "offline_access"
              ]
            }
          }
        },
        {
          "name": "oidc-polyfill",                              "config": {
            "id": "oidc-polyfill",                                "endpoints": {}
          }
        }
      ],                                                    "advanced": {                                           "database": {}                                      }
    }
  }
}

Which area(s) are affected? (Select all that apply)

Backend

Auth config (if applicable)

import { betterAuth } from "better-auth"
import { drizzleAdapter } from "better-auth/adapters/drizzle"
import { oidcProvider } from "better-auth/plugins"
import { db } from "~/server/data/store"

export const auth = betterAuth({
    database: drizzleAdapter(db, {
        provider: "pg",
        usePlural: true
    }),
    plugins: [
        oidcProvider({
            loginPage: "/sign-in",
            trustedClients: [
                {
                    clientId: "altered-launcher",
                    name: "ALTERED for Raycast",
                    type: "public",
                    clientSecret: "placeholder-secret",
                    redirectUrls: ["https://raycast.com/redirect?packageName=Extension"],
                    disabled: false,
                    skipConsent: true,
                    metadata: { platform: "raycast" }
                }
            ]
        })
    ]
})

Additional context

RFC 7009 Compliance:
The OAuth 2.0 Token Revocation specification (RFC 7009) is a standard that should be implemented by OAuth 2.0 providers. It's particularly important for:

• Native/mobile applications that need to log users out
• Security: ability to immediately revoke compromised tokens
• Token lifecycle management

Current OIDC endpoints:

• ✅ /oauth2/authorize - Authorization endpoint
• ✅ /oauth2/token - Token endpoint
• ✅ /oauth2/userinfo - UserInfo endpoint
• ✅ /oauth2/consent - Consent endpoint
• ✅ /oauth2/register - Client registration
• ✅ /oauth2/endsession - RP-Initiated Logout
• ❌ /oauth2/revoke - Missing Token Revocation endpoint

Related:

• RFC 7009: https://datatracker.ietf.org/doc/html/rfc7009
• BetterAuth OIDC plugin source: 5f89bfa076/packages/better-auth/src/plugins/oidc-provider/index.ts

Originally created by @inducingchaos on GitHub (Dec 9, 2025). Original GitHub issue: https://github.com/better-auth/better-auth/issues/6650 ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce 1. Configure BetterAuth with OIDC provider plugin 2. Issue OAuth access tokens via the `/oauth2/token` endpoint 3. Attempt to revoke tokens using the standard OAuth 2.0 Token Revocation endpoint 4. Observe that `/oauth2/revoke` endpoint does not exist **Expected endpoint:** ``` POST /api/auth/oauth2/revoke Content-Type: application/x-www-form-urlencoded token=<access_token_or_refresh_token> token_type_hint=access_token # optional client_id=<client_id> ``` ### Current vs. Expected behavior **Current behavior:** The OIDC plugin does not implement the OAuth 2.0 Token Revocation endpoint (RFC 7009). When users log out or need to revoke tokens, there's no standard way to invalidate tokens server-side. Tokens remain valid in the database until they expire naturally. **Expected behavior:** The OIDC plugin should implement `/oauth2/revoke` endpoint per RFC 7009 that: - Accepts `token` (required), `token_type_hint` (optional), and `client_id` (required for public clients) - Validates the token and client_id - Deletes the token record from the database - Returns `200 OK` even for invalid/expired tokens (security best practice to prevent token enumeration) **Impact:** - Users cannot properly log out (tokens remain valid) - Security concern: compromised tokens cannot be immediately revoked - No way to implement proper token lifecycle management **Reference implementation:** I've created a polyfill plugin that implements the revocation endpoint. Here's the implementation for reference: ```typescript // polyfills/oidc-provider.ts import type { BetterAuthPlugin } from "better-auth" import { APIError } from "better-auth" import { createAuthEndpoint } from "better-auth/plugins" import { eq, or } from "drizzle-orm" import { db } from "~/server/data/store" import { oauthAccessTokens } from "~/server/data/store/tables" export const oidcProviderPolyfill = () => { return { id: "oidc-polyfill", endpoints: { revoke: createAuthEndpoint( "/oauth2/revoke", { method: "POST", metadata: { allowedMediaTypes: ["application/x-www-form-urlencoded", "application/json"] } }, async ctx => { let body = ctx.body if (body instanceof FormData) body = Object.fromEntries(body.entries()) if (!body || typeof body !== "object") { throw new APIError("BAD_REQUEST", { error_description: "request body is required", error: "invalid_request" }) } const { token, token_type_hint, client_id } = body as { token?: string | string[] token_type_hint?: string | string[] client_id?: string | string[] } if (!token) { throw new APIError("BAD_REQUEST", { error_description: "token is required", error: "invalid_request" }) } const tokenValue = Array.isArray(token) ? token[0] : token const clientIdValue = Array.isArray(client_id) ? client_id[0] : client_id const tokenTypeHint = Array.isArray(token_type_hint) ? token_type_hint[0] : token_type_hint if (!clientIdValue) { throw new APIError("BAD_REQUEST", { error_description: "client_id is required", error: "invalid_request" }) } // Find token by type hint for optimization, or search both if no hint const tokenRecord = await db .select() .from(oauthAccessTokens) .where(tokenTypeHint === "refresh_token" ? eq(oauthAccessTokens.refreshToken, tokenValue) : tokenTypeHint === "access_token" ? eq(oauthAccessTokens.accessToken, tokenValue) : or(eq(oauthAccessTokens.accessToken, tokenValue), eq(oauthAccessTokens.refreshToken, tokenValue))) .limit(1) .then(rows => rows[0] ?? null) // Verify client_id matches (security: prevent token theft) if (tokenRecord && tokenRecord.clientId !== clientIdValue) { // RFC 7009: Return 200 OK even for invalid tokens return ctx.json({}, { status: 200 }) } // Delete the token if found if (tokenRecord) { await db.delete(oauthAccessTokens).where(eq(oauthAccessTokens.id, tokenRecord.id)) } // RFC 7009: Always return 200 OK, even if token is invalid/expired return ctx.json({}, { status: 200 }) } ) } } satisfies BetterAuthPlugin } ``` ### What version of Better Auth are you using? 1.4.5 ### System info ```bash { "system": { "platform": "darwin", "arch": "arm64", "version": "Darwin Kernel Version 25.0.0: Wed Sep 17 21:38:03 PDT 2025; root:xnu-12377.1.9~141/RELEASE_ARM64_T8112", "release": "25.0.0", "cpuCount": 8, "cpuModel": "Apple M2", "totalMemory": "8.00 GB", "freeMemory": "0.16 GB" }, "node": { "version": "v22.20.0", "env": "development" }, "packageManager": { "name": "pnpm", "version": "10.20.0" }, "frameworks": [ { "name": "next", "version": "16.0.8" }, { "name": "react", "version": "catalog:react" } ], "databases": [ { "name": "postgres", "version": "^3.4.7" }, { "name": "drizzle", "version": "catalog:drizzle" } ], "betterAuth": { "version": "catalog:better-auth", "config": { "appName": "ALTERED", "baseURL": "http://localhost:258", "secret": "[REDACTED]", "socialProviders": { "google": { "clientId": "[REDACTED]", "clientSecret": "[REDACTED]" } }, "plugins": [ { "name": "next-cookies", "config": { "id": "next-cookies", "hooks": { "after": [ {} ] } } }, { "name": "oidc", "config": { "id": "oidc", "hooks": { "after": [ {} ] }, "endpoints": {}, "schema": { "oauthApplication": { "modelName": "oauthApplication", "fields": { "name": { "type": "string" }, "icon": { "type": "string", "required": false }, "metadata": { "type": "string", "required": false }, "clientId": { "type": "string", "unique": true }, "clientSecret": { "type": "string", "required": false }, "redirectUrls": { "type": "string" }, "type": { "type": "string" }, "disabled": { "type": "boolean", "required": false, "defaultValue": false }, "userId": { "type": "string", "required": false, "references": { "model": "user", "field": "id", "onDelete": "cascade" }, "index": true }, "createdAt": { "type": "date" }, "updatedAt": { "type": "date" } } }, "oauthAccessToken": { "modelName": "oauthAccessToken", "fields": { "accessToken": { "type": "string", "unique": true }, "refreshToken": { "type": "string", "unique": true }, "accessTokenExpiresAt": { "type": "date" }, "refreshTokenExpiresAt": { "type": "date" }, "clientId": { "type": "string", "references": { "model": "oauthApplication", "field": "clientId", "onDelete": "cascade" }, "index": true }, "userId": { "type": "string", "required": false, "references": { "model": "user", "field": "id", "onDelete": "cascade" }, "index": true }, "scopes": { "type": "string" }, "createdAt": { "type": "date" }, "updatedAt": { "type": "date" } } }, "oauthConsent": { "modelName": "oauthConsent", "fields": { "clientId": { "type": "string", "references": { "model": "oauthApplication", "field": "clientId", "onDelete": "cascade" }, "index": true }, "userId": { "type": "string", "references": { "model": "user", "field": "id", "onDelete": "cascade" }, "index": true }, "scopes": { "type": "string" }, "createdAt": { "type": "date" }, "updatedAt": { "type": "date" }, "consentGiven": { "type": "boolean" } } } }, "options": { "codeExpiresIn": 600, "defaultScope": "openid", "accessTokenExpiresIn": 3600, "refreshTokenExpiresIn": 604800, "allowPlainCodeChallengeMethod": true, "storeClientSecret": "[REDACTED]", "loginPage": "/sign-in", "trustedClients": [ { "clientId": "[REDACTED]", "name": "ALTERED for Raycast", "type": "public", "clientSecret": "[REDACTED]", "icon": "icon.png", "redirectUrls": [ "https://raycast.com/redirect?packageName=Extension" ], "disabled": false, "skipConsent": true, "metadata": { "platform": "raycast" } } ], "scopes": [ "openid", "profile", "email", "offline_access" ] } } }, { "name": "oidc-polyfill", "config": { "id": "oidc-polyfill", "endpoints": {} } } ], "advanced": { "database": {} } } } } ``` ### Which area(s) are affected? (Select all that apply) Backend ### Auth config (if applicable) ```typescript import { betterAuth } from "better-auth" import { drizzleAdapter } from "better-auth/adapters/drizzle" import { oidcProvider } from "better-auth/plugins" import { db } from "~/server/data/store" export const auth = betterAuth({ database: drizzleAdapter(db, { provider: "pg", usePlural: true }), plugins: [ oidcProvider({ loginPage: "/sign-in", trustedClients: [ { clientId: "altered-launcher", name: "ALTERED for Raycast", type: "public", clientSecret: "placeholder-secret", redirectUrls: ["https://raycast.com/redirect?packageName=Extension"], disabled: false, skipConsent: true, metadata: { platform: "raycast" } } ] }) ] }) ``` ### Additional context **RFC 7009 Compliance:** The OAuth 2.0 Token Revocation specification (RFC 7009) is a standard that should be implemented by OAuth 2.0 providers. It's particularly important for: - Native/mobile applications that need to log users out - Security: ability to immediately revoke compromised tokens - Token lifecycle management **Current OIDC endpoints:** - ✅ `/oauth2/authorize` - Authorization endpoint - ✅ `/oauth2/token` - Token endpoint - ✅ `/oauth2/userinfo` - UserInfo endpoint - ✅ `/oauth2/consent` - Consent endpoint - ✅ `/oauth2/register` - Client registration - ✅ `/oauth2/endsession` - RP-Initiated Logout - ❌ `/oauth2/revoke` - **Missing** Token Revocation endpoint **Related:** - RFC 7009: https://datatracker.ietf.org/doc/html/rfc7009 - BetterAuth OIDC plugin source: https://github.com/better-auth/better-auth/blob/5f89bfa076dbb71959a2582b43d13e49dddf0856/packages/better-auth/src/plugins/oidc-provider/index.ts

GiteaMirror added the locked label 2026-04-13 06:49:20 -05:00

GiteaMirror closed this issue 2026-04-13 06:49:20 -05:00

GiteaMirror commented 2026-04-13 06:49:21 -05:00

Author

Owner

Copy Link

@better-auth-agent[bot] commented on GitHub (Dec 9, 2025):

No reply.

If you need more help, tag @better-auth-agent in a comment so I can respond.

Diagram • Discord • GitHub

<!-- gh-comment-id:3634685149 --> @better-auth-agent[bot] commented on GitHub (Dec 9, 2025): No reply. _If you need more help, tag @better-auth-agent in a comment so I can respond._ <!-- bot:webhook reply v1 --> [Diagram](https://repodiagrams.s3.eu-north-1.amazonaws.com/skyvern_ultra_detailed_interactive.html) • [Discord](https://discord.gg/fG2XXEuQX3) • [GitHub](https://github.com/Skyvern-AI/Skyvern) [](https://repodiagrams.s3.eu-north-1.amazonaws.com/skyvern_ultra_detailed_interactive.html) [](https://discord.gg/fG2XXEuQX3) [](https://github.com/Skyvern-AI/Skyvern)

GiteaMirror commented 2026-04-13 06:49:22 -05:00

Author

Owner

Copy Link

@dvanmali commented on GitHub (Dec 15, 2025):

Same as #4624, addressed in #4163

<!-- gh-comment-id:3656690061 --> @dvanmali commented on GitHub (Dec 15, 2025): Same as #4624, addressed in #4163

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

2026-05-22/chore/adopt-agents-md

2026-05-22/refactor/string-case-utils

dependabot/npm_and_yarn/uuid-14.0.0

dependabot/npm_and_yarn/turbo-2.9.14

changeset-release/main

main

2026-05-14/fix/passkey-verify-error-and-claim

dependabot/npm_and_yarn/samlify-2.13.0

dependabot/npm_and_yarn/ws-8.20.1

changeset-release/next

next

ping-maxwell/c-ping-maxwell/fix-error-link-apostrophe-f89a

dependabot/npm_and_yarn/demo/electron/demo-minor-patch-519ef7475f

dependabot/github_actions/github-actions-98f3470200

client-assertions-main

2026-05-15/ci/fix-sqlite-abi-mismatch

2026-05-15/fix/organization-team-add-cascade

2026-05-15/fix/parse-set-cookie-value-validation

2026-05-13/feat/captcha-wildcard-endpoints

2026-05-13/ci/stabilize-docker-startup

fix/i18n-before-hook-translation

fix/disable-migration-generate

2026-05-07/fix/admin-set-password-upsert

2026-05-10/fix/cookie-drain-order

2026-05-10/feat/hooks-finally

2026-05-09/fix/cookie-drain-order

2026-05-09/feat/hooks-finally

2026-05-08/feat/register-before-send

fix/stripe/subscription-data-merge

2026-05-01/chore/pnpm-v11-harden

chore/pnpm-v11

2026-04-29/feat/google-include-granted-scopes

2026-04-29/fix/oauth-account-scope-semantics

2026-04-27/fix/nextcookies-idempotent-writes

2026-04-26/fix/harden-proxy-host-validation

2026-04-26/refactor/stripe-callback-signature-cleanup

2026-04-26/fix/stripe-subscription-callback-timing

2026-04-11/fix/sveltekit-app-modules

feat/open-api-zod-contract

feat/oauth-provider-backchannel-logout-next

feat/oauth-idp-initiated-bounce

refactor/sign-in-challenges

2026-04-21/fix/oauth-rfc-input-validation

fix/release-notes-new-packages

fix/two-factor-identity-guard

fix/resource

feat/emailpassword-authorize

2026-04-12/security/dynamic-baseurl-proxy-trust-default

feat/oauth-provider-at-hash-v2

fix/release-grep-fallback

claude/address-review-comments-JhFLr

claude/slack-update-stripe-docs-consistency-8Sc0w

feat/async-auth

fix/two-factor-totp-verified-enrollment

feat/plugin-ui

codex/blog-1-6-release-post

2026-04-06/fix/type-any-guards

2026-04-05/chore/downgrade-better-call

2026-04-04/ci/skip-vercel-fork-prs

2026-03-28/ci/add-autofix-ci

chore/release-preview-script

himself65/2026/02/19/role

2026-03-24/fix/update-user-info-on-link

2026-03-20/docs/improve-website

2026-03-20/fix/anonymous-onlinkaccount-expo

2026-02-17/fix/anonymous-link-state

fix/8607-saml-inresponseto

fix/8549-scim-patch-noop

v1.4.x

refactor/migration-snapshot-tests

worktree-magic-link-additional-data

chore/migrate-build-to-rollup

worktree-fix-dynamic-baseurl-8447

2026-03-06/chore/public-api-check

fix/close-8156-regression-test

fix/secondary-storage-json-error-handling

himself65/verification-namespace

cursor/issue-8307-validation-79a3

himself65/2026/01/30/error-mdx

v1.4.x-staging

fix/email-otp-user

fix/restrict-full-organization-access-roles

himself65/2026/02/12/count

himself65/2026/02/04/define-plugin

2026-02-04/feat/add-pluralize

cursor/better-auth-js-integration-ec21

cursor/expo-state-mismatch-394c

2026-02-01/fix/org-update-role-sync-members

cursor/issue-7607-investigation-e146

cursor/email-generation-helper-0ff6

himself65/2026/01/21/avoid-spread-operator

himself65/2026/01/14/cli

claude/slack-add-docs-pr-NMvgO

claude/slack-add-advanced-useplural-WHKYL

feat/hooks-pos

feat/2fa-phone

feat/2fa

fix/rotation

fix/username-check

v1.3.x

refactor/organization

feat/multiple-client-ids-social-providers

better-auth@1.6.11

auth@1.6.11

@better-auth/test-utils@1.6.11

@better-auth/telemetry@1.6.11

@better-auth/stripe@1.6.11

@better-auth/sso@1.6.11

@better-auth/scim@1.6.11

@better-auth/api-key@1.6.11

@better-auth/redis-storage@1.6.11

@better-auth/core@1.6.11

@better-auth/oauth-provider@1.6.11

@better-auth/mongo-adapter@1.6.11

@better-auth/memory-adapter@1.6.11

@better-auth/kysely-adapter@1.6.11

@better-auth/i18n@1.6.11

@better-auth/expo@1.6.11

@better-auth/electron@1.6.11

@better-auth/drizzle-adapter@1.6.11

@better-auth/prisma-adapter@1.6.11

@better-auth/passkey@1.6.11

v1.6.11

better-auth@1.7.0-beta.3

auth@1.7.0-beta.3

@better-auth/test-utils@1.7.0-beta.3

@better-auth/telemetry@1.7.0-beta.3

@better-auth/stripe@1.7.0-beta.3

@better-auth/sso@1.7.0-beta.3

@better-auth/scim@1.7.0-beta.3

@better-auth/redis-storage@1.7.0-beta.3

@better-auth/prisma-adapter@1.7.0-beta.3

@better-auth/passkey@1.7.0-beta.3

@better-auth/oauth-provider@1.7.0-beta.3

@better-auth/mongo-adapter@1.7.0-beta.3

@better-auth/memory-adapter@1.7.0-beta.3

@better-auth/kysely-adapter@1.7.0-beta.3

@better-auth/i18n@1.7.0-beta.3

@better-auth/expo@1.7.0-beta.3

@better-auth/electron@1.7.0-beta.3

@better-auth/drizzle-adapter@1.7.0-beta.3

@better-auth/core@1.7.0-beta.3

@better-auth/cimd@1.7.0-beta.3

@better-auth/api-key@1.7.0-beta.3

v1.7.0-beta.3

better-auth@1.6.10

auth@1.6.10

@better-auth/test-utils@1.6.10

@better-auth/telemetry@1.6.10

@better-auth/stripe@1.6.10

@better-auth/sso@1.6.10

@better-auth/scim@1.6.10

@better-auth/redis-storage@1.6.10

@better-auth/prisma-adapter@1.6.10

@better-auth/passkey@1.6.10

@better-auth/oauth-provider@1.6.10

@better-auth/mongo-adapter@1.6.10

@better-auth/memory-adapter@1.6.10

@better-auth/kysely-adapter@1.6.10

@better-auth/i18n@1.6.10

@better-auth/expo@1.6.10

@better-auth/electron@1.6.10

@better-auth/drizzle-adapter@1.6.10

@better-auth/core@1.6.10

@better-auth/api-key@1.6.10

v1.6.10

better-auth@1.6.9

auth@1.6.9

@better-auth/test-utils@1.6.9

@better-auth/telemetry@1.6.9

@better-auth/stripe@1.6.9

@better-auth/sso@1.6.9

@better-auth/scim@1.6.9

@better-auth/redis-storage@1.6.9

@better-auth/prisma-adapter@1.6.9

@better-auth/passkey@1.6.9

@better-auth/oauth-provider@1.6.9

@better-auth/mongo-adapter@1.6.9

@better-auth/memory-adapter@1.6.9

@better-auth/kysely-adapter@1.6.9

@better-auth/i18n@1.6.9

@better-auth/expo@1.6.9

@better-auth/electron@1.6.9

@better-auth/drizzle-adapter@1.6.9

@better-auth/core@1.6.9

@better-auth/api-key@1.6.9

v1.6.9

better-auth@1.6.8

auth@1.6.8

@better-auth/test-utils@1.6.8

@better-auth/telemetry@1.6.8

@better-auth/stripe@1.6.8

@better-auth/sso@1.6.8

@better-auth/scim@1.6.8

@better-auth/redis-storage@1.6.8

@better-auth/prisma-adapter@1.6.8

@better-auth/passkey@1.6.8

@better-auth/oauth-provider@1.6.8

@better-auth/mongo-adapter@1.6.8

@better-auth/memory-adapter@1.6.8

@better-auth/kysely-adapter@1.6.8

@better-auth/i18n@1.6.8

@better-auth/expo@1.6.8

@better-auth/electron@1.6.8

@better-auth/drizzle-adapter@1.6.8

@better-auth/core@1.6.8

@better-auth/api-key@1.6.8

v1.6.8

@better-auth/api-key@1.7.0-beta.2

better-auth@1.7.0-beta.2

auth@1.7.0-beta.2

@better-auth/test-utils@1.7.0-beta.2

@better-auth/telemetry@1.7.0-beta.2

@better-auth/stripe@1.7.0-beta.2

@better-auth/sso@1.7.0-beta.2

@better-auth/scim@1.7.0-beta.2

@better-auth/redis-storage@1.7.0-beta.2

@better-auth/prisma-adapter@1.7.0-beta.2

@better-auth/passkey@1.7.0-beta.2

@better-auth/oauth-provider@1.7.0-beta.2

@better-auth/mongo-adapter@1.7.0-beta.2

@better-auth/memory-adapter@1.7.0-beta.2

@better-auth/kysely-adapter@1.7.0-beta.2

@better-auth/i18n@1.7.0-beta.2

@better-auth/expo@1.7.0-beta.2

@better-auth/electron@1.7.0-beta.2

@better-auth/drizzle-adapter@1.7.0-beta.2

@better-auth/core@1.7.0-beta.2

@better-auth/cimd@1.7.0-beta.2

v1.7.0-beta.2

better-auth@1.6.7

auth@1.6.7

@better-auth/test-utils@1.6.7

@better-auth/telemetry@1.6.7

@better-auth/stripe@1.6.7

@better-auth/sso@1.6.7

@better-auth/scim@1.6.7

@better-auth/redis-storage@1.6.7

@better-auth/prisma-adapter@1.6.7

@better-auth/passkey@1.6.7

@better-auth/oauth-provider@1.6.7

@better-auth/mongo-adapter@1.6.7

@better-auth/memory-adapter@1.6.7

@better-auth/kysely-adapter@1.6.7

@better-auth/i18n@1.6.7

@better-auth/expo@1.6.7

@better-auth/electron@1.6.7

@better-auth/drizzle-adapter@1.6.7

@better-auth/core@1.6.7

@better-auth/api-key@1.6.7

v1.6.7

better-auth@1.6.6

auth@1.6.6

@better-auth/test-utils@1.6.6

@better-auth/telemetry@1.6.6

@better-auth/stripe@1.6.6

@better-auth/sso@1.6.6

@better-auth/scim@1.6.6

@better-auth/redis-storage@1.6.6

@better-auth/prisma-adapter@1.6.6

@better-auth/passkey@1.6.6

@better-auth/oauth-provider@1.6.6

@better-auth/mongo-adapter@1.6.6

@better-auth/memory-adapter@1.6.6

@better-auth/kysely-adapter@1.6.6

@better-auth/i18n@1.6.6

@better-auth/expo@1.6.6

@better-auth/electron@1.6.6

@better-auth/drizzle-adapter@1.6.6

@better-auth/core@1.6.6

@better-auth/api-key@1.6.6

v1.6.6

better-auth@1.6.5

auth@1.6.5

@better-auth/test-utils@1.6.5

@better-auth/telemetry@1.6.5

@better-auth/stripe@1.6.5

@better-auth/sso@1.6.5

@better-auth/scim@1.6.5

@better-auth/redis-storage@1.6.5

@better-auth/prisma-adapter@1.6.5

@better-auth/passkey@1.6.5

@better-auth/oauth-provider@1.6.5

@better-auth/mongo-adapter@1.6.5

@better-auth/memory-adapter@1.6.5

@better-auth/kysely-adapter@1.6.5

@better-auth/i18n@1.6.5

@better-auth/expo@1.6.5

@better-auth/electron@1.6.5

@better-auth/drizzle-adapter@1.6.5

@better-auth/core@1.6.5

@better-auth/api-key@1.6.5

v1.6.5

@better-auth/api-key@1.6.4

better-auth@1.6.4

auth@1.6.4

@better-auth/test-utils@1.6.4

@better-auth/telemetry@1.6.4

@better-auth/stripe@1.6.4

@better-auth/sso@1.6.4

@better-auth/scim@1.6.4

@better-auth/redis-storage@1.6.4

@better-auth/prisma-adapter@1.6.4

@better-auth/passkey@1.6.4

@better-auth/oauth-provider@1.6.4

@better-auth/mongo-adapter@1.6.4

@better-auth/memory-adapter@1.6.4

@better-auth/kysely-adapter@1.6.4

@better-auth/i18n@1.6.4

@better-auth/expo@1.6.4

@better-auth/electron@1.6.4

@better-auth/drizzle-adapter@1.6.4

@better-auth/core@1.6.4

v1.6.4

@better-auth/cimd@1.7.0-beta.1

v1.7.0-beta.1

@better-auth/api-key@1.6.3

better-auth@1.6.3

auth@1.6.3

@better-auth/test-utils@1.6.3

@better-auth/telemetry@1.6.3

@better-auth/stripe@1.6.3

@better-auth/sso@1.6.3

@better-auth/scim@1.6.3

@better-auth/redis-storage@1.6.3

@better-auth/prisma-adapter@1.6.3

@better-auth/passkey@1.6.3

@better-auth/oauth-provider@1.6.3

@better-auth/mongo-adapter@1.6.3

@better-auth/memory-adapter@1.6.3

@better-auth/kysely-adapter@1.6.3

@better-auth/i18n@1.6.3

@better-auth/expo@1.6.3

@better-auth/electron@1.6.3

@better-auth/drizzle-adapter@1.6.3

@better-auth/core@1.6.3

v1.6.3

@better-auth/api-key@1.7.0-beta.0

better-auth@1.7.0-beta.0

auth@1.7.0-beta.0

@better-auth/test-utils@1.7.0-beta.0

@better-auth/telemetry@1.7.0-beta.0

@better-auth/stripe@1.7.0-beta.0

@better-auth/sso@1.7.0-beta.0

@better-auth/scim@1.7.0-beta.0

@better-auth/redis-storage@1.7.0-beta.0

@better-auth/prisma-adapter@1.7.0-beta.0

@better-auth/passkey@1.7.0-beta.0

@better-auth/oauth-provider@1.7.0-beta.0

@better-auth/mongo-adapter@1.7.0-beta.0

@better-auth/memory-adapter@1.7.0-beta.0

@better-auth/kysely-adapter@1.7.0-beta.0

@better-auth/i18n@1.7.0-beta.0

@better-auth/expo@1.7.0-beta.0

@better-auth/electron@1.7.0-beta.0

@better-auth/drizzle-adapter@1.7.0-beta.0

@better-auth/core@1.7.0-beta.0

v1.7.0-beta.0

better-auth@1.6.2

auth@1.6.2

@better-auth/test-utils@1.6.2

@better-auth/telemetry@1.6.2

@better-auth/stripe@1.6.2

@better-auth/sso@1.6.2

@better-auth/scim@1.6.2

@better-auth/redis-storage@1.6.2

@better-auth/prisma-adapter@1.6.2

@better-auth/passkey@1.6.2

@better-auth/oauth-provider@1.6.2

@better-auth/mongo-adapter@1.6.2

@better-auth/memory-adapter@1.6.2

@better-auth/kysely-adapter@1.6.2

@better-auth/i18n@1.6.2

@better-auth/expo@1.6.2

@better-auth/electron@1.6.2

@better-auth/drizzle-adapter@1.6.2

@better-auth/core@1.6.2

@better-auth/api-key@1.6.2

v1.6.2

better-auth@1.6.1

auth@1.6.1

@better-auth/test-utils@1.6.1

@better-auth/telemetry@1.6.1

@better-auth/stripe@1.6.1

@better-auth/sso@1.6.1

@better-auth/scim@1.6.1

@better-auth/redis-storage@1.6.1

@better-auth/prisma-adapter@1.6.1

@better-auth/passkey@1.6.1

@better-auth/oauth-provider@1.6.1

@better-auth/mongo-adapter@1.6.1

@better-auth/memory-adapter@1.6.1

@better-auth/kysely-adapter@1.6.1

@better-auth/i18n@1.6.1

@better-auth/expo@1.6.1

@better-auth/electron@1.6.1

@better-auth/drizzle-adapter@1.6.1

@better-auth/core@1.6.1

@better-auth/api-key@1.6.1

v1.6.1

better-auth@1.6.0

auth@1.6.0

@better-auth/test-utils@1.6.0

@better-auth/telemetry@1.6.0

@better-auth/stripe@1.6.0

@better-auth/sso@1.6.0

@better-auth/scim@1.6.0

@better-auth/redis-storage@1.6.0

@better-auth/prisma-adapter@1.6.0

@better-auth/passkey@1.6.0

@better-auth/oauth-provider@1.6.0

@better-auth/mongo-adapter@1.6.0

@better-auth/memory-adapter@1.6.0

@better-auth/kysely-adapter@1.6.0

@better-auth/i18n@1.6.0

@better-auth/expo@1.6.0

@better-auth/electron@1.6.0

@better-auth/drizzle-adapter@1.6.0

@better-auth/core@1.6.0

@better-auth/api-key@1.6.0

v1.6.0

v1.5.7-beta.1

v1.5.1-beta.4

v1.5.6

v1.4.22

v1.5.5

v1.5.4

v1.5.3

v1.5.2

v1.5.1-beta.3

v1.5.1-beta.2

v1.5.1

v1.4.21

v1.5.1-beta.1

v1.5.0

v1.4.20

v1.5.0-beta.20

v1.5.0-beta.19

v1.5.0-beta.18

v1.4.19

v1.5.0-beta.17

v1.5.0-beta.16

v1.5.0-beta.15

v1.5.0-beta.14

v1.5.0-beta.13

v1.5.0-beta.12

v1.5.0-beta.11

v1.4.18

v1.5.0-beta.10

v1.5.0-beta.9

v1.4.17

v1.4.16

v1.4.15

v1.5.0-beta.8

v1.4.14

v1.4.13

v1.5.0-beta.7

v1.4.12

v1.4.12-beta.2

v1.5.0-beta.6

v1.4.12-beta.1

v1.5.0-beta.5

v1.4.11

v1.5.0-beta.4

v1.4.11-beta.2

v1.5.0-beta.3

v1.4.11-beta.1

v1.4.10

v1.5.0-beta.2

v1.4.10-beta.1

v1.4.9-beta.1

v1.5.0-beta.1

v1.4.9

v1.4.8

v1.4.8-beta.7

v1.4.8-beta.6

v1.4.8-beta.5

v1.4.8-beta.4

v1.4.8-beta.3

v1.4.8-beta.2

v1.4.8-beta.1

v1.4.7

v1.4.7-beta.4

v1.4.7-beta.3

v1.4.7-beta.2

v1.4.6-beta.5

v1.4.7-beta.1

v1.4.6

v1.4.6-beta.4

v1.4.6-beta.3

v1.4.5

v1.4.6-beta.2

v1.4.6-beta.1

v1.4.5-beta.2

v1.4.5-beta.1

v1.4.4-beta.3

v1.4.4

v1.4.4-beta.2

v1.4.4-beta.1

v1.4.3

v1.4.2

v1.4.2-beta.5

v1.4.2-beta.4

v1.4.2-beta.3

v1.4.2-beta.2

v1.4.2-beta.1

v1.4.1

v1.4.1-beta.1

v1.4.0

v1.4.0-beta.28

v1.4.0-beta.27

v1.4.0-beta.26

v1.4.0-beta.25

v1.4.0-beta.24

v1.4.0-beta.23

v1.4.0-beta.22

v1.4.0-beta.21

v1.4.0-beta.20

v1.4.0-beta.19

v1.4.0-beta.18

v1.4.0-beta.17

v1.4.0-beta.16

v1.4.0-beta.15

v1.3.34

v1.3.33

v1.4.0-beta.14

v1.3.32

v1.3.31

v1.3.30

v1.4.0-beta.13

v1.3.29

v1.4.0-beta.12

v1.3.28

v1.4.0-beta.11

v1.4.0-beta.10

v1.4.0-beta.9

v1.4.0-beta.8

v1.3.27

v1.4.0-beta.7

v1.3.26

v1.3.25

v1.3.24

v1.4.0-beta.6

v1.3.23

v1.3.22

v1.3.21

v1.3.20

v1.3.19

v1.4.0-beta.5

v1.3.18

v1.4.0-beta.4

v1.3.17

v1.4.0-beta.3

v1.3.16

v1.3.15

v1.3.14

v1.4.0-beta.2

v1.3.13

v1.4.0-beta.1

v1.3.12

v1.3.11-beta.2

v1.3.11

v1.3.11-beta.1

v1.3.10

v1.3.10-beta.7

v1.3.10-beta.6

v1.3.10-beta.5

v1.3.10-beta.4

v1.3.10-beta.3

v1.3.10-beta.2

v1.3.10-beta.1

v1.3.9

v1.3.9-beta.4

v1.3.9-beta.3

v1.3.9-beta.2

v1.3.9-beta.1

v1.3.8

v1.3.8-beta.11

v1.3.8-beta.10

v1.3.8-beta.9

v1.3.8-beta.8

v1.3.8-beta.7

v1.3.8-beta.6

v1.3.8-beta.5

v1.3.8-beta.4

v1.3.8-beta.3

v1.3.8-beta.2

v1.3.8-beta.1

v1.3.7

v1.3.7-beta.4

v1.3.7-beta.3

v1.3.7-beta.2

v1.3.7-beta.1

v1.3.6

v1.3.6-beta.2

v1.3.6-beta.1

v1.3.5

v1.3.5-beta.7

v1.3.5-beta.6

v1.3.5-beta.5

v1.3.5-beta.4

v1.3.5-beta.3

v1.3.5-beta.2

v1.3.5-beta.1

better-auth@1.3.4

@better-auth/stripe@1.3.4

@better-auth/sso@1.3.4

@better-auth/expo@1.3.4

@better-auth/cli@1.3.4

v1.3.4-beta.3

v1.3.4-beta.2

v1.3.4-beta.1

v1.3.3

v1.3.2

v1.3.1

v1.3.1-beta.1

v1.3.0

v1.3.0-beta.11

v1.3.0-beta.10

v1.3.0-beta.9

v1.3.0-beta.8

v1.3.0-beta.7

v1.3.0-beta.6

v1.3.0-beta.5

v1.3.0-beta.4

v1.2.12

v1.3.0-beta.3

v1.3.0-beta.2

v1.3.0-beta.1

v1.2.11

v1.2.10

v1.2.10-pkce-fix.3

v1.2.10-beta.1

v1.2.9

v1.2.9-beta.10

v1.2.9-beta.9

feat/2867-oidcprovider-trusted

v1.2.9-beta.8

v1.2.9-beta.7

v1.2.9-beta.6

v1.2.9-beta.5

v1.2.9-beta.4

v1.2.9-beta.3

v1.2.9-beta.2

v1.2.9-beta.1

v1.2.8

v1.2.8-beta.8

v1.2.8-beta.7

v1.2.8-beta.6

v1.2.8-beta.5

v1.2.8-beta.4

v1.2.8-beta.3

v1.2.8-beta.2

v1.2.8-beta.1

v1.2.7

v1.2.7-beta.1

v1.2.6

v1.2.6-beta.13

v1.2.6-beta.12

v1.2.6-beta.11

v1.2.6-beta.10

v1.2.6-beta.9

v1.2.6-beta.8

v1.2.6-beta.7

v1.2.6-beta.6

v1.2.6-beta.5

v1.2.6-beta.4

v1.2.6-beta.3

v1.2.6-beta.2

v1.2.6-beta.1

v1.2.5

v1.2.5-beta.10

v1.2.5-beta.9

v1.2.5-beta.8

v1.2.5-beta.7

v1.2.5-beta.6

v1.2.5-beta.5

v1.2.5-beta.4

v1.2.5-beta.3

v1.2.5-beta.2

v1.2.5-beta.1

v1.2.4

v1.2.4-beta.12

v1.2.4-beta.11

v1.2.4-beta.10

v1.2.4-beta.9

v1.2.4-beta.8

v1.2.4-beta.7

v1.2.4-beta.6

v1.2.4-beta.5

v1.2.4-beta.4

v1.2.4-beta.3

v1.2.4-beta.2

v1.2.4-beta.1

v1.2.3

v1.2.3-beta.3

v1.2.3-beta.2

v1.2.3-beta.1

v1.2.2

v1.2.2-beta.6

v1.2.2-beta.5

v1.2.2-beta.4

v1.2.2-beta.3

v1.2.2-beta.2

v1.2.2-beta.1

v1.2.1

v1.2.1-beta.8

v1.2.1-beta.7

v1.2.1-beta.6

v1.2.1-beta.5

v1.2.1-beta.4

v1.2.1-beta.3

v1.2.1-beta.2

v1.2.1-beta.1

v1.2.0

v1.2.0-beta.19

v1.2.0-beta.18

v1.2.0-beta.17

v1.1.22-beta.2

v1.1.22-beta.1

v1.2.0-beta.16

v1.1.21

v1.1.21-beta.1

v1.2.0-beta.15

v1.1.20

v1.1.20-beta.5

v1.1.20-beta.4

v1.2.0-beta.14

v1.2.0-beta.13

v1.1.20-beta.3

v1.1.20-beta.2

v1.2.0-beta.12

v1.1.20-beta.1

v1.2.0-beta.11

v1.1.19

v1.1.19-beta.3

v1.2.0-beta.10

v1.2.0-beta.9

v1.2.0-beta.8

v1.2.0-beta.7

v1.1.19-beta.2

v1.1.19-beta.1

v1.1.18

v1.2.0-beta.6

v1.2.0-beta.5

v1.1.18-beta.3

v1.1.18-beta.2

v1.1.18-beta.1

v1.2.0-beta.4

v1.2.0-beta.3

v1.2.0-beta.2

v1.1.17

v1.2.0-beta.1

v1.1.17-beta.5

v1.1.17-beta.4

v1.1.17-beta.3

v1.1.17-beta.2

v1.1.17-beta.1

v1.1.16

v1.1.16-beta.10

v1.1.16-beta.9

v1.1.16-beta.8

v1.1.16-beta.7

v1.1.16-beta.6

v1.1.16-beta.5

v1.1.16-beta.4

v1.1.16-beta.3

v1.1.16-beta.2

v1.1.16-beta.1

v1.1.15

v1.1.15-beta.7

v1.1.15-beta.6

v1.1.15-beta.5

v1.1.15-beta.4

v1.1.15-beta.3

v1.1.15-beta.2

v1.1.15-beta.1

v1.1.14

v1.1.14-beta.6

v1.1.14-beta.5

v1.1.14-beta.4

v1.1.14-beta.3

v1.1.14-beta.2

v1.1.14-beta.1

v1.1.13

v1.1.13-beta.3

v1.1.13-beta.2

v1.1.13-beta.1

v1.1.12

v1.1.12-beta.4

v1.1.12-beta.3

v1.1.12-beta.2

v1.1.12-beta.1

v1.1.11

v1.1.11-beta.1

v1.1.10

v1.1.10-beta.2

v1.1.10-beta.1

v1.1.9

v1.1.9-beta.1

v1.1.8

v1.1.8-beta.3

v1.1.8-beta.2

v1.1.8-beta.1

v1.1.7

v1.1.7-beta.5

v1.1.7-beta.4

v1.1.7-beta.3

v1.1.7-beta.2

v1.1.7-beta.1

v1.1.6

v1.1.5

v1.1.4

v1.1.4-beta.2

v1.1.4-beta.1

v1.1.3

v1.1.3-beta.9

v1.1.3-beta.8

v1.1.3-beta.7

v1.1.3-beta.6

v1.1.3-beta.4

v1.1.3-beta.2

v1.1.3-beta.1

v1.1.2

v1.1.2-beta.4

v1.1.2-beta.3

v1.1.2-beta.2

v1.1.2-beta.1

v1.1.1

v1.1.0

v1.0.23-beta.6

v1.0.23-beta.5

v1.0.23-beta.4

v1.0.23-beta.3

v1.0.23-beta.2

v1.0.23-beta.1

v1.0.22

v1.0.22-beta.4

v1.0.22-beta.3

v1.0.22-beta.2

v1.0.22-beta.1

v1.0.21

v1.0.20

v1.0.19

v1.0.18

v1.0.17

v1.0.16

v1.0.16-beta.2

v1.0.16-beta.1

v1.0.15

v1.0.15-beta.1

v1.0.14

v1.0.13

v1.0.12

v1.0.12-beta.3

v1.0.12-beta.2

v1.0.12-beta.1

v1.0.11

v1.0.11-beta.8

v1.0.11-beta.7

v1.0.11-beta.6

v1.0.11-beta.5

v1.0.11-beta.4

v1.0.11-beta.3

v1.0.11-beta.2

v1.0.11-beta.1

v1.0.10

v1.0.10-beta.3

v1.0.10-beta.2

v1.0.10-beta.1

v1.0.9

v1.0.9-beta.7

v1.0.9-beta.6

v1.0.9-beta.5

v1.0.9-beta.4

v1.0.9-beta.3

v1.0.9-beta.2

v1.0.9-beta.1

v1.0.8

v1.0.8-beta.4

v1.0.8-beta.3

v1.0.8-beta.2

v1.0.8-beta.1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-canary.14

v1.0.0-canary.13

v1.0.0-canary.12

v1.0.0-canary.11

v1.0.0-canary.10

v1.0.0-canary.9

v1.0.0-canary.8

v1.0.0-canary.7

v1.0.0-canary.6

v0.8.9-beta.2

v0.8.9-beta.1

v1.0.0-canary.5

v1.0.0-canary.4

v1.0.0-canary.3

v1.0.0-canary.2

v1.0.0-canary.1

v0.8.8

v0.8.8-beta.2

v0.8.8-beta.1

v0.9.0-canary.1

v0.8.7

v0.8.7-canary.2

v0.8.7-canary.1

v0.8.7-beta.5

v0.8.7-beta.4

v0.8.7-beta.3

v0.8.7-beta.2

v0.8.7-beta.1

v0.8.6

v0.8.6-beta.6

v0.8.6-beta.5

v0.8.6-beta.4

v0.8.6-beta.3

v0.8.6-beta.2

v0.8.6-beta.1

v0.8.5

v0.8.5-beta.3

v0.8.5-beta.2

v0.8.5-beta.1

v0.8.4

v0.8.4-beta.7

v0.8.4-beta.6

v0.8.4-beta.5

v0.8.4-beta.4

v0.8.4-beta.2

v0.8.4-beta.1

v0.8.3

v0.8.3-beta.7

v0.8.3-beta.6

v0.8.3-beta.5

v0.8.3-beta.4

v0.8.3-beta.3

v0.8.3-beta.2

v0.8.3-beta.1

v0.8.2

v0.8.2-beta.3

v0.8.2-beta.2

v0.8.2-beta.1

v0.8.1

v0.8.1-beta.5

v0.8.1-beta.4

v0.8.1-beta.3

v0.8.1-beta.2

v0.8.1-beta.1

v0.8.0

v0.7.6-beta.4

v0.7.6-beta.3

v0.7.6-beta.2

v0.7.6-beta.1

v0.7.5

v0.7.5-beta.9

v0.7.5-beta.8

v0.7.5-beta.7

v0.7.5-beta.6

v0.7.5-beta.5

v0.7.5-beta.4

v0.7.5-beta.3

v0.7.5-beta.2

v0.7.5-beta.1

v0.7.4

v0.7.4-beta.1

v0.7.3

v0.7.3-beta.11

v0.7.3-beta.10

v0.7.3-beta.9

v0.7.3-beta.8

v0.7.3-beta.7

v0.7.3-beta.6

v0.7.3-beta.5

v0.7.3-beta.4

v0.7.3-beta.3

v0.7.3-beta.2

v0.7.3-beta.1

v0.7.2

v0.7.2-beta.5

v0.7.2-beta.4

v0.7.2-beta.3

v0.7.2-beta.2

v0.7.2-beta.1

v0.7.1

v0.7.1-beta.6

v0.7.1-beta.5

v0.7.1-beta.4

v0.7.1-beta.3

v0.7.1-beta.2

v0.7.1-beta.1

v0.7.0

v0.7.0-beta.1

v0.6.3-beta.5

v0.6.3-beta.4

v0.6.3-beta.3

v0.6.3-beta.2

v0.6.3-beta.1

v0.6.2

v0.6.2-beta.8

v0.6.2-beta.7

v0.6.2-beta.6

v0.6.2-beta.5

v0.6.2-beta.4

v0.6.2-beta.3

v0.6.2-beta.2

v0.6.2-beta.1

v0.6.1

v0.6.1-beta.9

v0.6.1-beta.8

v0.6.1-beta.7

v0.6.1-beta.6

v0.6.1-beta.5

v0.6.1-beta.4

v0.6.1-beta.3

v0.6.1-beta.2

v0.6.1-beta.1

v0.6.0

v0.6.0-beta.1

v0.5.4-beta.9

v0.5.4-beta.8

v0.5.4-beta.7

v0.5.4-beta.6

v0.5.4-beta.5

v0.5.4-beta.4

v0.5.4-beta.3

v0.5.4-beta.2

v0.5.4-beta.1

v0.5.3

v0.5.3-beta.17

v0.5.3-beta.16

v0.5.3-beta.15

v0.5.3-beta.14

v0.5.3-beta.13

v0.5.3-beta.12

v0.5.3-beta.11

v0.5.3-beta.10

v0.5.3-beta.9

v0.5.3-beta.8

v0.5.3-beta.7

v0.5.3-beta.6

v0.5.3-beta.5

v0.5.3-beta.4

v0.5.3-beta.3

v0.5.3-beta.2

v0.5.3-beta.1

v0.5.2

v0.5.2-beta.21

v0.5.2-beta.20

v0.5.2-beta.19

v0.5.2-beta.18

v0.5.2-beta.17

v0.5.2-beta.16

v0.5.2-beta.15

v0.5.2-beta.14

v0.5.2-beta.13

v0.5.2-beta.12

v0.5.2-beta.11

v0.5.2-beta.10

v0.5.2-beta.9

v0.5.2-beta.8

v0.5.2-beta.7

v0.5.2-beta.6

v0.5.2-beta.5

v0.5.2-beta.4

v0.5.2-beta.3

v0.5.2-beta.2

v0.5.2-beta.1

v0.5.1

v0.5.1-beta.7

v0.5.1-beta.6

v0.5.1-beta.5

v0.5.1-beta.4

v0.5.1-beta.3

v0.5.1-beta.2

v0.5.1-beta.1

v0.5.0

v0.4.14-beta.2

v0.4.14-beta.1

v0.4.13

v0.4.12

v0.4.12-beta.7

v0.4.12-beta.6

v0.4.12-beta.5

v0.4.12-beta.4

v0.4.12-beta.3

v0.4.12-beta.2

v0.4.12-beta.1

v0.4.11

v0.4.11-beta.3

v0.4.11-beta.2

v0.4.11-beta.1

v0.4.10-beta.10

v0.4.10-beta.9

v0.4.10

v0.4.10-beta.8

v0.4.10-beta.7

v0.4.10-beta.6

v0.4.10-beta.5

v0.4.10-beta.4

v0.4.10-beta.3

v0.4.10-beta.2

v0.4.10-beta.1

v0.4.9

v0.4.9-beta.14

v0.4.9-beta.13

v0.4.9-beta.12

v0.4.9-beta.11

v0.4.9-beta.10

v0.4.9-beta.9

v0.4.9-beta.8

v0.4.9-beta.7

v0.4.9-beta.6

v0.4.9-beta.5

v0.4.9-beta.4

v0.4.9-beta.3

v0.4.9-beta.2

v0.4.9-beta.1

v0.4.8

v0.4.7

v0.4.7-beta.2

v0.4.7-beta.1

v0.4.6

v0.4.5

v0.4.4

v0.4.4-beta.1

v0.4.3

v0.4.3-beta.1

v0.4.2

v0.4.2-beta.1

v0.4.1

v0.4.0

v0.3.6

v0.3.5

v0.3.5-beta.8

v0.3.5-beta.7

v0.3.5-beta.6

v0.3.5-beta.5

v0.3.5-beta.4

v0.3.5-beta.3

v0.3.5-beta.2

v0.3.5-beta.1

v0.3.4

v0.3.4-beta.6

v0.3.4-beta.5

v0.3.4-beta.4

v0.3.4-beta.3

v0.3.4-beta.2

v0.3.4-beta.1

v0.3.3

v0.3.3-beta.12

v0.3.3-beta.11

v0.3.3-beta.10

v0.3.3-beta.9

v0.3.3-beta.8

v0.3.3-beta.7

v0.3.3-beta.6

v0.3.3-beta.5

v0.3.3-beta.4

v0.3.3-beta.3

v0.3.3-beta.2

v0.3.3-beta.1

v0.3.2

v0.3.1

v0.3.0

v0.2.11

v0.2.10

v0.2.9

v0.2.9-beta.10

v0.2.9-beta.9

v0.2.9-beta.8

v0.2.9-beta.7

v0.2.9-beta.6

v0.2.9-beta.5

v0.2.9-beta.4

v0.2.9-beta.3

v0.2.9-beta.2

v0.2.9-beta.1

v0.2.8

v0.2.8-beta.13

v0.2.8-beta.12

v0.2.8-beta.11

v0.2.8-beta.10

v0.2.8-beta.9

v0.2.8-beta.8

v0.2.8-beta.7

v0.2.8-beta.6

v0.2.8-beta.5

v0.2.8-beta.4

v0.2.8-beta.3

v0.2.8-beta.2

v0.2.8-beta.1

v0.2.7

v0.2.6

v0.2.6-beta.10

v0.2.6-beta.9

v0.2.6-beta.8

v0.2.6-beta.7

v0.2.6-beta.6

v0.2.6-beta.5

v0.2.6-beta.4

v0.2.6-beta.3

v0.2.6-beta.2

v0.2.6-beta.1

v0.2.5

v0.2.5-beta.5

v0.2.5-beta.4

v0.2.5-beta.3

v0.2.5-beta.2

v0.2.5-beta.1

v0.2.4

v0.2.3

v0.2.3-beta.14

v0.2.3-beta.13

v0.2.3-beta.12

v0.2.3-beta.11

v0.2.3-beta.10

v0.2.3-beta.9

v0.2.3-beta.8

v0.2.3-beta.7

v0.2.3-beta.6

v0.2.3-beta.5

v0.2.3-beta.4

v0.2.3-beta.3

v0.2.3-beta.2

v0.2.3-beta.1

v0.2.2

v0.2.1

v0.2.1-beta.1

v0.2.0

v0.1.1-beta.6

v0.1.1-beta.5

v0.1.1-beta.4

v0.1.1-beta.3

v0.1.1-beta.2

v0.1.1-beta.1

v0.1.0

v0.0.10-beta.27

v0.0.10-beta.26

v0.0.10-beta.25

v0.0.10-beta.24

v0.0.10-beta.23

v0.0.10-beta.22

v0.0.10-beta.21

v0.0.10-beta.20

v0.0.10-beta.19

v0.0.10-beta.18

v0.0.10-beta.17

v0.0.10-beta.16

v0.0.10-beta.15

v0.0.10-beta.14

v0.0.10-beta.13

v0.0.10-beta.12

v0.0.10-beta.11

v0.0.10-beta.10

v0.0.10-beta.9

v0.0.10-beta.8

v0.0.10-beta.7

v0.0.10-beta.6

v0.0.10-beta.5

v0.0.10-beta.4

v0.0.10-beta.3

v0.0.10-beta.2

v0.0.10-beta.1

v0.0.9

v0.0.9-beta.38

v0.0.9-beta.37

v0.0.9-beta.36

v0.0.9-beta.35

v0.0.9-beta.34

v0.0.9-beta.33

v0.0.9-beta.32

v0.0.9-beta.31

v0.0.9-beta.30

v0.0.9-beta.29

v0.0.9-beta.28

v0.0.9-beta.27

v0.0.9-beta.26

v0.0.9-beta.25

v0.0.9-beta.24

v0.0.9-beta.23

v0.0.9-beta.22

v0.0.9-beta.21

v0.0.9-beta.20

v0.0.9-beta.19

v0.0.9-beta.18

v0.0.9-beta.17

v0.0.9-beta.16

v0.0.9-beta.15

v0.0.9-beta.14

v0.0.9-beta.13

v0.0.9-beta.12

v0.0.9-beta.11

v0.0.9-beta.10

v0.0.9-beta.9

v0.0.9-beta.8

v0.0.9-beta.7

v0.0.9-beta.6

v0.0.9-beta.5

v0.0.9-beta.4

v0.0.9-beta.3

v0.0.9-beta.2

v0.0.9-beta.1

v0.0.8

v0.0.8-beta.29

v0.0.8-beta.28

v0.0.8-beta.27

v0.0.8-beta.26

v0.0.8-beta.25

v0.0.8-beta.24

v0.0.8-beta.23

v0.0.8-beta.22

v0.0.8-beta.21

v0.0.8-beta.20

v0.0.8-beta.19

v0.0.8-beta.18

v0.0.8-beta.17

v0.0.8-beta.16

v0.0.8-beta.15

v0.0.8-beta.14

v0.0.8-beta.13

v0.0.8-beta.12

v0.0.8-beta.11

v0.0.8-beta.10

v0.0.8-beta.9

v0.0.8-beta.8

v0.0.8-beta.7

v0.0.8-beta.6

v0.0.8-beta.5

v0.0.8-beta.4

v0.0.8-beta.3

v0.0.8-beta.2

v0.0.8-beta.1

v0.0.7

v0.0.6

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.2-beta.8

v0.0.2-beta.7

v0.0.2-beta.6

v0.0.2-beta.5

v0.0.2-beta.4

v0.0.2-beta.3

v0.0.2-beta.2

v0.0.2-beta.1

Labels

Clear labels

adapter

astro

awaiting external contributor

blocked

breaking

breaking change

bug

c-devops

core

credentials

database

dependencies

devops

devtools

docs

documentation

duplicate

elysia

enhancement

enterprise

expo

express

fastify

good first issue

help wanted

hono

identity

infra

integration

invalid

javascript

locked

maintenance

need-more-information

needs: info

needs: repro

nextjs

nuxt

oauth

organization

P0

payments

perf

platform

plugin

pull-request

Mirrored from GitHub Pull Request

question

ready

regression

remix

security

social-provider

solid

stale

svelte

tanstack-start

tracking

version-bump

vue

wontfix

No Label locked

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/better-auth#10584