[GH-ISSUE #3062] Google Signin throwing error #9455

New Issue

GiteaMirror · 2026-04-13T04:55:28-05:00

GiteaMirror commented

2026-04-13 04:55:28 -05:00

Originally created by @venkadeshshiva on GitHub (Jun 17, 2025).
Original GitHub issue: https://github.com/better-auth/better-auth/issues/3062

Is this suited for github?

Yes, this is suited for github

To Reproduce

I have nextjs app that is throwing an error while authenticating with google.

In the auth.ts I am using below code for social login

socialProviders: { github: { clientId: process.env.GITHUB_CLIENT_ID || "", clientSecret: process.env.GITHUB_CLIENT_SECRET || "", disableSignUp: process.env.GITHUB_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GITHUB_DISABLE_IMPLICIT_SIGNUP === "true", }, google: { clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID || "", clientSecret: process.env.GOOGLE_CLIENT_SECRET || "", disableSignUp: process.env.GOOGLE_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GOOGLE_DISABLE_IMPLICIT_SIGNUP === "true", }, },
For login I am using below code

`
const signInGoogle = async () => {

    await signIn.social({
        provider: "google",
        callbackURL: "/dashboard",
    },
        {
            onSuccess: (data) => {
                console.log("Login successful", data);
                router.push("/dashboard");
                toast.success("Login successful");
                setLoading(false);
            },
            onError: ({ error }) => {
                console.log("Login failed", error);
                toast.error("Login failed", {
                    description: error.message,
                });
                setLoading(false);
            },
        }).catch(({ error }) => {
            console.error("Error signing in:", error);
            toast.error("Something went wrong", {
                description: error.message,
            });
            setLoading(false);
        });
}

`

I am getting below issue after login the google

Backend I got below error,

ERROR [Better Auth]: State Mismatch. Verification not found

Current vs. Expected behavior

I shouldn't get the error

What version of Better Auth are you using?

1.2.9

Provide environment information

- OS [Windows, Linux]
- Browser [Edge]

Which area(s) are affected? (Select all that apply)

Package, Backend, Client

Auth config (if applicable)

import { betterAuth } from "better-auth";
import {
	bearer,
	admin as adminPlugin,
	multiSession,
	organization,
	twoFactor,
	oneTap,
	oAuthProxy,
	openAPI,
	oidcProvider,
	customSession,
	apiKey,
} from "better-auth/plugins";
import { nextCookies } from "better-auth/next-js";
import { passkey } from "better-auth/plugins/passkey";

import { prismaAdapter } from "better-auth/adapters/prisma";
import { PrismaClient } from "../../generated/prisma/client";
import { nodemailer } from "./email/nodemailer";
import { render } from "@react-email/components";
import { reactResetPasswordEmail } from "./email/reset-password";
import { reactInvitationEmail } from "./email/invitation";
import { ac, admin, myCustomRole, user } from "@/lib/permissions"

const from = process.env.BETTER_AUTH_EMAIL || "delivered@resend.dev";
const to = process.env.TEST_EMAIL || "";


const prisma = new PrismaClient();

export const auth = betterAuth({
	appName: "Better Auth Demo",
	database: prismaAdapter(prisma, {
		provider: "mongodb", // or "mysql", "postgresql", ...etc
	}),
	emailVerification: {
		async sendVerificationEmail({ user, url }) {
			const res = await nodemailer.sendMail({
				from,
				to: to || user.email,
				subject: "Verify your email address",
				html: `<a href="${url}">Verify your email address</a>`,
			});
			console.log(res, user.email);
		},
		disableSignUp: process.env.EMAIL_DISABLE_SIGNUP === "true",
	},
	account: {
		accountLinking: {
			trustedProviders: ["google", "github"],
		},
	},
	emailAndPassword: {
		enabled: true,
		async sendResetPassword({ user, url }) {
			await nodemailer.sendMail({
				from,
				to: user.email,
				subject: "Reset your password",
				html: await render(reactResetPasswordEmail({
					username: user.email,
					resetLink: url,
				}))
			});
		},
		requireEmailVerification: true,
	},
	socialProviders: {
		github: {
			clientId: process.env.GITHUB_CLIENT_ID || "",
			clientSecret: process.env.GITHUB_CLIENT_SECRET || "",
			disableSignUp: process.env.GITHUB_DISABLE_SIGNUP === "true",
			disableImplicitSignUp: process.env.GITHUB_DISABLE_IMPLICIT_SIGNUP === "true",
		},
		google: {
			clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID || "",
			clientSecret: process.env.GOOGLE_CLIENT_SECRET || "",
			disableSignUp: process.env.GOOGLE_DISABLE_SIGNUP === "true",
			disableImplicitSignUp: process.env.GOOGLE_DISABLE_IMPLICIT_SIGNUP === "true",
		},
	},
	plugins: [
		organization({
			teams: {
				enabled: true,
			},
			async sendInvitationEmail(data) {
				await nodemailer.sendMail({
					from,
					to: data.email,
					subject: "You've been invited to join an organization",
					html: await render(reactInvitationEmail({
						username: data.email,
						invitedByUsername: data.inviter.user.name,
						invitedByEmail: data.inviter.user.email,
						teamName: data.organization.name,
						inviteLink:
							process.env.NODE_ENV === "development"
								? `http://localhost:3000/accept-invitation/${data.id}`
								: `${process.env.BETTER_AUTH_URL ||
								"https://demo.better-auth.com"
								}/accept-invitation/${data.id}`,
					}))
				});
			},
		}),
		twoFactor({
			otpOptions: {
				async sendOTP({ user, otp }) {
					await nodemailer.sendMail({
						from,
						to: user.email,
						subject: "Your OTP",
						html: `Your OTP is ${otp}`,
					});
				},
			},
		}),
		passkey(),
		openAPI(),
		bearer(),
		adminPlugin({
			adminUserIds: ["FdWnemJlgm9y8sNyiNrUwBKSmkK84EeH"],
			ac,
			roles: {
				admin,
				user,
				myCustomRole
			}
		}),
		multiSession(),
		oAuthProxy(),
		nextCookies(),
		oidcProvider({
			loginPage: "/auth",
		}),
		oneTap(),
		apiKey({
			customAPIKeyGetter(ctx) {
				if (!ctx.request || !ctx.request.headers) return null;
				const has = ctx.request.headers.has("x-api-key");
				if (!has) return null;
				return ctx.request.headers.get("x-api-key");
			},
		}),
		customSession(async (session) => {
			return {
				...session,
				user: {
					...session.user,
					dd: "test",
				},
			};
		}),

	],
	trustedOrigins: [],
});

Additional context

No response

Originally created by @venkadeshshiva on GitHub (Jun 17, 2025). Original GitHub issue: https://github.com/better-auth/better-auth/issues/3062 ### Is this suited for github? - [x] Yes, this is suited for github ### To Reproduce I have nextjs app that is throwing an error while authenticating with google. In the auth.ts I am using below code for social login ` socialProviders: { github: { clientId: process.env.GITHUB_CLIENT_ID || "", clientSecret: process.env.GITHUB_CLIENT_SECRET || "", disableSignUp: process.env.GITHUB_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GITHUB_DISABLE_IMPLICIT_SIGNUP === "true", }, google: { clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID || "", clientSecret: process.env.GOOGLE_CLIENT_SECRET || "", disableSignUp: process.env.GOOGLE_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GOOGLE_DISABLE_IMPLICIT_SIGNUP === "true", }, }, ` For login I am using below code ` const signInGoogle = async () => { await signIn.social({ provider: "google", callbackURL: "/dashboard", }, { onSuccess: (data) => { console.log("Login successful", data); router.push("/dashboard"); toast.success("Login successful"); setLoading(false); }, onError: ({ error }) => { console.log("Login failed", error); toast.error("Login failed", { description: error.message, }); setLoading(false); }, }).catch(({ error }) => { console.error("Error signing in:", error); toast.error("Something went wrong", { description: error.message, }); setLoading(false); }); } ` I am getting below issue after login the google ![Image](https://github.com/user-attachments/assets/b1dfc1f9-2303-4a18-b4c0-699b5ebb617e) Backend I got below error, ERROR [Better Auth]: State Mismatch. Verification not found ### Current vs. Expected behavior I shouldn't get the error ### What version of Better Auth are you using? 1.2.9 ### Provide environment information ```bash - OS [Windows, Linux] - Browser [Edge] ``` ### Which area(s) are affected? (Select all that apply) Package, Backend, Client ### Auth config (if applicable) ```typescript import { betterAuth } from "better-auth"; import { bearer, admin as adminPlugin, multiSession, organization, twoFactor, oneTap, oAuthProxy, openAPI, oidcProvider, customSession, apiKey, } from "better-auth/plugins"; import { nextCookies } from "better-auth/next-js"; import { passkey } from "better-auth/plugins/passkey"; import { prismaAdapter } from "better-auth/adapters/prisma"; import { PrismaClient } from "../../generated/prisma/client"; import { nodemailer } from "./email/nodemailer"; import { render } from "@react-email/components"; import { reactResetPasswordEmail } from "./email/reset-password"; import { reactInvitationEmail } from "./email/invitation"; import { ac, admin, myCustomRole, user } from "@/lib/permissions" const from = process.env.BETTER_AUTH_EMAIL || "delivered@resend.dev"; const to = process.env.TEST_EMAIL || ""; const prisma = new PrismaClient(); export const auth = betterAuth({ appName: "Better Auth Demo", database: prismaAdapter(prisma, { provider: "mongodb", // or "mysql", "postgresql", ...etc }), emailVerification: { async sendVerificationEmail({ user, url }) { const res = await nodemailer.sendMail({ from, to: to || user.email, subject: "Verify your email address", html: `<a href="${url}">Verify your email address</a>`, }); console.log(res, user.email); }, disableSignUp: process.env.EMAIL_DISABLE_SIGNUP === "true", }, account: { accountLinking: { trustedProviders: ["google", "github"], }, }, emailAndPassword: { enabled: true, async sendResetPassword({ user, url }) { await nodemailer.sendMail({ from, to: user.email, subject: "Reset your password", html: await render(reactResetPasswordEmail({ username: user.email, resetLink: url, })) }); }, requireEmailVerification: true, }, socialProviders: { github: { clientId: process.env.GITHUB_CLIENT_ID || "", clientSecret: process.env.GITHUB_CLIENT_SECRET || "", disableSignUp: process.env.GITHUB_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GITHUB_DISABLE_IMPLICIT_SIGNUP === "true", }, google: { clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID || "", clientSecret: process.env.GOOGLE_CLIENT_SECRET || "", disableSignUp: process.env.GOOGLE_DISABLE_SIGNUP === "true", disableImplicitSignUp: process.env.GOOGLE_DISABLE_IMPLICIT_SIGNUP === "true", }, }, plugins: [ organization({ teams: { enabled: true, }, async sendInvitationEmail(data) { await nodemailer.sendMail({ from, to: data.email, subject: "You've been invited to join an organization", html: await render(reactInvitationEmail({ username: data.email, invitedByUsername: data.inviter.user.name, invitedByEmail: data.inviter.user.email, teamName: data.organization.name, inviteLink: process.env.NODE_ENV === "development" ? `http://localhost:3000/accept-invitation/${data.id}` : `${process.env.BETTER_AUTH_URL || "https://demo.better-auth.com" }/accept-invitation/${data.id}`, })) }); }, }), twoFactor({ otpOptions: { async sendOTP({ user, otp }) { await nodemailer.sendMail({ from, to: user.email, subject: "Your OTP", html: `Your OTP is ${otp}`, }); }, }, }), passkey(), openAPI(), bearer(), adminPlugin({ adminUserIds: ["FdWnemJlgm9y8sNyiNrUwBKSmkK84EeH"], ac, roles: { admin, user, myCustomRole } }), multiSession(), oAuthProxy(), nextCookies(), oidcProvider({ loginPage: "/auth", }), oneTap(), apiKey({ customAPIKeyGetter(ctx) { if (!ctx.request || !ctx.request.headers) return null; const has = ctx.request.headers.has("x-api-key"); if (!has) return null; return ctx.request.headers.get("x-api-key"); }, }), customSession(async (session) => { return { ...session, user: { ...session.user, dd: "test", }, }; }), ], trustedOrigins: [], }); ``` ### Additional context _No response_

GiteaMirror added the locked bug labels 2026-04-13 04:55:28 -05:00

GiteaMirror closed this issue

2026-04-13 04:55:29 -05:00

GiteaMirror commented

2026-04-13 04:55:30 -05:00

@Kinfe123 commented on GitHub (Jun 18, 2025):

can you please adjust the your trusted origin option to your trusted origin - trustedOrigins: ["http://localhost:3000"]

@Kinfe123 commented on GitHub (Jun 18, 2025): can you please adjust the your trusted origin option to your trusted origin - `trustedOrigins: ["http://localhost:3000"] `

GiteaMirror commented

2026-04-13 04:55:31 -05:00

@venkadeshshiva commented on GitHub (Jun 18, 2025):

can you please adjust the your trusted origin option to your trusted origin - trustedOrigins: ["http://localhost:3000"]

Added http://localhost:3000 in the trustedOrigins. but still facing same issue.

@venkadeshshiva commented on GitHub (Jun 18, 2025): > can you please adjust the your trusted origin option to your trusted origin - `trustedOrigins: ["http://localhost:3000"] ` Added http://localhost:3000 in the trustedOrigins. but still facing same issue.

GiteaMirror commented

2026-04-13 04:55:31 -05:00

@dagmawibabi commented on GitHub (Jul 10, 2025):

@venkadeshshiva have you checked your Google Cloud Console

In the Google Cloud Console > Credentials > Authorized redirect URIs, make sure to set the redirect URL to http://localhost:3000/api/auth/callback/google for local development. For production, make sure to set the redirect URL as your application domain, e.g. https://example.com/api/auth/callback/google. If you change the base path of the auth routes, you should update the redirect URL accordingly.

@dagmawibabi commented on GitHub (Jul 10, 2025): @venkadeshshiva have you checked your [Google Cloud Console](https://console.cloud.google.com/apis/dashboard) In the Google Cloud Console > Credentials > Authorized redirect URIs, make sure to set the redirect URL to http://localhost:3000/api/auth/callback/google for local development. For production, make sure to set the redirect URL as your application domain, e.g. https://example.com/api/auth/callback/google. If you change the base path of the auth routes, you should update the redirect URL accordingly.

GiteaMirror commented

2026-04-13 04:55:32 -05:00

@darrencarlin commented on GitHub (Jul 10, 2025):

I am facing the same issue in my production environment, I do not get the error locally...

Vercel logs show the same error as above

ERROR [Better Auth]: State Mismatch. Verification not found

Next JS 15.3.5
Chrome, MacOS
Redirects are setup correctly in Google Cloud Console

In my scenario I have imported users from supabase -> neon.

Here is my auth.ts

import bcrypt from "bcryptjs";
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { v4 as uuidv4 } from "uuid";
import { db } from "../db";
import * as schema from "@/lib/db/schema";
import { sendEmailVerificationEmail, sendPasswordResetEmail } from "../queries";

export const auth = betterAuth({
  appName: "The Guinness Map",
  database: drizzleAdapter(db, {
    provider: "pg",
    schema: {
      user: schema.user,
      account: schema.account,
      session: schema.session,
      verification: schema.verification,
    },
  }),
  trustedOrigins: [
    "http://localhost:3000",
    "https://my-project-iota-nine-36.vercel.app",
  ],
  // We used UUID's in the previous setup on the old website for ID's
  advanced: {
    database: {
      generateId: () => uuidv4(),
    },
  },
  // We are using a custom password setup to match the previous setup on the old website.
  // Better auth defaults to scrypt but we used bcrypt previously.
  emailAndPassword: {
    enabled: true,
    sendResetPassword: async ({ user, token }) => {
      await sendPasswordResetEmail({
        to: user.email,
        subject: "Reset your password",
        token,
      });
    },
    requireEmailVerification: true,
    password: {
      hash: async (password) => {
        const ROUNDS = 10;
        const hashedPassword = await bcrypt.hash(password, ROUNDS);
        return hashedPassword;
      },
      verify: async ({ hash, password }) => {
        const isMatch = await bcrypt.compare(password, hash);
        return isMatch;
      },
    },
  },
  emailVerification: {
    sendOnSignUp: true,
    autoSignInAfterVerification: true,
    sendVerificationEmail: async ({ user, url }) => {
      await sendEmailVerificationEmail({
        to: user.email,
        subject: "Verify your email address",
        url: url,
      });
    },
  },
  socialProviders: {
    google: {
      prompt: "select_account",
      clientId: process.env.GOOGLE_CLIENT_ID as string,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
    },
    twitter: {
      clientId: process.env.TWITTER_CLIENT_ID as string,
      clientSecret: process.env.TWITTER_CLIENT_SECRET as string,
    },
  },
  // Allow users to sign-in via multiple types of accounts, google email/password etc
  account: {
    accountLinking: {
      enabled: true,
      trustedProviders: ["google", "twitter"],
      allowDifferentEmails: false,
    },
  },
  user: {
    additionalFields: {
      username: {
        type: "string",
      },
      url: {
        type: "string",
      },
      bio: {
        type: "string",
      },
      badges: {
        type: "string[]",
      },
      publicProfile: {
        type: "boolean",
      },
      reviewCount: {
        type: "number",
      },
    },
  },
});

@darrencarlin commented on GitHub (Jul 10, 2025): I am facing the same issue in my production environment, I do not get the error locally... Vercel logs show the same error as above ``` ERROR [Better Auth]: State Mismatch. Verification not found ``` - Next JS 15.3.5 - Chrome, MacOS - Redirects are setup correctly in Google Cloud Console In my scenario I have imported users from supabase -> neon. Here is my `auth.ts` ``` import bcrypt from "bcryptjs"; import { betterAuth } from "better-auth"; import { drizzleAdapter } from "better-auth/adapters/drizzle"; import { v4 as uuidv4 } from "uuid"; import { db } from "../db"; import * as schema from "@/lib/db/schema"; import { sendEmailVerificationEmail, sendPasswordResetEmail } from "../queries"; export const auth = betterAuth({ appName: "The Guinness Map", database: drizzleAdapter(db, { provider: "pg", schema: { user: schema.user, account: schema.account, session: schema.session, verification: schema.verification, }, }), trustedOrigins: [ "http://localhost:3000", "https://my-project-iota-nine-36.vercel.app", ], // We used UUID's in the previous setup on the old website for ID's advanced: { database: { generateId: () => uuidv4(), }, }, // We are using a custom password setup to match the previous setup on the old website. // Better auth defaults to scrypt but we used bcrypt previously. emailAndPassword: { enabled: true, sendResetPassword: async ({ user, token }) => { await sendPasswordResetEmail({ to: user.email, subject: "Reset your password", token, }); }, requireEmailVerification: true, password: { hash: async (password) => { const ROUNDS = 10; const hashedPassword = await bcrypt.hash(password, ROUNDS); return hashedPassword; }, verify: async ({ hash, password }) => { const isMatch = await bcrypt.compare(password, hash); return isMatch; }, }, }, emailVerification: { sendOnSignUp: true, autoSignInAfterVerification: true, sendVerificationEmail: async ({ user, url }) => { await sendEmailVerificationEmail({ to: user.email, subject: "Verify your email address", url: url, }); }, }, socialProviders: { google: { prompt: "select_account", clientId: process.env.GOOGLE_CLIENT_ID as string, clientSecret: process.env.GOOGLE_CLIENT_SECRET as string, }, twitter: { clientId: process.env.TWITTER_CLIENT_ID as string, clientSecret: process.env.TWITTER_CLIENT_SECRET as string, }, }, // Allow users to sign-in via multiple types of accounts, google email/password etc account: { accountLinking: { enabled: true, trustedProviders: ["google", "twitter"], allowDifferentEmails: false, }, }, user: { additionalFields: { username: { type: "string", }, url: { type: "string", }, bio: { type: "string", }, badges: { type: "string[]", }, publicProfile: { type: "boolean", }, reviewCount: { type: "number", }, }, }, }); ```

GiteaMirror commented

2026-04-13 04:55:33 -05:00

@Debbl commented on GitHub (Jul 11, 2025):

If you use serwist, you might want to try this: https://github.com/serwist/serwist/pull/277

@Debbl commented on GitHub (Jul 11, 2025): If you use serwist, you might want to try this: https://github.com/serwist/serwist/pull/277

GiteaMirror commented

2026-04-13 04:55:34 -05:00

@darrencarlin commented on GitHub (Jul 12, 2025):

@Debbl I came back to mention this was my issue! Thank you.

@darrencarlin commented on GitHub (Jul 12, 2025): @Debbl I came back to mention this was my issue! Thank you.

GiteaMirror commented

2026-04-13 04:55:35 -05:00

@dagmawibabi commented on GitHub (Jul 12, 2025):

@darrencarlin all resolved?

@dagmawibabi commented on GitHub (Jul 12, 2025): @darrencarlin all resolved?

GiteaMirror commented

2026-04-13 04:55:35 -05:00

@darrencarlin commented on GitHub (Jul 12, 2025):

@dagmawibabi yeah, all good! Be curious to know if it was something similar for the person who created the issue.

@darrencarlin commented on GitHub (Jul 12, 2025): @dagmawibabi yeah, all good! Be curious to know if it was something similar for the person who created the issue.

GiteaMirror commented

2026-04-13 04:55:37 -05:00

@dagmawibabi commented on GitHub (Jul 12, 2025):

@venkadeshshiva can you checkout this thread

@dagmawibabi commented on GitHub (Jul 12, 2025): @venkadeshshiva can you checkout this thread

GiteaMirror commented

2026-04-13 04:55:39 -05:00

@venkadeshshiva commented on GitHub (Jul 13, 2025):

Thanks a lot everyone. It works for me as well.

I am also using serwist in my nextjs 15 application. that thread helped me a lot.

@venkadeshshiva commented on GitHub (Jul 13, 2025): Thanks a lot everyone. It works for me as well. I am also using serwist in my nextjs 15 application. that thread helped me a lot.

Sign in to join this conversation.

Branches Tags

2026-05-22/chore/adopt-agents-md

2026-05-22/refactor/string-case-utils

dependabot/npm_and_yarn/uuid-14.0.0

dependabot/npm_and_yarn/turbo-2.9.14

changeset-release/main

main

2026-05-14/fix/passkey-verify-error-and-claim

dependabot/npm_and_yarn/samlify-2.13.0

dependabot/npm_and_yarn/ws-8.20.1

changeset-release/next

dependabot/npm_and_yarn/demo/electron/demo-minor-patch-519ef7475f

dependabot/github_actions/github-actions-98f3470200

client-assertions-main

2026-05-15/ci/fix-sqlite-abi-mismatch

2026-05-15/fix/organization-team-add-cascade

2026-05-15/fix/parse-set-cookie-value-validation

2026-05-13/feat/captcha-wildcard-endpoints

2026-05-13/ci/stabilize-docker-startup

fix/i18n-before-hook-translation

fix/disable-migration-generate

2026-05-07/fix/admin-set-password-upsert

2026-05-10/fix/cookie-drain-order

2026-05-10/feat/hooks-finally

2026-05-09/fix/cookie-drain-order

2026-05-09/feat/hooks-finally

2026-05-08/feat/register-before-send

fix/stripe/subscription-data-merge

2026-05-01/chore/pnpm-v11-harden

chore/pnpm-v11

2026-04-29/feat/google-include-granted-scopes

2026-04-29/fix/oauth-account-scope-semantics

2026-04-27/fix/nextcookies-idempotent-writes

2026-04-26/fix/harden-proxy-host-validation

2026-04-26/refactor/stripe-callback-signature-cleanup

2026-04-26/fix/stripe-subscription-callback-timing

2026-04-11/fix/sveltekit-app-modules

feat/open-api-zod-contract

feat/oauth-provider-backchannel-logout-next

feat/oauth-idp-initiated-bounce

refactor/sign-in-challenges

2026-04-21/fix/oauth-rfc-input-validation

fix/release-notes-new-packages

fix/two-factor-identity-guard

fix/resource

feat/emailpassword-authorize

2026-04-12/security/dynamic-baseurl-proxy-trust-default

feat/oauth-provider-at-hash-v2

fix/release-grep-fallback

claude/address-review-comments-JhFLr

claude/slack-update-stripe-docs-consistency-8Sc0w

feat/async-auth

fix/two-factor-totp-verified-enrollment

feat/plugin-ui

codex/blog-1-6-release-post

2026-04-06/fix/type-any-guards

2026-04-05/chore/downgrade-better-call

2026-04-04/ci/skip-vercel-fork-prs

2026-03-28/ci/add-autofix-ci

chore/release-preview-script

himself65/2026/02/19/role

2026-03-24/fix/update-user-info-on-link

2026-03-20/docs/improve-website

2026-03-20/fix/anonymous-onlinkaccount-expo

2026-02-17/fix/anonymous-link-state

fix/8607-saml-inresponseto

fix/8549-scim-patch-noop

v1.4.x

refactor/migration-snapshot-tests

worktree-magic-link-additional-data

chore/migrate-build-to-rollup

worktree-fix-dynamic-baseurl-8447

2026-03-06/chore/public-api-check

fix/close-8156-regression-test

fix/secondary-storage-json-error-handling

himself65/verification-namespace

cursor/issue-8307-validation-79a3

himself65/2026/01/30/error-mdx

v1.4.x-staging

fix/email-otp-user

fix/restrict-full-organization-access-roles

himself65/2026/02/12/count

himself65/2026/02/04/define-plugin

2026-02-04/feat/add-pluralize

cursor/better-auth-js-integration-ec21

cursor/expo-state-mismatch-394c

2026-02-01/fix/org-update-role-sync-members

cursor/issue-7607-investigation-e146

cursor/email-generation-helper-0ff6

himself65/2026/01/21/avoid-spread-operator

himself65/2026/01/14/cli

claude/slack-add-docs-pr-NMvgO

claude/slack-add-advanced-useplural-WHKYL

feat/hooks-pos

feat/2fa-phone

feat/2fa

fix/rotation

fix/username-check

v1.3.x

refactor/organization

feat/multiple-client-ids-social-providers

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/better-auth#9455