-
-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify AUTH_URL
usage in documentation
#12526
base: main
Are you sure you want to change the base?
Conversation
This clarifies some confusion on the usage of `AUTH_URL`, including its usage in production settings behind a reverse proxy.
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Skipped Deployment
|
@youngchingjui is attempting to deploy a commit to the authjs Team on Vercel. A member of the Team first needs to authorize it. |
@@ -45,7 +45,11 @@ to `true`. This tells Auth.js to trust the `X-Forwarded-Host` header from the re | |||
|
|||
### `AUTH_URL` | |||
|
|||
This environment variable is mostly unnecessary with v5 as the host is inferred from the request headers. However, if you are using a different base path, you can set this environment variable as well. For example, `AUTH_URL=http://localhost:3000/web/auth` or `AUTH_URL=https://company.com/app1/auth` | |||
Generally, this environment variable is inferred from the request headers in v5 and is not required. However, you should set AUTH_URL if: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally, this environment variable is inferred from the request headers in v5 and is not required. However, you should set AUTH_URL if: | |
Generally, this environment variable is inferred from the request headers in v5 and is not required. However, you should set `AUTH_URL` if: |
- Your application is behind a reverse proxy that does not sanitize headers | ||
- You are using a different base path, for example, AUTH_URL=http://localhost:3000/web/auth or AUTH_URL=https://company.com/app1/auth. | ||
|
||
If you experience issues with redirect URIs (e.g., being redirected to localhost instead of your domain), try setting the AUTH_URL environment variable to your desired base URL. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually I'm not a fan of this sentence, its a bit vague. Let's remove it?
This clarifies some confusion on the usage of
AUTH_URL
, including its usage in production settings behind a reverse proxy.☕️ Reasoning
🧢 Checklist
🎫 Affected issues
📌 Resources