errors
AdapterError��β
Todoβ
One of the database Adapter methods failed.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
AuthorizedCallbackErrorβ
Happens when the user is not authorized to access a route after executing the signIn callback.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
CallbackRouteErrorβ
This error occurs when the user cannot finish login. Depending on the provider type, this could have happened for multiple reasons.
Check out [auth][details] in the error message to know which provider failed.
Exampleβ
[auth][details]: { "provider": "github" }
For an OAuth provider, possible causes are:
- The user denied access to the application
- There was an error parsing the OAuth Profile:
Check out the provider's
profileoruserinfo.requestmethod to make sure it correctly fetches the user's profile. - The
signInorjwtcallback methods threw an uncaught error: Check the callback method implementations.
For an Email provider, possible causes are:
- The provided email/token combination was invalid/missing:
Check if the provider's
sendVerificationRequestmethod correctly sends the email. - The provided email/token combination has expired: Ask the user to log in again.
- There was an error with the database: Check the database logs.
For a Credentials provider, possible causes are:
- The
authorizemethod threw an uncaught error: Check the provider'sauthorizemethod. - The
signInorjwtcallback methods threw an uncaught error: Check the callback method implementations.
Check out [auth][cause] in the error message for more details.
It will show the original stack trace.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
CredentialsSigninβ
The authorize callback returned null in the Credentials provider.
We don't recommend providing information about which part of the credentials were wrong, as it might be abused by malicious hackers.
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
EmailSignInErrorβ
Happens when the login by an Email provider could not be started.
Possible causes are:
- The email sent from the client is invalid, could not be normalized by
EmailConfig.normalizeIdentifier - The provided email/token combination has expired: Ask the user to log in again.
- There was an error with the database: Check the database logs.
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
ErrorPageLoopβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
EventErrorβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
InvalidCallbackUrlβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
InvalidCheckβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
InvalidEndpointsβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
InvalidProviderβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
JWTSessionErrorβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
MissingAPIRouteβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
MissingAdapterβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
MissingAdapterMethodsβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
MissingAuthorizeβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
MissingCSRFβ
Error for missing CSRF tokens in client-side actions (signIn, signOut, useSession#update).
Thrown when actions lack the double submit cookie, essential for CSRF protection.
CSRF (Cross-Site Request Forgery) is an attack leveraging authenticated user credentials for unauthorized actions.
Double submit cookie pattern, a CSRF defense, requires matching values in a cookie and request parameter. More on this at MDN Web Docs.
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
MissingSecretβ
Auth.js requires a secret to be set, but none was not found. This is used to encrypt cookies, JWTs and other sensitive data.
If you are using a framework like Next.js, we try to automatically infer the secret from the AUTH_SECRET environment variable.
Alternatively, you can also explicitly set the AuthConfig.secret.
You can generate a good secret value:
- On Unix systems: type
openssl rand -hex 32in the terminal - Or generate one online
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
OAuthAccountNotLinkedβ
Todoβ
Thrown when an Email address is already associated with an account but the user is trying an OAuth account that is not linked to it.
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
OAuthCallbackErrorβ
Thrown when an OAuth provider returns an error during the sign in process. This could happen for example if the user denied access to the application or there was a configuration error.
For a full list of possible reasons, check out the specification Authorization Code Grant: Error Response
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
OAuthCreateUserErrorβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
OAuthProfileParseErrorβ
This error occurs during an OAuth sign in attempt when the provdier's
response could not be parsed. This could for example happen if the provider's API
changed, or the OAuth2Config.profile method is not implemented correctly.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
OAuthSignInErrorβ
Happens when login by OAuth could not be started.
Possible causes are:
- The Authorization Server is not compliant with the OAuth 2.0 or the OIDC specification. Check the details in the error message.
Check out [auth][details] in the error message to know which provider failed.
Exampleβ
[auth][details]: { "provider": "github" }
Extendsβ
SignInError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
SignInError.kind
SessionTokenErrorβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
SignOutErrorβ
Represents an error that occurs during the sign-out process. This error is logged when there are issues in terminating a user's session, either by failing to delete the session from the database (in database session strategies) or encountering issues during other parts of the sign-out process, such as emitting sign-out events or clearing session cookies.
The session cookie(s) are emptied even if this error is logged.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
UnknownActionβ
Auth.js was requested to handle an operation that it does not support.
See AuthAction for the supported actions.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
UnsupportedStrategyβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
UntrustedHostβ
Todoβ
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind
Verificationβ
The user's email/token combination was invalid. This could be because the email/token combination was not found in the database, or because the token has expired. Ask the user to log in again.
Extendsβ
AuthError
Propertiesβ
kindβ
kind?:
"signIn"|"error"
Determines on which page an error should be handled. Typically signIn errors can be handled in-page.
Inherited fromβ
AuthError.kind