next-auth icon indicating copy to clipboard operation
next-auth copied to clipboard
verified publisher icon nextauthjs

Add workos authkit provider

Open fierysolid opened this issue 11 months ago • 10 comments

☕️ Reasoning

WorkOS has added their own IDP in the form of AuthKit and I'd like to use it with next-auth

🧢 Checklist

  • [x] Documentation
  • [x] Tests
  • [x] Ready to be merged

📌 Resources

fierysolid avatar Jan 15 '25 03:01 fierysolid

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
auth-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 3, 2025 4:18pm
1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
next-auth-docs ⬜️ Ignored (Inspect) Visit Preview Mar 3, 2025 4:18pm

vercel[bot] avatar Jan 15 '25 03:01 vercel[bot]

@fierysolid is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Jan 15 '25 03:01 vercel[bot]

I would love feedback about how I've implemented the provider from someone who has worked with this library extensively. Using request and conform feels like I'm doing something wrong, but this a working configuration.

fierysolid avatar Jan 15 '25 03:01 fierysolid

I’ve read the documentation, but I’m confused about the focus of this provider. According to their explanation:

If you are using AuthKit, set the provider parameter to authkit, which will generate an authorization URL for your AuthKit domain. AuthKit will take care... Otherwise, to generate an authorization URL for a WorkOS SSO connection, you’ll need to specify the user’s connection, organization, or OAuth provider as a parameter.

Based on this, if the user selects an authkitProvider value other than authkit, do they need to set both the connection_id and organization_id? If so, these values don’t seem to be available in the provider options for configuration.

On the other hand, Auth.js already includes a provider called WorkOs. What is the difference between this and the one mentioned in the documentation? Do you know if this API is still functional?

Thanks for your time!

WorkOS has an SSO passthrough and they also now have an IDP. The WorkOS provider is for the SSO only API, and this provider is for the IDP + SSO API which uses different URLs. The new IDP + SSO API also lets you use AuthKit while the older SSO API does not.

fierysolid avatar Jan 15 '25 21:01 fierysolid

Thank you for taking the time to provide a response. The differences and improvements applied to the new provider compared to the older one make perfect sense. 🤠

halvaradop avatar Jan 15 '25 23:01 halvaradop

Any updates with this - also notices {issuer} had been replaced with direct url.

JohnRSim avatar Feb 28 '25 15:02 JohnRSim

Any updates with this - also notices {issuer} had been replaced with direct url.

Nope, just sitting here waiting...

fierysolid avatar Feb 28 '25 16:02 fierysolid

@fierysolid Just tested on my workos instance

  • all great only 1 comment not sure if you checked in the svg for the auth signin page -

https://authjs.dev/img/providers/authkit.svg

JohnRSim avatar Mar 01 '25 17:03 JohnRSim

@JohnRSim we should just reuse the WorkOS svg. I'll change it so it references it.

fierysolid avatar Mar 01 '25 17:03 fierysolid

Okay, SVG added.

fierysolid avatar Mar 03 '25 16:03 fierysolid