Skip to main content

Function: default

providers/credentials.default

â–¸ default<CredentialsInputs>(config): CredentialsConfig

The Credentials provider allows you to handle signing in with arbitrary credentials, such as a username and password, domain, or two factor authentication or hardware device (e.g. YubiKey U2F / FIDO).

It is intended to support use cases where you have an existing system you need to authenticate users against.

It comes with the constraint that users authenticated in this manner are not persisted in the database, and consequently that the Credentials provider can only be used if JSON Web Tokens are enabled for sessions.

NOTE

The functionality provided for credentials based authentication is intentionally limited to discourage use of passwords due to the inherent security risks associated with them and the additional complexity associated with supporting usernames and passwords.

Example

import Auth from "@auth/core"
import { Credentials } from "@auth/core/providers/credentials"

const request = new Request("https://example.com")
const resposne = await AuthHandler(request, {
providers: [
Credentials({
credentials: {
username: { label: "Username" },
password: { label: "Password", type: "password" }
},
async authorize({ request }) {
const response = await fetch(request)
if(!response.ok) return null
return await response.json() ?? null
}
})
],
secret: "...",
trustHost: true,
})

See

Type parameters​

NameType
CredentialsInputsextends Record<string, CredentialInput> = Record<string, CredentialInput>

Parameters​

NameType
configPartial<CredentialsConfig<CredentialsInputs>>

Returns​

CredentialsConfig