JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 55
  • Score
    100M100P100Q99019F
  • License MIT

OIDC-compliant Convex plugin for Better Auth - Ensures JWT tokens only contain OIDC standard claims

Package Exports

  • convex-better-auth-oidc
  • convex-better-auth-oidc/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (convex-better-auth-oidc) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

convex-better-auth-oidc

OIDC-compliant Convex plugin for Better Auth.

Problem

The default convex() plugin from @convex-dev/better-auth includes all user fields (including additionalFields) in the JWT via ...user, which causes the error:

"Could not parse as OIDC ID token. Token might not be an OIDC-compliant JWT."

Solution

This package provides a drop-in replacement for the convex() plugin that guarantees OIDC-compliant JWT tokens by only including standard OIDC claims:

  • sub (subject/user ID) - REQUIRED
  • name, email, email_verified, picture (optional)
  • iat (issued at)

Installation

npm install convex-better-auth-oidc

Usage

import { convex } from "convex-better-auth-oidc";
import { betterAuth } from "better-auth";

export const auth = betterAuth({
  // ... your config
  plugins: [
    convex(), // ✅ OIDC-compliant by default
    // ... other plugins
  ],
});

Options

The plugin accepts the same options as the original convex() plugin:

convex({
  jwtExpirationSeconds?: number; // Default: 60 * 15 (15 minutes)
  deleteExpiredSessionsOnLogin?: boolean;
  options?: { basePath?: string };
})

License

MIT