Skip to content
Migrating from NextAuth.js v4? Read our migration guide.
API reference


Built-in Bungie integration.


default(options): OAuthConfig<Record<string, any>>

Add Bungie login to your page.


Callback URL


import { Auth } from "@auth/core"
import Bungie from "@auth/core/providers/bungie"
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
      clientId: BUNGIE_CLIENT_ID,
      clientSecret: BUNGIE_CLIENT_SECRET,
      headers: { "X-API-Key": BUNGIE_API_KEY },




Bungie require all sites to run HTTPS (including local development instances).


Bungie doesn’t allow you to use localhost as the website URL, instead you need to use

Navigate to and fill in the required details:

  • Application name
  • Application Status
  • Website
  • OAuth Client Type
    • Confidential
  • Redirect URL
  • Scope
    • Access items like your notifications, memberships, and recent Bungie.Net forum activity.
  • Origin Header

The following guide may be helpful:

#@example server

You will need to edit your host file and point your site at

How to edit my host file?

On Windows (Run PowerShell as administrator)

Add-Content -Path C:\Windows\System32\drivers\etc\hosts -Value "`" -Force

Create certificate

Creating a certificate for localhost is easy with openssl. Just put the following command in the terminal. The output will be two files: localhost.key and localhost.crt.

openssl req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj "/CN=localhost" -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")


The OpenSSL executable is distributed with Git for Windows. Once installed you will find the openssl.exe file in C:/Program Files/Git/mingw64/bin which you can add to the system PATH environment variable if it’s not already done.

Add environment variable OPENSSL_CONF=C:/Program Files/Git/mingw64/ssl/openssl.cnf

 req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj "/CN=localhost"

Create directory certificates and place localhost.key and localhost.crt

You can create a server.js in the root of your project and run it with node server.js to test Sign in with Bungie integration locally:

const { createServer } = require("https")
const { parse } = require("url")
const next = require("next")
const fs = require("fs")
const dev = process.env.NODE_ENV !== "production"
const app = next({ dev })
const handle = app.getRequestHandler()
const httpsOptions = {
  key: fs.readFileSync("./certificates/localhost.key"),
  cert: fs.readFileSync("./certificates/localhost.crt"),
app.prepare().then(() => {
  createServer(httpsOptions, (req, res) => {
    const parsedUrl = parse(req.url, true)
    handle(req, res, parsedUrl)
  }).listen(3000, (err) => {
    if (err) throw err
    console.log("> Ready on https://localhost:3000")


By default, Auth.js assumes that the Bungie provider is based on the OAuth 2 specification.


The Bungie provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Disclaimer If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.


optionsOAuthUserConfig<Record<string, any>>


OAuthConfig<Record<string, any>>

Auth.js © Balázs Orbán and Team - 2024