Skip to content
Migrating from NextAuth.js v4? Read our migration guide.
API reference


Built-in Osso integration.


default(config): OAuthConfig<Record<string, any>>

Add Osso login to your page.


Callback URL


import { Auth } from "@auth/core"
import Osso from "@auth/core/providers/osso"
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
      clientId: OSSO_CLIENT_ID,
      clientSecret: OSSO_CLIENT_SECRET,
      issuer: OSSO_ISSUER,


Osso is an open source service that handles SAML authentication against Identity Providers, normalizes profiles, and makes those profiles available to you in an OAuth 2.0 code grant flow.

You can configure your OAuth Clients on your Osso Admin UI, i.e. - you’ll need to get a Client ID and Secret and allow-list your redirect URIs. SAML SSO differs a bit from OAuth - for every tenant who wants to sign in to your application using SAML, you and your customer need to perform a multi-step configuration in Osso’s Admin UI and the admin dashboard of the tenant’s Identity Provider. Osso provides documentation for providers like Okta and OneLogin, cloud-based IDPs who also offer a developer account that’s useful for testing. Osso also provides a Mock IDP that you can use for testing without needing to sign up for an Identity Provider service.

See Osso’s complete configuration and testing documentation at


By default, Auth.js assumes that the Osso provider is based on the OAuth 2 specification.

issuer should be the fully qualified domain – e.g.


The Osso provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Disclaimer If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.


configOAuthUserConfig<Record<string, any>>


OAuthConfig<Record<string, any>>

Auth.js © Balázs Orbán and Team - 2024