Does NestJS Work With Auth.js?
Auth.js can be used with NestJS, but it requires manual integration since Auth.js is primarily designed for Next.js and edge runtimes.
Quick Facts
How NestJS Works With Auth.js
Auth.js (formerly NextAuth.js) is heavily optimized for Next.js and edge environments, making direct integration with NestJS non-trivial. However, you can use Auth.js's core authentication logic by wrapping it in a NestJS guard or middleware, or by using Auth.js as a separate microservice. The most practical approach is treating Auth.js as an external authentication service that your NestJS API consumes via HTTP, similar to how you'd integrate OAuth2 providers. Alternatively, you can use Auth.js's lower-level libraries like `@auth/core` which provide framework-agnostic authentication primitives, though this requires more manual session and token management. Most NestJS developers find it easier to use PassportJS with individual OAuth strategies, or consider Authelia/Keycloak for enterprise scenarios. If you specifically need Auth.js's convenience features, running it as a companion Next.js service alongside NestJS is a viable architecture pattern.
Best Use Cases
NestJS Guard with Auth.js Core
npm install @auth/core express-session @nestjs/common @nestjs/passportimport { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
import { getServerSession } from '@auth/express';
import authConfig from './auth.config';
@Injectable()
export class AuthJsGuard implements CanActivate {
async canActivate(context: ExecutionContext): Promise<boolean> {
const request = context.switchToHttp().getRequest();
const response = context.switchToHttp().getResponse();
const session = await getServerSession(
request,
response,
authConfig
);
if (!session?.user) {
return false;
}
request.user = session.user;
return true;
}
}
// Usage in controller:
// @UseGuards(AuthJsGuard)
// @Get('protected')
// getProtected(@Req() req) { return req.user; }Known Issues & Gotchas
Auth.js expects Edge Runtime or Node.js 18+ with specific HTTP abstractions; NestJS uses Express/Fastify directly
Fix: Use @auth/core instead of full Auth.js, or run Auth.js as a separate service and call it from NestJS guards
Session management differs: Auth.js uses cookies/JWTs for browser clients, but NestJS APIs typically use bearer tokens
Fix: Implement a custom session adapter or use Auth.js only for OAuth/provider handling, managing tokens separately in NestJS
Auth.js database adapters target specific ORMs; NestJS TypeORM/Prisma integration requires custom adapter implementation
Fix: Write a custom database adapter for Auth.js or use external database service for auth data
No official NestJS module or guard available; integration is entirely custom code
Fix: Create your own authentication module wrapping Auth.js core, or use simpler alternatives like Passport
Alternatives
- •PassportJS with OAuth2 strategies - native NestJS support, framework-agnostic, more control over session management
- •NextAuth.js + separate NestJS API - run Auth.js in Next.js frontend, NestJS validates JWT tokens from frontend
- •Keycloak/Authelia + NestJS - dedicated identity providers with OIDC/OAuth2, enterprise-grade, language/framework agnostic
Resources
Related Compatibility Guides
Explore more compatibility guides