Auth Module Options

In this document, you'll learn about the options of the Auth Module.

providers#

The providers option is an array of auth module providers.

When the Medusa application starts, these providers are registered and can be used to handle authentication.

For example:

medusa-config.ts
1import { Modules } from "@medusajs/framework/utils"2
3// ...4
5module.exports = defineConfig({6  // ...7  modules: [8    {9      resolve: "@medusajs/medusa/auth",10      options: {11        providers: [12          {13            resolve: "@medusajs/medusa/auth-emailpass",14            id: "emailpass",15            options: {16              // provider options...17            },18          },19        ],20      },21    },22  ]23})

The providers option is an array of objects that accept the following properties:

• resolve: A string indicating the package name of the module provider or the path to it relative to the src directory.
• id: A string indicating the provider's unique name or ID.
• options: An optional object of the module provider's options.

Auth CORS#

The Medusa application's authentication API routes are defined under the /auth prefix that requires setting the authCors property of the http configuration.

By default, the Medusa application you created will have an AUTH_CORS environment variable, which is used as the value of authCors.

Refer to Medusa's configuration guide to learn more about the authCors configuration.

authMethodsPerActor Configuration#

The Medusa application's configuration accept an authMethodsPerActor configuration which restricts the allowed auth providers used with an actor type.

Learn more about the authMethodsPerActor configuration in this guide.