Overview

supastarter provides a complete authentication system powered by better-auth, a modern and flexible authentication library for TypeScript applications. It includes pre-built UI for login, signup, password reset, email verification, and OAuth social login — all ready to use out of the box.

The auth UI and auth routes are part of apps/saas.

Authentication pages use the following routes:

• /login
• /signup
• /forgot-password
• /reset-password
• /verify

Public auth redirects use the SaaS app URL, so make sure NEXT_PUBLIC_SAAS_URL points to your deployed SaaS app.

Frequently asked questions

What authentication provider does supastarter use?

supastarter uses better-auth, a modern TypeScript authentication library. better-auth stores user data directly in your database (via Prisma or Drizzle), giving you full control over your user data without depending on third-party auth services like Auth0 or Clerk.

Can I use social logins like Google, GitHub, or Apple?

Yes. supastarter supports OAuth social logins through better-auth. You can enable Google, GitHub, Apple, and many other OAuth providers by configuring the provider credentials in your environment variables. See the OAuth guide for setup instructions.

How do I add a new OAuth provider?

Adding a new OAuth provider involves registering your application with the provider to get client ID and secret, then configuring the provider in your better-auth configuration. The OAuth documentation walks you through this process step by step.

Does supastarter support magic link or passwordless login?

Yes. better-auth supports magic link (email-based) authentication. supastarter includes the email verification flow and can be configured for passwordless login by sending a magic link to the user's email address.