Auth Module Options

In this document, you'll learn about the options of the Auth Module.

providers#

The providers option is an array of auth module providers.

When the Medusa application starts, these providers are registered and can be used to handle authentication.

TipBy default, the emailpass provider is registered to authenticate customers and admin users.

For example:

medusa-config.ts
1import { Modules } from "@medusajs/framework/utils"2
3// ...4
5module.exports = defineConfig({6  // ...7  modules: [8    {9      resolve: "@medusajs/medusa/auth",10      options: {11        providers: [12          {13            resolve: "@medusajs/medusa/auth-emailpass",14            id: "emailpass",15            options: {16              // provider options...17            },18          },19        ],20      },21    },22  ]23})

The providers option is an array of objects that accept the following properties:

  • resolve: A string indicating the package name of the module provider or the path to it relative to the src directory.
  • id: A string indicating the provider's unique name or ID.
  • options: An optional object of the module provider's options.

Auth CORS#

The Medusa application's authentication API routes are defined under the /auth prefix that requires setting the authCors property of the http configuration.

By default, the Medusa application you created will have an AUTH_CORS environment variable, which is used as the value of authCors.

Refer to Medusa's configuration guide to learn more about the authCors configuration.


authMethodsPerActor Configuration#

The Medusa application's configuration accept an authMethodsPerActor configuration which restricts the allowed auth providers used with an actor type.

Learn more about the authMethodsPerActor configuration in this guide.

Was this page helpful?
Edit this page