Beta
The Neon Auth with Better Auth is in Beta. Share your feedback on Discord or via the Neon Console.
OAuth lets users sign in with their Google, GitHub, or Vercel account. Neon Auth handles the OAuth flow and creates a session after authorization.
Development mode
Google OAuth is enabled by default with shared credentials for development and testing. You can start using Google sign-in immediately without any configuration.
note
GitHub and Vercel OAuth require custom credentials and is not available with shared credentials. See Production setup to configure your own OAuth apps.
For production, configure your own OAuth app credentials for both providers. See Production setup below.
Sign in with OAuth
Call signIn.social() with your provider ("google", "github" or "vercel"). The SDK redirects the user to the provider's authorization page, then back to your callbackURL:
import { authClient } from './auth';
const handleGoogleSignIn = async () => {
try {
await authClient.signIn.social({
provider: "google",
callbackURL: window.location.origin,
});
} catch (error) {
console.error("Google sign-in error:", error);
}
};Handle the callback
After the provider redirects back to your app, check for a session:
import { authClient } from './auth';
useEffect(() => {
authClient.getSession().then(({ data }) => {
if (data?.session) {
setUser(data.session.user);
}
setLoading(false);
});
}, []);Custom redirect URLs
Specify different URLs for new users or errors:
await authClient.signIn.social({
provider: "google", // or "github", "vercel"
callbackURL: "/dashboard",
newUserCallbackURL: "/welcome",
errorCallbackURL: "/error",
});Production setup
For production, configure your own OAuth app credentials. GitHub and Vercel OAuth require custom credentials, while Google OAuth works with shared credentials for development but should use custom credentials in production.
- Create OAuth apps with your providers:
- Google OAuth setup (see Google OAuth branding below before going live)
- GitHub OAuth setup
- Vercel OAuth setup
- In your project's Settings → Auth page, configure your Client ID and Client Secret for each provider
Your app will automatically use your configured credentials
Google OAuth branding
When using your own Google OAuth credentials, users will see a consent screen before signing in. Without branding configured, Google displays the redirect_uri domain ("Continue to neon.tech") instead of your app's name. This happens even when your OAuth client ID and secret are correctly configured.
To show your app's name on the consent screen:
- Go to Google Cloud Console → OAuth consent screen
- Fill in the required app information:
- App name: the name users will see on the consent screen
- User support email: a contact email for users with auth questions
- Developer contact information: your email address (not shown to users)
- Under Authorized domains, add your app's domain (for example,
myapp.com) - Save your changes
Verification required for public apps
Apps in Testing status will still show the redirect_uri domain ("neon.tech") to users outside your test user list, regardless of branding settings. To show your app's name to all users, you must publish the app and submit it for Google verification. Verification typically takes a few business days but can take several weeks depending on the OAuth scopes requested.
Need help?
Join our Discord Server to ask questions or see what others are doing with Neon. For paid plan support options, see Support.