$0
/ month
Use the libraryin your app and own the surrounding infrastructure.
- OAuthand session primitives
- Framework-oriented integration patterns
- No hosted user-management product included
Tool Review
Auth.js
Open-source authentication toolkit formerly known as NextAuth.js, now maintained under the Better Auth umbrella. Worth considering when you want more direct control over auth wiring and are comfortable owning the implementation details.
Updated on May 27, 2026 Best for: Developers who want open-source, framework-level auth control instead of a polished hosted identity product. Authentication
Developers who want open-source, framework-level auth control instead of a polished hosted identity product.
Pricing
Auth.js pricing
Auth.js itself is open source, but self-owned auth is never truly free. Budget engineering time, provider setup, email delivery, databasesessions, and long-term maintenance.
Pricing notes
- Auth.js joined Better Auth in September 2025, and the transition changes how greenfield projects should think about it.
- For new apps, compare Auth.js against Better Auth and hosted tools like Clerk before committing.
- The biggest cost is owning security-sensitive implementation details yourself.
Capabilities
Feature highlights
Why people still consider it
- It keeps more auth behavior inside your app instead of handing account flows to a hosted provider.
- It has a long history in the Next.js and JavaScriptecosystem.
- It can be a fit for teams that are comfortable with sessions, callbacks, adapters, providers, and custom auth UX.
Why the caveat is bigger now
- Auth.js is now maintained under Better Auth, and official transition messaging points greenfield teams toward Better Auth as the forward-looking path.
- Docs, migration, and ecosystem expectations can be more confusing than hosted auth for beginners.
- You are responsible for the product UX around sign-in, account management, and security-sensitive flows.
Comparison-friendly facts
Auth.js in one screen
Control
High. You keep more of the auth behavior inside your application layer.
Beginner fit
Weak compared with Clerk or Supabase. More decisions land on you.
Hosted UI
No polished hosted account product. You buildor compose more of the user experience yourself.
Project status
Now part of Better Auth, which makes Better Auth the stronger greenfield comparison for many teams.
AI builder fit
Mixed. Agents can wire examples, but auth callbacks and session details need careful review.
Recent updates
Auth.js updates to track
May 27, 2026 Auth.js policy high impact
Updated around Better Auth transition
Auth.js is now maintained by the Better Auth team, and the official GitHub discussion points many new or refreshed projects toward Better Auth as the forward-looking path.
Source →Sep 22, 2025 Auth.js launch high impact
Auth.js joined Better Auth
Better Auth announced that Auth.js, formerly NextAuth.js, would be maintained and overseen by the Better Auth team.
Source →Auth.js is appealing when your instinct is “I want auth, but I also want to understand and control where the pieces live.”
That can be a feature, not a bug, if you already have a strong application architecture. It is just not the path of least resistance for newer builders.
The current caveat
For the Add Authentication guide, Auth.js now needs a louder caveat than it did a few years ago.
Auth.js joined Better Auth in 2025, and the forward-looking story for new projects is more complicated. If you are starting fresh, you should compare:
- Clerk for hosted auth and polished account UX
- Supabase if auth should live near Postgres and Row Level Security
- Better Auth if you want a modern open-source TypeScript auth framework
- Auth.js if you have an existing fit or specifically want its model
That does not make Auth.js useless. It just makes it less of a beginner default.
Where Auth.js still makes sense
Auth.js can still be reasonable when:
- you are maintaining an existing NextAuth/Auth.js app
- you want more control than hosted auth products give you
- your team understands sessions, callbacks, adapters, and provider configuration
- you are comfortable building the surrounding account UX yourself
That control is valuable when you know what you are doing.
My quick take
Auth.js is the “most control” authentication pick, not the “least pain” pick.
If you are newer to auth, start with Clerk or Supabase. If you are experienced and want to own more of the stack, Auth.js can still belong in the conversation, but it should not be chosen casually.
Further reading
| authjs.dev | Auth.js | |
| better-auth.com | Auth.js is now part of Better Auth | |
| github.com | Official GitHub discussion | |
| better-auth.com | Migrating from Auth.js to Better Auth |
Related Paths
Related jobs and alternatives
Updated May 18, 2026
Add Authentication
You need logins, sessions, and account recovery without accidentally turning your weekend into a security incident.
Clerk Firebase Supabase Auth.js
See rankings →
Updated May 8, 2026
Secure Your App
You don’t need a full security department for your vibe-coded side project, but you do need to fix the obvious stuff before bots discover it for you.
Socket Cloudflare Turnstile Arcjet
See rankings →
Clerk
Hosted authentication and user management for modern web apps. The polished default when you want sign-in, account management, organizations, and session handling to feel real quickly.
Supabase
The Postgres development platform: database, auth, storage, realtime, and edge functions in one dashboard. A Firebase-like developer experience powered by Postgres and open source building blocks.
Firebase
Google’s app development platform for building, shipping, and monitoring web and mobile apps. Batteries-included backend services: databases, auth, hosting, storage, functions, analytics, crash reporting, and more.