Configure rate limiting, manage auth secrets, set up CSRF protection, define trusted origins, secure sessions and cookies, encrypt OAuth tokens, track IP…
Secret Management
Configuring the Secret
import { betterAuth } from "better-auth";
export const auth = betterAuth({
secret: process.env.BETTER_AUTH_SECRET, // or via `BETTER_AUTH_SECRET` env
});
Better Auth looks for secrets in this order:
options.secret in your config
BETTER_AUTH_SECRET environment variable
AUTH_SECRET environment variable
Secret Requirementsdon't have the plugin yet? install it then click "run inline in claude" again.