@chatbotkit/nextauth
v1.28.0
Published
ChatBotKit adapter for NextAuth.js to make conversational AI bots with authentication and authorization
Maintainers
Readme
ChatBotKit NextAuth SDK
The ChatBotKit SDK for NextAuth.js enables passwordless email authentication that integrates directly with ChatBotKit. This allows you to authenticate users without building separate user management infrastructure.
Two Authentication Approaches
This SDK provides two adapters for different use cases:
1. Partner Adapter (Sub-Accounts)
Use ChatBotKitPartnerAdapter when you want each user to have their own isolated ChatBotKit sub-account:
- Separate environments: Each user gets their own bots, datasets, and resources
- Complete isolation: Users cannot see or access each other's data
- Partner API integration: Requires a Partner API secret
- Best for: SaaS applications, white-label solutions, multi-tenant platforms
2. Contact Adapter (Single Account)
Use ChatBotKitContactAdapter when you want all users to be contacts within a single ChatBotKit account:
- Shared resources: All contacts can interact with the same bots and datasets
- Individual tracking: Each contact has their own conversation history and preferences
- Standard API integration: Works with a regular API secret
- Best for: Chat applications, customer support systems, community platforms
Why Use This?
Authentication is complex and risky to build yourself. This SDK lets you skip all of that.
Instead of spending weeks building and maintaining authentication infrastructure, you can:
- Launch faster: Skip building user registration, login, password reset, and account management
- Reduce security risks: No passwords to hash, no credentials to secure, no user data breaches to worry about
- Lower maintenance burden: No authentication-related bugs, no password reset support tickets, no security patches
- Eliminate infrastructure costs: No user database, no email verification system, no password reset flows
- Focus on your product: Spend time building features that make your application unique
Getting Started
Installation
Add the SDK to your project using npm:
npm install @chatbotkit/nextauth next-authPartner Adapter Configuration
Use this approach when each user needs their own isolated ChatBotKit environment:
import {
ChatBotKitEmailProvider,
ChatBotKitPartnerAdapter,
MemoryStore,
} from '@chatbotkit/nextauth/partner'
const nextAuthConfig = {
adapter: ChatBotKitPartnerAdapter({
secret: process.env.CHATBOTKIT_API_SECRET,
// Use Redis or another persistent store in production
store: new MemoryStore(),
// Control user lifecycle
autoCreateUser: false,
autoUpdateUser: true,
autoDeleteUser: false,
}),
providers: [
ChatBotKitEmailProvider({
async sendVerificationRequest({ identifier, token }) {
await sendEmail({
to: identifier,
subject: 'Sign in to your account',
text: `Your verification code is: ${token}`,
})
},
}),
],
session: {
strategy: 'jwt',
},
callbacks: {
async session({ session, token }) {
session.user = token.user
return session
},
async jwt({ token, user }) {
if (user) {
token.user = user
}
return token
},
},
pages: {
signIn: '/signin',
signOut: '/signin',
verifyRequest: '/verify',
},
debug: !!process.env.DEBUG,
}
export default nextAuthConfigContact Adapter Configuration
Use this approach when users are contacts within a single ChatBotKit account:
import {
ChatBotKitContactAdapter,
ChatBotKitContactEmailProvider,
ContactMemoryStore,
} from '@chatbotkit/nextauth/contact'
const nextAuthConfig = {
adapter: ChatBotKitContactAdapter({
secret: process.env.CHATBOTKIT_API_SECRET,
// Use Redis or another persistent store in production
store: new ContactMemoryStore(),
// Control contact lifecycle
autoCreateContact: true,
autoUpdateContact: true,
autoDeleteContact: false,
}),
providers: [
ChatBotKitContactEmailProvider({
async sendVerificationRequest({ identifier, token }) {
await sendEmail({
to: identifier,
subject: 'Sign in to your account',
text: `Your verification code is: ${token}`,
})
},
}),
],
session: {
strategy: 'jwt',
},
callbacks: {
async session({ session, token }) {
session.user = token.user
return session
},
async jwt({ token, user }) {
if (user) {
token.user = user
}
return token
},
},
pages: {
signIn: '/signin',
signOut: '/signin',
verifyRequest: '/verify',
},
debug: !!process.env.DEBUG,
}
export default nextAuthConfigCreate NextAuth API Route
Create pages/api/auth/[...nextauth].js:
import NextAuth from 'next-auth'
import nextAuthConfig from '../../../nextauth.config.js'
export default NextAuth(nextAuthConfig)Environment Variables
Add your ChatBotKit API secret to .env:
CHATBOTKIT_API_SECRET=your_api_secret_hereChoosing Between Partner and Contact Adapters
| Feature | Partner Adapter | Contact Adapter | | ---------------- | ---------------------------------- | --------------------------------------------- | | User isolation | Complete (separate sub-accounts) | Partial (shared account, individual contacts) | | Resource sharing | None (each user has own resources) | Full (all contacts share bots/datasets) | | API type | Partner API | Standard API | | User identity | Separate ChatBotKit accounts | Contacts within single account | | Best for | SaaS, white-label, multi-tenant | Chat apps, support systems, communities |
Complete Example
A complete working example demonstrating passwordless authentication with the ChatBotKit Partner API can be found in the partner-auth example.
Documentation
For comprehensive information about the ChatBotKit NextAuth SDK, including detailed documentation on its functionalities, helper methods, and configuration options, please visit our type documentation page.
Contributing
If you find a bug or would like to contribute to the ChatBotKit SDK, please open an issue or submit a pull request on the official GitHub repository.
