chore(release): bump package version(s) [skip ci]

chore: lint azure-devops provider

.github/ISSUE_TEMPLATE/1_bug_framework.yml

@@ -11,7 +11,7 @@ body:
 
         ### Important :exclamation:
 
-        _Providing incorrect/insufficient information or skipping steps to reproduce the issue may result in closing the issue or converting to a discussion without further explanation._
+        _Providing incorrect/insufficient information or skipping steps to reproduce the issue will result in closing the issue and/or converting to a discussion without further explanation._
 
         If you have a generic question specific to your project, it is best asked in Discussions under the [Questions category](https://github.com/nextauthjs/next-auth/discussions/new?category=Questions)
   # Let's wait with this until adoption in other frameworks.

.github/ISSUE_TEMPLATE/2_bug_provider.yml

@@ -31,6 +31,7 @@ body:
         - "Authentik"
         - "Azure Active Directory"
         - "Azure Active Directory B2C"
+        - "Azure DevOps"
         - "Battlenet"
         - "Beyond Identity"
         - "Box"

.github/ISSUE_TEMPLATE/3_bug_adapter.yml

@@ -24,7 +24,6 @@ body:
         - "@auth/dgraph-adapter"
         - "@auth/drizzle-adapter"
         - "@auth/dynamodb-adapter"
-        - "@auth/drizzle-adapter"
         - "@auth/fauna-adapter"
         - "@auth/firebase-adapter"
         - "@auth/kysely-adapter"

.github/workflows/release.yml

@@ -16,7 +16,6 @@ on:
         description: Package name (npm)
         options:
           - "@auth/core"
-          - "@auth/nextjs"
           - "@auth/dgraph-adapter"
           - "@auth/drizzle-adapter"
           - "@auth/dynamodb-adapter"

apps/dev/sveltekit/package.json

@@ -15,7 +15,7 @@
     "@sveltejs/kit": "next",
     "svelte": "3.55.0",
     "svelte-check": "2.10.2",
-    "typescript": "4.9.4",
+    "typescript": "5.2.2",
     "vite": "4.0.5"
   },
   "dependencies": {

apps/examples/nextjs/package.json

@@ -26,6 +26,6 @@
   "devDependencies": {
     "@types/node": "^18.16.2",
     "@types/react": "^18.2.0",
-    "typescript": "^5.0.4"
+    "typescript": "5.2.2"
   }
 }

apps/examples/solid-start/package.json

@@ -13,7 +13,7 @@
     "solid-start-node": "^0.2.9",
     "solid-start-vercel": "^0.2.9",
     "tailwindcss": "^3.2.4",
-    "typescript": "^4.8.3",
+    "typescript": "5.2.2",
     "vite": "^3.1.0"
   },
   "dependencies": {

apps/examples/sveltekit/package.json

@@ -18,7 +18,7 @@
     "@sveltejs/kit": "next",
     "svelte": "3.55.0",
     "svelte-check": "2.10.2",
-    "typescript": "4.9.4",
+    "typescript": "5.2.2",
     "vite": "4.0.1"
   },
   "dependencies": {

docs/docs/concepts/faq.md

@@ -7,7 +7,7 @@ title: Frequently Asked Questions
 
 ### Is Auth.js commercial software?
 
-Auth.js is an open source project built by individual contributors.
+Auth.js is an open-source project built by individual contributors.
 
 It is not commercial software and is not associated with a commercial organization.
 
@@ -17,7 +17,7 @@ It is not commercial software and is not associated with a commercial organizati
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>What databases does Auth.js support?</h3>
+  <h3 style={{display: "inline-block"}}>What databases does Auth.js support?</h3>
 </summary>
 <p>
 
@@ -30,7 +30,7 @@ You can use also Auth.js with any database using a custom database adapter, or b
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>What authentication services does Auth.js support?</h3>
+  <h3 style={{display: "inline-block"}}>What authentication services does Auth.js support?</h3>
 </summary>
 <p>
 
@@ -38,16 +38,16 @@ You can use also Auth.js with any database using a custom database adapter, or b
 (See also: <a href="/reference/providers/oauth-builtin">Providers</a>)
 </p>
 
-Auth.js also supports email for passwordless sign in, which is useful for account recovery or for people who are not able to use an account with the configured OAuth services (e.g. due to service outage, account suspension or otherwise becoming locked out of an account).
+Auth.js also supports email for passwordless sign-in, which is useful for account recovery or for people who are not able to use an account with the configured OAuth services (e.g. due to service outage, account suspension or otherwise becoming locked out of an account).
 
-You can also use a custom based provider to support signing in with a username and password stored in an external database and/or using two factor authentication.
+You can also use a custom-based provider to support signing in with a username and password stored in an external database and/or using two-factor authentication.
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Does Auth.js support signing in with a username and password?</h3>
+  <h3 style={{display: "inline-block"}}>Does Auth.js support signing in with a username and password?</h3>
 </summary>
 <p>
 
@@ -55,44 +55,44 @@ Auth.js is designed to avoid the need to store passwords for user accounts.
 
 If you have an existing database of usernames and passwords, you can use a custom credentials provider to allow signing in with a username and password stored in an existing database.
 
-_If you use a custom credentials provider user accounts will not be persisted in a database by Auth.js (even if one is configured). The option to use JSON Web Tokens for session tokens (which allow sign in without using a session database) must be enabled to use a custom credentials provider._
+_If you use a custom credentials provider user accounts will not be persisted in a database by Auth.js (even if one is configured). The option to use JSON Web Tokens for session tokens (which allow sign-in without using a session database) must be enabled to use a custom credentials provider._
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Can I use Auth.js with a website that does not use Next.js?</h3>
+  <h3 style={{display: "inline-block"}}>Can I use Auth.js with a website that does not use Next.js?</h3>
 </summary>
 <p>
 
 Auth.js is designed for use with Next.js and Serverless.
 
-If you are using a different framework for your website, you can create a website that handles sign in with Next.js and then access those sessions on a website that does not use Next.js as long as the websites are on the same domain.
+If you are using a different framework for your website, you can create a website that handles sign-in with Next.js and then access those sessions on a website that does not use Next.js as long as the websites are on the same domain.
 
-If you use Auth.js on a website with a different subdomain then the rest of your website (e.g. `auth.example.com` vs `www.example.com`) you will need to set a custom cookie domain policy for the Session Token cookie. (See also: [Cookies](/reference/configuration/auth-config#cookies))
+If you use Auth.js on a website with a different subdomain than the rest of your website (e.g. `auth.example.com` vs `www.example.com`) you will need to set a custom cookie domain policy for the Session Token cookie. (See also: [Cookies](/reference/configuration/auth-config#cookies))
 
-Auth.js does not currently support automatically signing into sites on different top level domains (e.g. `www.example.com` vs `www.example.org`) using a single session.
+Auth.js does not currently support automatically signing into sites on different top-level domains (e.g. `www.example.com` vs `www.example.org`) using a single session.
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Can I use Auth.js with React Native?</h3>
+  <h3 style={{display: "inline-block"}}>Can I use Auth.js with React Native?</h3>
 </summary>
 <p>
 
-Auth.js is designed as a secure, confidential client and implements a server side authentication flow.
+Auth.js is designed as a secure, confidential client and implements a server-side authentication flow.
 
-It is not intended to be used in native applications on desktop or mobile applications, which typically implement public clients (e.g. with client / secrets embedded in the application).
+It is not intended to be used in native applications on desktop or mobile applications, which typically implement public clients (e.g. with client/secrets embedded in the application).
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Is Auth.js supporting TypeScript?</h3>
+  <h3 style={{display: "inline-block"}}>Is Auth.js supporting TypeScript?</h3>
 </summary>
 <p>
 
@@ -103,11 +103,11 @@ Yes! Check out the [TypeScript docs](/getting-started/typescript)
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Is Auth.js compatible with Next.js 12 Middleware?</h3>
+  <h3 style={{display: "inline-block"}}>Is Auth.js compatible with Next.js 12 Middleware?</h3>
 </summary>
 <p>
 
-[Next.js Middleware](https://nextjs.org/docs/middleware) is supported. Head over to the [this page](/reference/nextjs/#middleware)
+[Next.js Middleware](https://nextjs.org/docs/middleware) is supported. Head over to [this page](https://next-auth.js.org/configuration/nextjs#middleware)
 
 </p>
 </details>
@@ -118,7 +118,7 @@ Yes! Check out the [TypeScript docs](/getting-started/typescript)
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>What databases are supported by Auth.js?</h3>
+  <h3 style={{display: "inline-block"}}>What databases are supported by Auth.js?</h3>
 </summary>
 <p>
 
@@ -131,13 +131,13 @@ It also provides an Adapter API which allows you to connect it to any database.
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>What does Auth.js use databases for?</h3>
+  <h3 style={{display: "inline-block"}}>What does Auth.js use databases for?</h3>
 </summary>
 <p>
 
-Databases in Auth.js are used for persisting users, OAuth accounts, email sign in tokens and sessions.
+Databases in Auth.js are used for persisting users, OAuth accounts, email sign-in tokens and sessions.
 
-Specifying a database is optional if you don't need to persist user data or support email sign in. If you don't specify a database then JSON Web Tokens will be enabled for session storage and used to store session data.
+Specifying a database is optional if you don't need to persist user data or support email sign-in. If you don't specify a database then JSON Web Tokens will be enabled for session storage and used to store session data.
 
 If you are using a database with Auth.js, you can still explicitly enable JSON Web Tokens for sessions (instead of using database sessions).
 
@@ -146,24 +146,24 @@ If you are using a database with Auth.js, you can still explicitly enable JSON W
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Should I use a database?</h3>
+  <h3 style={{display: "inline-block"}}>Should I use a database?</h3>
 </summary>
 <p>
 
-- Using Auth.js without a database works well for internal tools - where you need to control who is able to sign in, but when you do not need to create user accounts for them in your application.
+- Using Auth.js without a database works well for internal tools - where you need to control who can sign in, but when you do not need to create user accounts for them in your application.
 
-- Using Auth.js with a database is usually a better approach for a consumer facing application where you need to persist accounts (e.g. for billing, to contact customers, etc).
+- Using Auth.js with a database is usually a better approach for a consumer-facing application where you need to persist accounts (e.g. for billing, to contact customers, etc).
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>What database should I use?</h3>
+  <h3 style={{display: "inline-block"}}>What database should I use?</h3>
 </summary>
 <p>
 
-Managed database solutions for MySQL, Postgres and MongoDB (and compatible databases) are well supported from cloud providers such as Amazon, Google, Microsoft and Atlas.
+Managed database solutions for MySQL, Postgres and MongoDB (and compatible databases) are well supported by cloud providers such as Amazon, Google, Microsoft and Atlas.
 
 If you are deploying directly to a particular cloud platform you may also want to consider serverless database offerings they have (e.g. [Amazon Aurora Serverless on AWS](https://aws.amazon.com/rds/aurora/serverless/)).
 
@@ -174,51 +174,49 @@ If you are deploying directly to a particular cloud platform you may also want t
 
 ## Security
 
-Parts of this section has been moved to its [own page](/security).
+Parts of this section have been moved to their [page](/security)](/security).
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>How do I get Refresh Tokens and Access Tokens for an OAuth account?</h3>
+  <h3 style={{display: "inline-block"}}>How do I get Refresh Tokens and Access Tokens for an OAuth account?</h3>
 </summary>
 <p>
 
 Auth.js provides a solution for authentication, session management and user account creation.
 
-Auth.js records Refresh Tokens and Access Tokens on sign in (if supplied by the provider) and it will pass them, along with the User ID, Provider and Provider Account ID, to either:
+Auth.js records Refresh Tokens and Access Tokens on sign-in (if supplied by the provider) and it will pass them, along with the User ID, Provider and Provider Account ID, to either:
 
 1. A database - if a database connection string is provided
-2. The JSON Web Token callback - if JWT sessions are enabled (e.g. if no database specified)
+2. The JSON Web Token callback - if JWT sessions are enabled (e.g. if no database is specified)
 
 You can then look them up from the database or persist them to the JSON Web Token.
 
-Note: Auth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](/guides/basics/refresh-token-rotation) if you want to implement it.
-
-We also have an [example repository](https://github.com/nextauthjs/next-auth-refresh-token-example) / project based upon Auth.js v4 where we demonstrate how to use a refresh token to refresh the provided access token.
+Note: Auth.js does not currently handle Access Token rotation for OAuth providers for you, however, you can check out [this tutorial](/guides/basics/refresh-token-rotation) if you want to implement it.
 
 </p>
 </details>
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>When I sign in with another account with the same email address, why are accounts not linked automatically?</h3>
+  <h3 style={{display: "inline-block"}}>When I sign in with another account with the same email address, why are accounts not linked automatically?</h3>
 </summary>
 <p>
 
-Automatic account linking on sign in is not secure between arbitrary providers - with the exception of allowing users to sign in via an email addresses as a fallback (as they must verify their email address as part of the flow).
+Automatic account linking on sign-in is not secure between arbitrary providers - except for allowing users to sign in via email addresses as a fallback (as they must verify their email address as part of the flow).
 
-When an email address is associated with an OAuth account it does not necessarily mean that it has been verified as belonging to account holder — how email address verification is handled is not part of the OAuth specification and varies between providers (e.g. some do not verify first, some do verify first, others return metadata indicating the verification status).
+When an email address is associated with an OAuth account it does not necessarily mean that it has been verified as belonging to the account holder — how email address verification is handled is not part of the OAuth specification and varies between providers (e.g. some do not verify first, some do verify first, others return metadata indicating the verification status).
 
-With automatic account linking on sign in, this can be exploited by bad actors to hijack accounts by creating an OAuth account associated with the email address of another user.
+With automatic account linking on sign-in, this can be exploited by bad parties to hijack accounts by creating an OAuth account associated with the email address of another user.
 
-For this reason it is not secure to automatically link accounts between arbitrary providers on sign in, which is why this feature is generally not provided by authentication service and is not provided by Auth.js.
+For this reason, it is not secure to automatically link accounts between arbitrary providers on sign-in, which is why this feature is generally not provided by an authentication service and is not provided by Auth.js.
 
 Automatic account linking is seen on some sites, sometimes insecurely. It can be technically possible to do automatic account linking securely if you trust all the providers involved to ensure they have securely verified the email address associated with the account, but requires placing trust (and transferring the risk) to those providers to handle the process securely.
 
-Examples of scenarios where this is secure include with an OAuth provider you control (e.g. that only authorizes users internal to your organization) or with a provider you explicitly trust to have verified the users email address.
+Examples of scenarios where this is secure include an OAuth provider you control (e.g. that only authorizes users internal to your organization) or a provider you explicitly trust to have verified the users' email address.
 
-Automatic account linking is not a planned feature of Auth.js, however there is scope to improve the user experience of account linking and of handling this flow, in a secure way. Typically this involves providing a fallback option to sign in via email, which is already possible (and recommended), but the current implementation of this flow could be improved on.
+Automatic account linking is not a planned feature of Auth.js, however, there is scope to improve the user experience of account linking and of handling this flow, securely. Typically this involves providing a fallback option to sign in via email, which is already possible (and recommended), but the current implementation of this flow could be improved.
 
-Providing support for secure account linking and unlinking of additional providers - which can only be done if a user is already signed in already - was originally a feature in v1.x but has not been present since v2.0, is planned to return in a future release.
+Providing support for secure account linking and unlinking of additional providers - which can only be done if a user is already signed in - was originally a feature in v1.x but has not been present since v2.0, and is planned to return in a future release.
 
 </p>
 </details>
@@ -229,11 +227,11 @@ Providing support for secure account linking and unlinking of additional provide
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Why doesn't Auth.js support [a particular feature]?</h3>
+  <h3 style={{display: "inline-block"}}>Why doesn't Auth.js support [a particular feature]?</h3>
 </summary>
 <p>
 
-Auth.js is an open source project built by individual contributors who are volunteers writing code and providing support in their spare time.
+Auth.js is an open-source project built by individual contributors who are volunteers writing code and providing support in their spare time.
 
 If you would like Auth.js to support a particular feature, the best way to help make it happen is to raise a feature request describing the feature and offer to work with other contributors to develop and test it.
 
@@ -244,13 +242,13 @@ If you are not able to develop a feature yourself, you can offer to sponsor some
 
 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>I disagree with a design decision, how can I change your mind?</h3>
+  <h3 style={{display: "inline-block"}}>I disagree with a design decision, how can I change your mind?</h3>
 </summary>
 <p>
 
 Product design decisions on Auth.js are made by core team members.
 
-You can raise suggestions as feature requests / requests for enhancement.
+You can raise suggestions as feature requests for enhancement.
 
 Requests that provide the detail requested in the template and follow the format requested may be more likely to be supported, as additional detail prompted in the templates often provides important context.
 
@@ -286,7 +284,7 @@ JSON Web Tokens can be used for session tokens, but are also used for lots of ot
 
 - JSON Web Tokens in Auth.js are secured using cryptographic encryption (JWE) to store the included information directly in a JWT session token. You may then use the token to pass information between services and APIs on the same domain without having to contact a database to verify the included information.
 
-- You can use JWT to securely store information you do not mind the client knowing even without encryption, as the JWT is stored in a server-readable-only cookie so data in the JWT is not accessible to third party JavaScript running on your site.
+- You can use JWT to securely store information you do not mind the client knowing even without encryption, as the JWT is stored in a server-readable-only cookie so data in the JWT is not accessible to third-party JavaScript running on your site.
 
 </p>
 </details>
@@ -297,15 +295,15 @@ JSON Web Tokens can be used for session tokens, but are also used for lots of ot
 </summary>
 <p>
 
-- You cannot as easily expire a JSON Web Token - doing so requires maintaining a server side blocklist of invalid tokens (at least until they expire) and checking every token against the list every time a token is presented.
+- It's difficult to invalidate a JSON Web Token - doing so requires maintaining a server-side blocklist of the tokens (at least until they expire) and checking every token against the list every time a token is presented.
 
   Shorter session expiry times are used when using JSON Web Tokens as session tokens to allow sessions to be invalidated sooner and simplify this problem.
 
-  Auth.js client includes advanced features to mitigate the downsides of using shorter session expiry times on the user experience, including automatic session token rotation, optionally sending keep alive messages to prevent short lived sessions from expiring if there is an window or tab open, background re-validation, and automatic tab/window syncing that keeps sessions in sync across windows any time session state changes or a window or tab gains or loses focus.
+  Auth.js client includes advanced features to mitigate the downsides of using shorter session expiry times on the user experience, including automatic session token rotation, optionally sending keep-alive messages to prevent short-lived sessions from expiring if there is a window or tab opened, background re-validation, and automatic tab/window syncing that keeps sessions in sync across windows any time session state changes or a window or tab gains or loses focus.
 
 - As with database session tokens, JSON Web Tokens are limited in the amount of data you can store in them. There is typically a limit of around 4096 bytes per cookie, though the exact limit varies between browsers, proxies and hosting services. If you want to support most browsers, then do not exceed 4096 bytes per cookie. If you want to save more data, you will need to persist your sessions in a database (Source: [browsercookielimits.iain.guru](http://browsercookielimits.iain.guru/))
 
-  The more data you try to store in a token and the more other cookies you set, the closer you will come to this limit. Since v4 we have implemented cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing. However since this data needs to be transmitted on every request, if you wish to store more than ~4 KB of data you're probably at the point where you want to store a unique ID in the token and persist the data elsewhere (e.g. in a server-side key/value store).
+  The more data you try to store in a token and the more other cookies you set, the closer you will come to this limit. Auth.js uses cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing. However, since this data needs to be transmitted on every request, in case you wish to store more than ~4 KB of data you're probably at the point where you want to store a unique ID in the token and persist the data elsewhere (e.g. in a server-side key/value store).
 
 - Data stored in an encrypted JSON Web Token (JWE) may be compromised at some point.
 
@@ -313,7 +311,7 @@ JSON Web Tokens can be used for session tokens, but are also used for lots of ot
 
   Avoid storing any data in a token that might be problematic if it were to be decrypted in the future.
 
-- If you do not explicitly specify a secret for for Auth.js, existing sessions will be invalidated any time your Auth.js configuration changes, as Auth.js will default to an auto-generated secret. Since v4 this only impacts development and generating a secret is required in production.
+- If you do not explicitly specify a secret for Auth.js, existing sessions will be invalidated any time your Auth.js configuration changes, as Auth.js will default to an auto-generated secret. Since v4 this only impacts development and generating a secret is required in production.
 
 </p>
 </details>
@@ -324,12 +322,10 @@ JSON Web Tokens can be used for session tokens, but are also used for lots of ot
 </summary>
 <p>
 
-By default tokens are not signed (JWS) but are encrypted (JWE). Since v4 we have implemented cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing.
+By default, tokens are encrypted (JWE).
 
 You can specify other valid algorithms - [as specified in RFC 7518](https://tools.ietf.org/html/rfc7517) - with either a secret (for symmetric encryption) or a public/private key pair (for asymmetric encryption).
 
-Auth.js will generate keys for you, but this will generate a warning at start up.
-
 Using explicit public/private keys for signing is strongly recommended.
 
 </p>

docs/docs/getting-started/credentials-tutorial.mdx

@@ -2,6 +2,9 @@
 title: Credentials authentication
 ---
 
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
+
 Auth.js is built in a way that is flexible to integrate it with any authentication back-end you or your company may already have.
 
 This library has been designed to handle the user session client-wise, to support multiple authentication methods (OAuth, Email, etc...) so that you're not forced to run your own authentication service.
@@ -16,34 +19,49 @@ The functionality provided for credentials based authentication is intentionally
 
 Integrating the Credentials Provider is as simple as initializing it in the Auth.js configuration file:
 
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import CredentialsProvider from "next-auth/providers/credentials"
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
 
-export default NextAuth({
-  providers: [
-    CredentialsProvider({
-      async authorize(credentials) {
-        const authResponse = await fetch("/users/login", {
-          method: "POST",
-          headers: {
-            "Content-Type": "application/json",
-          },
-          body: JSON.stringify(credentials),
-        })
+  ```ts title="pages/api/auth/[...nextauth].ts"
+  import NextAuth from "next-auth"
+  import CredentialsProvider from "next-auth/providers/credentials"
 
-        if (!authResponse.ok) {
-          return null
-        }
+  export default NextAuth({
+    providers: [
+      CredentialsProvider({
+        async authorize(credentials) {
+          const authResponse = await fetch("/users/login", {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+            },
+            body: JSON.stringify(credentials),
+          })
 
-        const user = await authResponse.json()
+          if (!authResponse.ok) {
+            return null
+          }
 
-        return user
-      },
-    }),
-  ],
-})
-```
+          const user = await authResponse.json()
+
+          return user
+        },
+      }),
+    ],
+  })
+  ```
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
 
 :::note
 Check the [Credentials Provider options](/reference/core/providers_credentials) for further customization

docs/docs/getting-started/email-tutorial.mdx

@@ -7,6 +7,8 @@ import startPageImg from "./img/email-tutorial-start.png"
 import checkPageImg from "./img/email-tutorial-check.png"
 import mailboxImg from "./img/email-tutorial-mailbox.png"
 import loggedInImg from "./img/email-tutorial-logged.png"
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
 
 Aside from authenticating users in Auth.js via [OAuth](/getting-started/oauth-tutorial), you can also enable the option to authenticate them via "magic links". These are links that are sent to the user's email and when clicking on them they'll sign up the user automatically.
 
@@ -64,26 +66,43 @@ Note that we're also specifying from which domain email are going to be sent fro
 
 Nice! We're getting there. Now we need to read supply this values as the configuration for our Email Provider. Open `pages/api/auth/[...nextauth].ts` and do the following:
 
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import Email from "next-auth/providers/email"
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
 
-export default NextAuth({
-  providers: [
-    Email({
-      server: {
-        host: process.env.SMTP_HOST,
-        port: Number(process.env.SMTP_PORT),
-        auth: {
-          user: process.env.SMTP_USER,
-          pass: process.env.SMTP_PASSWORD,
+  
+  ```ts title="pages/api/auth/[...nextauth].ts"
+  import NextAuth from "next-auth"
+  import Email from "next-auth/providers/email"
+
+  export default NextAuth({
+    providers: [
+      Email({
+        server: {
+          host: process.env.SMTP_HOST,
+          port: Number(process.env.SMTP_PORT),
+          auth: {
+            user: process.env.SMTP_USER,
+            pass: process.env.SMTP_PASSWORD,
+          },
         },
-      },
-      from: process.env.EMAIL_FROM,
-    }),
-  ],
-})
-```
+        from: process.env.EMAIL_FROM,
+      }),
+    ],
+  })
+  ```
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
+
 
 ## 3. Setting up an adapter
 
@@ -139,30 +158,46 @@ export default clientPromise
 
 And now let's reference this new adapter from our Auth.js configuration file:
 
-```diff title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import EmailProvider from "next-auth/providers/email"
-+ import { MongoDBAdapter } from "@auth/mongodb-adapter"
-+ import clientPromise from "../../../lib/mongodb/client"
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
+
+  ```diff title="pages/api/auth/[...nextauth].ts"
+  import NextAuth from "next-auth"
+  import EmailProvider from "next-auth/providers/email"
+  + import { MongoDBAdapter } from "@auth/mongodb-adapter"
+  + import clientPromise from "../../../lib/mongodb/client"
+
+  export default NextAuth({
+    secret: process.env.NEXTAUTH_SECRET,
+  + adapter: MongoDBAdapter(clientPromise),
+    providers: [
+      EmailProvider({
+        server: {
+          host: process.env.EMAIL_SERVER_HOST,
+          port: process.env.EMAIL_SERVER_PORT,
+          auth: {
+            user: process.env.EMAIL_SERVER_USER,
+            pass: process.env.EMAIL_SERVER_PASSWORD
+          }
+        },
+        from: process.env.EMAIL_FROM
+      }),
+    ],
+  })
+  ```
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
 
-export default NextAuth({
-  secret: process.env.NEXTAUTH_SECRET,
-+ adapter: MongoDBAdapter(clientPromise),
-  providers: [
-    EmailProvider({
-      server: {
-        host: process.env.EMAIL_SERVER_HOST,
-        port: process.env.EMAIL_SERVER_PORT,
-        auth: {
-          user: process.env.EMAIL_SERVER_USER,
-          pass: process.env.EMAIL_SERVER_PASSWORD
-        }
-      },
-      from: process.env.EMAIL_FROM
-    }),
-  ],
-})
-```
 
 ## 4. Wiring all together
 

docs/docs/getting-started/oauth-tutorial.mdx

@@ -37,7 +37,7 @@ npm install next-auth
 ```
 
 :::info
-We are working on a new `@auth/nextjs` package that will make it easier to set up Auth.js with Next.js. Stay tuned! For now, you can use the `next-auth` package.
+We are working on a new release of `next-auth` that will make it easier to set up Auth.js with Next.js. You can follow the development [on this PR](https://github.com/nextauthjs/next-auth/pull/7443)
 :::
 
 ### Creating the server config
@@ -100,7 +100,7 @@ NextAuth.js provides [`useSession()`](/reference/react/#usesession) - a [React H
 
 ```ts title="pages/_app.tsx"
 import { SessionProvider } from "next-auth/react"
-import type { AppProps } from 'next/app'
+import type { AppProps } from "next/app"
 
 export default function App({
   Component,
@@ -156,7 +156,7 @@ export default function CamperVanPage() {
 
 ### Protecting API Routes
 
-To protect your API Routes (blocking unauthorized access to resources), you can use [`getServerSession()`](/reference/nextjs#getserversession) to know whether a session exists or not:
+To protect your API Routes (blocking unauthorized access to resources), you can use [`getServerSession()`](https://next-auth.js.org/configuration/nextjs#getserversession) to know whether a session exists or not:
 
 ```ts title="pages/api/movies/list.ts"
 import { getServerSession } from "next-auth/next"
@@ -218,7 +218,7 @@ The callback URL we insert should have the following pattern:
 
 In this case, given we want to try our authentication working locally on our machine and we're using **GitHub** as our OAuth provider, it'll be:
 
-<Tabs groupId="frameworks">
+<Tabs groupId="frameworks" queryString>
   <TabItem value="next" label="Next.js" default>
 
 ```
@@ -274,7 +274,7 @@ Note that, for each provider, the configuration process will be similar to what
 2. Create create your OAuth application within it
 3. Set the callback URL
 4. Get the Client ID and Generate a Client Secret
-:::
+   :::
 
 ## 3. Wiring all together
 
@@ -289,7 +289,7 @@ GITHUB_SECRET=67890
 
 Here is our server configuration file again:
 
-<Tabs groupId="frameworks">
+<Tabs groupId="frameworks" queryString>
   <TabItem value="next" label="Next.js" default>
 
 ```ts title="pages/api/auth/[...nextauth].ts"

docs/docs/getting-started/typescript.md

@@ -9,6 +9,9 @@ https://github.com/nextauthjs/next-auth-example
 
 ---
 
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
+
 ## Adapters
 
 If you're writing your own custom Adapter, you can take advantage of the types to make sure your implementation conforms to what's expected:
@@ -46,30 +49,45 @@ This will work in code editors with a strong TypeScript integration like VSCode
 
 Let's look at `Session`:
 
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
 
-export default NextAuth({
-  callbacks: {
-    session({ session, token, user }) {
-      return session // The return type will match the one returned in `useSession()`
+  ```ts title="pages/api/auth/[...nextauth].ts"
+  import NextAuth from "next-auth"
+
+  export default NextAuth({
+    callbacks: {
+      session({ session, token, user }) {
+        return session // The return type will match the one returned in `useSession()`
+      },
     },
-  },
-})
-```
+  })
+  ```
 
-```ts title="pages/index.ts"
-import { useSession } from "next-auth/react"
+  ```ts title="pages/index.ts"
+  import { useSession } from "next-auth/react"
 
-export default function IndexPage() {
-  // `session` will match the returned value of `callbacks.session()` from `NextAuth()`
-  const { data: session } = useSession()
+  export default function IndexPage() {
+    // `session` will match the returned value of `callbacks.session()` from `NextAuth()`
+    const { data: session } = useSession()
 
-  return (
-    // Your component
-  )
-}
-```
+    return (
+      // Your component
+    )
+  }
+  ```
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
 
 To extend/augment this type, create a `types/next-auth.d.ts` file in your project:
 

docs/docs/guides/adapters/using-a-database-adapter.md

@@ -8,6 +8,6 @@ An **Adapter** in Auth.js connects your application to whatever database or back
 When using a database, you can still use JWT for session handling for fast access. See the [`session.strategy`](/reference/configuration/auth-config#session) option. Read about the trade-offs of JWT in the [FAQ](/concepts/faq#json-web-tokens).
 :::
 
-We have a list of official adapters that are distributed as their own packages under the `@next-auth/{name}-adapter` namespace. Their source code is available in their various adapters package directories at [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth/tree/main/packages):
+We have a list of official adapters that are distributed as their own packages under the `@auth/{name}-adapter` namespace. Their source code is available in their various adapters package directories at [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth/tree/main/packages):
 
 - [All available adapters](/reference/adapters)

docs/docs/guides/basics/callbacks.md

@@ -12,7 +12,7 @@ If you want to pass data such as an Access Token or User ID to the browser when
 
 You can specify a handler for any of the callbacks below.
 
-```js title="pages/api/auth/[...nextauth].js"s
+```js title="auth.js"
   callbacks: {
     async signIn({ user, account, profile, email, credentials }) {
       return true
@@ -35,7 +35,7 @@ The documentation below shows how to implement each callback, their default beha
 
 Use the `signIn()` callback to control if a user is allowed to sign in.
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 callbacks: {
   async signIn({ user, account, profile, email, credentials }) {
     const isAllowedToSignIn = true
@@ -79,7 +79,7 @@ By default only URLs on the same URL as the site are allowed, you can use the re
 
 The default redirect callback looks like this:
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 callbacks: {
   async redirect({ url, baseUrl }) {
     // Allows relative callback URLs
@@ -107,7 +107,7 @@ Requests to `/api/auth/signin`, `/api/auth/session` and calls to `getSession()`,
 
 The contents _user_, _account_, _profile_ and _isNewUser_ will vary depending on the provider and on if you are using a database or not. You can persist data such as User ID, OAuth Access Token in this token. To make it available in the browser, check out the [`session()` callback](#session-callback) as well.
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 callbacks: {
   async jwt({ token, account }) {
     // Persist the OAuth access_token to the token right after signin
@@ -132,7 +132,7 @@ e.g. `getSession()`, `useSession()`, `/api/auth/session`
 - When using database sessions, the User object is passed as an argument.
 - When using JSON Web Tokens for sessions, the JWT payload is provided instead.
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 callbacks: {
   async session({ session, token, user }) {
     // Send properties to the client, like an access_token from a provider.

docs/docs/guides/basics/initialization.md

@@ -2,6 +2,14 @@
 title: Custom Initialization
 ---
 
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
+
+
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
+
+
 In Next.js, you can define an API route that will catch all requests that begin with a certain path. Conveniently, this is called [Catch all API routes](https://nextjs.org/docs/api-routes/dynamic-api-routes#catch-all-api-routes).
 
 When you define a `/pages/api/auth/[...nextauth]` JS/TS file, you instruct Auth.js that every API request beginning with `/api/auth/*` should be handled by the code written in the `[...nextauth]` file.
@@ -120,3 +128,15 @@ This way of initializing `NextAuth` is very powerful, but should be used sparing
 :::warning
 Changing parts of the request that is essential to `NextAuth` to do it's job - like messing with the [default cookies](/reference/configuration/auth-config#cookies) - can have unforeseen consequences, and have the potential to introduce security holes if done incorrectly. Only change those if you understand consequences.
 :::
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>

docs/docs/guides/basics/overriding-jwt.md

@@ -4,10 +4,10 @@ sidebar_label: Custom JWT encoding
 ---
 
 :::warning
-If you use middleware to protect routes, make sure the same method is also set in the [`_middleware.ts` options](/reference/nextjs/#custom-jwt-decode-method)
+If you use middleware to protect routes, make sure the same method is also set in the [`middleware.ts` options](https://next-auth.js.org/configuration/nextjs#custom-jwt-decode-method)
 :::
 
-Auth.js uses encrypted JSON Web Tokens ([JWE](https://datatracker.ietf.org/doc/html/rfc7516)) by default. Unless you have a good reason, we recommend keeping this behaviour. Although you can override this using the `encode` and `decode` methods. Both methods must be defined at the same time.
+Auth.js uses encrypted JSON Web Tokens ([JWE](https://datatracker.ietf.org/doc/html/rfc7516)) by default. Unless you have a good reason, we recommend keeping this behavior. Although you can override this using the `encode` and `decode` methods. Both methods must be defined at the same time.
 
 ```js
 jwt: {

docs/docs/guides/basics/pages.md

@@ -2,13 +2,16 @@
 title: Pages
 ---
 
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
+
 Auth.js automatically creates simple, unbranded authentication pages for handling Sign in, Sign out, Email Verification and displaying error messages.
 
 The options displayed on the sign-up page are automatically generated based on the providers specified in the options passed to Auth.js.
 
 To add a custom login page, you can use the `pages` option:
 
-```javascript title="pages/api/auth/[...nextauth].js"
+```javascript title="auth.js"
 ...
   pages: {
     signIn: '/auth/signin',
@@ -76,6 +79,11 @@ In addition, you can define the background color and text color of the button wi
 
 In order to get the available authentication providers and the URLs to use for them, you can make a request to the API endpoint `/api/auth/providers`:
 
+
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
+
+
 ```jsx title="pages/auth/signin.js"
 import { getProviders, signIn } from "next-auth/react"
 
@@ -100,6 +108,18 @@ export async function getServerSideProps(context) {
   }
 }
 ```
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
+
 
 There is another, more fully styled example signin page available [here](https://github.com/ndom91/next-auth-example-sign-in-page).
 
@@ -107,6 +127,10 @@ There is another, more fully styled example signin page available [here](https:/
 
 If you create a custom sign in form for email sign in, you will need to submit both fields for the **email** address and **csrfToken** from **/api/auth/csrf** in a POST request to **/api/auth/signin/email**.
 
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
+
+
 ```jsx title="pages/auth/email-signin.js"
 import { getCsrfToken } from "next-auth/react"
 
@@ -131,6 +155,18 @@ export async function getServerSideProps(context) {
 }
 ```
 
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
+
 You can also use the `signIn()` function which will handle obtaining the CSRF token for you:
 
 ```js
@@ -141,6 +177,10 @@ signIn("email", { email: "jsmith@example.com" })
 
 If you create a sign in form for credentials based authentication, you will need to pass a **csrfToken** from **/api/auth/csrf** in a `POST` request to **/api/auth/callback/credentials**.
 
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js" default>
+
+
 ```jsx title="pages/auth/credentials-signin.js"
 import { getCsrfToken } from "next-auth/react"
 
@@ -170,6 +210,18 @@ export async function getServerSideProps(context) {
 }
 ```
 
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)">
+    TODO Core
+  </TabItem>
+</Tabs>
+
 You can also use the `signIn()` function which will handle obtaining the CSRF token for you:
 
 ```js

docs/docs/guides/basics/refresh-token-rotation.md

@@ -2,6 +2,9 @@
 title: Refresh token rotation
 ---
 
+import Tabs from "@theme/Tabs"
+import TabItem from "@theme/TabItem"
+
 Refresh token rotation is the practice of updating an `access_token` on behalf of the user, without requiring interaction (eg.: re-sign in). `access_token`s are usually issued for a limited time. After they expire, the service verifying them will ignore the value. Instead of asking the user to sign in again to obtain a new `access_token`, certain providers support exchanging a `refresh_token` for a new `access_token`, renewing the expiry time. Let's see how this can be achieved.
 
 :::note
@@ -26,6 +29,20 @@ Using the [jwt](../../reference/core/types#jwt) and [session](../../reference/co
 
 Below is a sample implementation using Google's Identity Provider. Please note that the OAuth 2.0 request in the `refreshAccessToken()` function will vary between different providers, but the core logic should remain similar.
 
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js">
+
+  TODO Next.js
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)" default>
+
 ```ts
 import { Auth } from "@auth/core"
 import { type TokenSet } from "@auth/core/types"
@@ -109,10 +126,27 @@ declare module "@auth/core/jwt" {
 }
 ```
 
+  </TabItem>
+</Tabs>
+
 #### Database strategy
 
 Using the database strategy is very similar, but instead of preserving the `access_token` and `refresh_token`, we save it, well, in the database.
 
+<Tabs groupId="frameworks" queryString>
+  <TabItem value="next" label="Next.js">
+
+  What
+
+  </TabItem>
+  <TabItem value="sveltekit" label="SvelteKit">
+    TODO SvelteKit
+  </TabItem>
+  <TabItem value="solidstart" label="SolidStart">
+    TODO SolidStart
+  </TabItem>
+  <TabItem value="core" label="Vanilla (No Framework)" default>
+
 ```ts
 import { Auth } from "@auth/core"
 import { type TokenSet } from "@auth/core/types"
@@ -195,6 +229,8 @@ declare module "@auth/core/jwt" {
   }
 }
 ```
+  </TabItem>
+</Tabs>
 
 ### Client Side
 

docs/docs/guides/basics/securing-pages-and-api-routes.md

@@ -2,19 +2,19 @@
 title: Securing Pages & API routes
 ---
 
-You can easily protect client and server side rendered pages and API routes with Auth.js.
+You can protect client and server-side rendered pages and API routes with Auth.js.
 
 _You can find working examples of the approaches shown below in the [example project](https://github.com/nextauthjs/next-auth-example/)._
 
 :::tip
-The methods `getSession()` and `getToken()` both return an `object` if a session is valid and `null` if a session is invalid or has expired.
+The methods `getSession()` and `getToken()` both return an `object` if a session is valid and `null` if a session is not valid or has expired.
 :::
 
 ## Securing Pages
 
 ### Client Side
 
-If data on a page is fetched using calls to secure API routes - i.e. routes which use `getSession()` or `getToken()` to access the session - you can use the `useSession` React Hook to secure pages.
+If data on a page is fetched using calls to secure API routes - i.e. routes that use `getSession(`)` or `getToken()` to access the session - you can use the `useSession` React Hook to secure pages.
 
 ```js title="pages/client-side-example.js"
 import { useSession, getSession } from "next-auth/react"
@@ -41,7 +41,7 @@ export default function Page() {
 
 ### Next.js (Middleware)
 
-With Auth.js 4.2.0 and Next.js 12, you can now protect your pages via the middleware pattern more easily. If you would like to protect all pages, you can create a `_middleware.js` file in your root `pages` directory which looks like this.
+With NextAuth.js 4.2.0 and Next.js 12, you can now protect your pages via the middleware pattern more easily. If you would like to protect all pages, you can create a `_middleware.js` file in your root `pages` directory which looks like this.
 
 ```js title="/middleware.js"
 export { default } from "next-auth/middleware"
@@ -49,15 +49,15 @@ export { default } from "next-auth/middleware"
 
 Otherwise, if you only want to protect a subset of pages, you could put it in a subdirectory as well, for example in `/pages/admin/_middleware.js` would protect all pages under `/admin`.
 
-For the time being, the `withAuth` middleware only supports `"jwt"` as [session strategy](/reference/configuration/auth-config#session).
+For the time being, the `withAuth` middleware only supports `"jwt"` as a [session strategy](/reference/configuration/auth-config#session).
 
-More details can be found [here](/reference/nextjs/#middleware).
+More details can be found [here](https://next-auth.js.org/configuration/nextjs#middleware).
 
 ### Server Side
 
-You can protect server side rendered pages using the `unstable_getServerSession` method. This is different from the old `getSession()` method, in that it does not do an extra fetch out over the internet to confirm data from itself, increasing performance significantly.
+You can protect server-side rendered pages using the `unstable_getServerSession` method. This is different from the old `getSession()` method, in that it does not do an extra fetch out over the internet to confirm data from itself, increasing performance significantly.
 
-You need to add this to every server rendered page you want to protect. Be aware, `unstable_getServerSession` takes slightly different arguments than the method it is replacing, `getSession`.
+You need to add this to every server-rendered page you want to protect. Be aware, `unstable_getServerSession` takes slightly different arguments than the method it is replacing, `getSession`.
 
 ```js title="pages/server-side-example.js"
 import { unstable_getServerSession } from "next-auth/next"
@@ -136,7 +136,7 @@ export default async (req, res) => {
 
 ### Using getToken()
 
-If you are using JSON Web Tokens you can use the `getToken()` helper to access the contents of the JWT without having to handle JWT decryption / verification yourself. This method can only be used server side.
+If you are using JSON Web Tokens you can use the `getToken()` helper to access the contents of the JWT without having to handle JWT decryption/verification yourself. This method can only be used server side.
 
 ```js title="pages/api/get-token-example.js"
 // This is an example of how to read a JSON Web Token from an API route
@@ -157,7 +157,7 @@ export default async (req, res) => {
 ```
 
 :::tip
-You can use the `getToken()` helper function in any application as long as you set the `NEXTAUTH_URL` environment variable and the application is able to read the JWT cookie (e.g. is on the same domain).
+You can use the `getToken()` helper function in any application as long as you set the `NEXTAUTH_URL` environment variable and the application can read the JWT cookie (e.g. is on the same domain).
 :::
 
 :::note

docs/docs/guides/corporate-proxies/avoid-corporate-link-checking-email-provider.md

@@ -22,7 +22,7 @@ This can be done by simply returning a `200` response on `HEAD` requests at the
 
 For example
 
-```jsx title="/pages/api/auth/[...nextauth].js"
+```jsx title="auth.js"
 import type { NextApiRequest, NextApiResponse } from "next"
 import NextAuth from "next-auth"
 

docs/docs/guides/corporate-proxies/corporate-proxy.md

@@ -24,7 +24,7 @@ index 77161bd..1082fba 100644
 
  var _openidClient = require("openid-client");
 
-+var HttpsProxyAgent = require("https-proxy-agent");
++import { HttpsProxyAgent } from 'https-proxy-agent';
 +
  async function openidClient(options) {
    const provider = options.provider;

docs/docs/guides/providers/credentials-provider.md

@@ -35,7 +35,7 @@ If you return an object it will be persisted to the JSON Web Token and the user
 
 The Credentials provider's `authorize()` method also provides the request object as the second parameter (see the example below).
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 import CredentialsProvider from "next-auth/providers/credentials";
 ...
 providers: [

docs/docs/guides/providers/email-http-api.md

@@ -17,15 +17,15 @@ We will also refer to the [Prisma Adapter](/reference/adapter/prisma). A [databa
 
 ## Setup
 
-First, if you do not have a project using Auth.js, clone and set up a basic Auth.js project like the one [provided in](https://github.com/nextauthjs/next-auth-example.git) our example repo](https://github.com/nextauthjs/next-auth-example.git).
+First, if you do not have a project using Auth.js, clone and set up a basic Auth.js project like the one [provided in our example repo](https://github.com/nextauthjs/next-auth-example).
 
 - Install the [Prisma Adapter](/reference/adapter/prisma)
 - Generate an API key from your cloud Email provider of choice and add it to your `.env.*` file. For example, mine is going to be called `SENDGRID_API`
 - Add the following configuration to your configuration file:
 
-```js title="pages/api/auth/[...nextauth].ts"
+```js title="auth.ts"
 import NextAuth, { NextAuthOptions } from "next-auth"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
+import { PrismaAdapter } from "@auth/prisma-adapter"
 import { PrismaClient } from "@prisma/client"
 
 const prisma = new PrismaClient()
@@ -42,16 +42,15 @@ export const authOptions: NextAuthOptions = {
   ],
 }
 
-export default NextAuth(authOptions)
 ```
 
 Next, all that's left to do is call the HTTP endpoint from our cloud email provider and pass it the required metadata like the `to` address, the email `body`, and any other fields we may need to include.
 
 As mentioned earlier, we're going to be using SendGrid in this example, so the appropriate endpoint is `https://api.sendgrid.com/v3/mail/send` ([more info](https://docs.sendgrid.com/for-developers/sending-email/api-getting-started)). Therefore, we're going to pull out some of the important information from the `params` argument and use it in a `fetch()` call to the previously mentioned SendGrid API.
 
-```js title="pages/api/auth/[...nextauth].ts"
+```js title="auth.ts"
 import NextAuth, { NextAuthOptions } from "next-auth"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
+import { PrismaAdapter } from "@auth/prisma-adapter"
 import { PrismaClient } from "@prisma/client"
 
 const prisma = new PrismaClient()

docs/docs/guides/providers/email-provider.md

@@ -46,7 +46,7 @@ Create an `.env` file to the root of your project and add the connection string
 
 Now you can add the email provider like this:
 
-```js {3} title="pages/api/auth/[...nextauth].js"
+```js {3} title="auth.js"
 import EmailProvider from "next-auth/providers/email";
 ...
 providers: [
@@ -71,7 +71,7 @@ EMAIL_FROM=noreply@example.com
 
 Now you can add the provider settings to the NextAuth options object in the Email Provider.
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 import EmailProvider from "next-auth/providers/email";
 ...
 providers: [
@@ -101,7 +101,7 @@ You can fully customize the sign in email that is sent by passing a custom funct
 
 e.g.
 
-```js {3} title="pages/api/auth/[...nextauth].js"
+```js {3} title="auth.js"
 import EmailProvider from "next-auth/providers/email";
 ...
 providers: [
@@ -206,7 +206,7 @@ If you want to generate great looking email client compatible HTML with React, c
 
 By default, we are generating a random verification token. You can define a `generateVerificationToken` method in your provider options if you want to override it:
 
-```js title="pages/api/auth/[...nextauth].js"
+```js title="auth.js"
 providers: [
   EmailProvider({
     async generateVerificationToken() {

docs/docs/reference/index.md

@@ -4,29 +4,30 @@ title: Overview
 
 This section of the documentation contains the API reference for all the official packages under the `@auth/*` and `@next-auth/*` scopes.
 
-:::warning Warning
-The API reference is being migrated from the [old documentation page](https://next-auth.js.org), so there are going to be references to `next-auth` still. We are continuously working on updating the naming/references.
-:::
-
 ## Roadmap
 
-Here are the _currently_ planned and released packages under the `@auth/*` scope. This is not an exhaustive list, but the set of packages that we would like to focus on to begin with.
+Here are the _state_ of planned and released packages under the `@auth/*` scope. This is not an exhaustive list, but the set of packages that we would like to focus on, to begin with.
 
-|       Feature       |  Status  |
-| ------------------- | -------- |
-| `@auth/nextjs`      | Planned  |
-| `@auth/*-adapter`   | Planned  |
-| `@auth/core`        | Experimental |
-| `@auth/sveltekit`   | Experimental |
-| `@auth/solid-start` | Experimental |
+|        Feature         |  Status  |
+| ---------------------- | -------- |
+| `@auth/*-adapter`      | Released (stable). Fully compatible with `next-auth` and all `@auth/*` libraries.   |
+| `@next-auth/*-adapter` | Maintenance has stopped. Update to `@auth/*-adapter`. See above.  |
+| `@auth/core`           | Released (experimental). |
+| `@auth/sveltekit`      | Released (experimental, [help needed](#help-needed)). |
+| `@auth/solid-start`    | Released (experimental, [help needed](#help-needed)). Community package: [`@solid-mediakit/auth`](https://www.npmjs.com/package/@solid-mediakit/auth) |
+| `@auth/express`        | [Planned](https://github.com/nextauthjs/next-auth/issues/8257). |
+| `@auth/remix`          | Planned, [help needed](#help-needed). |
+| `@auth/astro`          | Planned, [help needed](#help-needed). |
+| `@auth/nuxt`           | Planned, [help needed](#help-needed). Community packages: [`@sidebase/nuxt-auth`](https://github.com/sidebase/nuxt-auth), [`@hebilicious/authjs-nuxt`](https://authjs-nuxt.pages.dev/) |
 
-### Community Packages
-
-While we are migrating the documentation and working on stabilizing the core package, the community has been working on some packages that are already available. With collaboration, we hope to make these packages official in the future.
-
-:::note
-If you are a maintainer of a package, [reach out](https://twitter.com/balazsorban44) if you want to collaborate on making it official or open a PR to add it to the list below, so others can discover it more easily.
+:::info
+`next-auth` is still the official package for Next.js. The documentation is at [next-auth.js.org](https://next-auth.js.org), while guides are being migrated over to the new documentation page. A major refactor of `next-auth` is on the way, you can [follow this PR](https://github.com/nextauthjs/next-auth/pull/7443) for updates.
 :::
 
-- ...
-- ...
+### Help needed
+
+In case you are a maintainer of a package that uses `@auth/core`, feel free to [reach out to Balázs](https://twitter.com/balazsorban44), if you want to collaborate on making it an official package, maintained in our repository. If you are interested in bringing `@auth/core` support to your favorite framework, we would love to hear from you!
+
+#### Community Packages
+
+While we are migrating the documentation and working on stabilizing the core package, the community has been working on some packages that are already available. With collaboration, we hope to make these packages official in the future.

docs/docs/reference/nextjs/client.md

@@ -1,7 +0,0 @@
----
-title: Client
----
-
-:::warning WIP
-`@auth/nextjs/client` is work in progress. For now, please use [NextAuth.js Client API](https://next-auth.js.org/getting-started/client).
-:::

docs/docs/reference/nextjs/index.md

@@ -1,7 +0,0 @@
----
-title: Next.js Auth
----
-
-:::warning WIP
-`@auth/nextjs` is work in progress. For now, please use [NextAuth.js](https://next-auth.js.org).
-:::

docs/docusaurus.config.js

@@ -213,7 +213,25 @@ const docusaurusConfig = {
           breadcrumbs: false,
           routeBasePath: "/",
           sidebarPath: require.resolve("./sidebars.js"),
-          editUrl: "https://github.com/nextauthjs/next-auth/edit/main/docs",
+          /**
+           *
+           * @param {{
+           *  version: string;
+           *  versionDocsDirPath: string;
+           *  docPath: string;
+           *  permalink: string;
+           *  locale: string;
+           *}} params
+           */
+          editUrl({ docPath }) {
+            // TODO: support other packages, fix directory links like "providers"
+            if (docPath.includes("reference/core")) {
+              const file = docPath.split("reference/core/")[1].replace(".md", ".ts").replace("_", "/")
+              const base = `https://github.com/nextauthjs/next-auth/edit/main/packages/core/src/${file}`
+              return base
+            }
+            return "https://github.com/nextauthjs/next-auth/edit/main/docs"
+          },
           lastVersion: "current",
           showLastUpdateAuthor: true,
           showLastUpdateTime: true,

docs/package.json

@@ -27,15 +27,15 @@
     "styled-components": "5.3.6"
   },
   "devDependencies": {
-    "@docusaurus/core": "2.3.1",
-    "@docusaurus/eslint-plugin": "2.3.1",
-    "@docusaurus/module-type-aliases": "2.3.1",
-    "@docusaurus/preset-classic": "2.3.1",
-    "@docusaurus/theme-common": "2.3.1",
-    "@docusaurus/theme-mermaid": "2.3.1",
-    "@docusaurus/types": "2.3.1",
+    "@docusaurus/core": "2.4.1",
+    "@docusaurus/eslint-plugin": "2.4.1",
+    "@docusaurus/module-type-aliases": "2.4.1",
+    "@docusaurus/preset-classic": "2.4.1",
+    "@docusaurus/theme-common": "2.4.1",
+    "@docusaurus/theme-mermaid": "2.4.1",
+    "@docusaurus/types": "2.4.1",
     "docusaurus-plugin-typedoc": "1.0.0-next.5",
-    "typedoc": "^0.24.4",
+    "typedoc": "^0.24.8",
     "typedoc-plugin-markdown": "4.0.0-next.6"
   },
   "browserslist": {

docs/sidebars.js

@@ -34,17 +34,9 @@ module.exports = {
       items: [{ type: "autogenerated", dirName: "reference/solidstart" }],
     },
     {
-      type: "category",
-      label: "@auth/nextjs",
-      link: { type: "doc", id: "reference/nextjs/index" },
-      items: [
-        "reference/nextjs/client",
-        {
-          type: "link",
-          label: "NextAuth.js (next-auth)",
-          href: "https://next-auth.js.org",
-        },
-      ],
+      type: "link",
+      label: "NextAuth.js (next-auth)",
+      href: "https://next-auth.js.org",
     },
     ...(process.env.TYPEDOC_SKIP_ADAPTERS
       ? []

package.json

@@ -6,7 +6,7 @@
   "scripts": {
     "build:app": "turbo run build --filter=next-auth-app",
     "build:docs": "turbo run build --filter=docs",
-    "build": "turbo run build --filter=next-auth --filter=@next-auth/* --filter=@auth/* --no-deps",
+    "build": "turbo run build --filter=next-auth --filter=@auth/* --no-deps",
     "test": "turbo run test --concurrency=1 --filter=[HEAD^1] --filter=./packages/* --filter=!@*upstash* --filter=!*dynamodb-* --filter=!*app*",
     "clean": "turbo run clean --no-cache",
     "dev:db": "turbo run dev --parallel --continue --filter=next-auth-app...",
@@ -43,13 +43,13 @@
     "eslint-plugin-svelte3": "^4.0.0",
     "prettier": "2.8.1",
     "prettier-plugin-svelte": "^2.8.1",
-    "turbo": "^1.10.3",
-    "typescript": "4.9.4"
+    "turbo": "^1.10.12",
+    "typescript": "5.2.2"
   },
   "engines": {
     "node": "^16.13.0 || ^18.12.0"
   },
-  "packageManager": "pnpm@7.23.0",
+  "packageManager": "pnpm@8.7.1",
   "funding": [
     {
       "type": "github",

packages/adapter-dgraph/package.json

@@ -41,13 +41,13 @@
     "test": "./tests/test.sh"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/jest": "^26.0.24",
     "@types/jsonwebtoken": "^8.5.5",
-    "@types/node-fetch": "^2.5.11",
     "jest": "^27.4.3",
     "ts-jest": "^27.0.3",
+    "typescript": "5.2.2",
     "undici": "5.22.1"
   },
   "dependencies": {
@@ -55,6 +55,6 @@
     "jsonwebtoken": "^8.5.1"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-dgraph/tests/index.test.ts

@@ -1,7 +1,7 @@
 import { DgraphAdapter, format } from "../src"
 import { client as dgraphClient } from "../src/lib/client"
 import * as fragments from "../src/lib/graphql/fragments"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import fs from "fs"
 import path from "path"
 

packages/adapter-dgraph/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-drizzle/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/drizzle-adapter",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Drizzle adapter for Auth.js.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -11,8 +11,8 @@
   "type": "module",
   "types": "./index.d.ts",
   "files": [
-    "*.js",
     "*.d.ts*",
+    "*.js",
     "lib",
     "src"
   ],
@@ -48,8 +48,8 @@
     "@auth/core": "workspace:*"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/better-sqlite3": "^7.6.4",
     "@types/uuid": "^8.3.3",
     "better-sqlite3": "^8.4.0",
@@ -60,6 +60,6 @@
     "postgres": "^3.3.4"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-drizzle/src/index.ts

@@ -16,19 +16,14 @@
  * @module @auth/drizzle-adapter
  */
 
-import { MySqlTableFn } from "drizzle-orm/mysql-core/index.js"
-import { PgTableFn } from "drizzle-orm/pg-core/index.js"
-import { SQLiteTableFn } from "drizzle-orm/sqlite-core/index.js"
+import { MySqlDatabase, MySqlTableFn } from "drizzle-orm/mysql-core"
+import { PgDatabase, PgTableFn } from "drizzle-orm/pg-core"
+import { BaseSQLiteDatabase, SQLiteTableFn } from "drizzle-orm/sqlite-core"
 import { mySqlDrizzleAdapter } from "./lib/mysql.js"
 import { pgDrizzleAdapter } from "./lib/pg.js"
 import { SQLiteDrizzleAdapter } from "./lib/sqlite.js"
-import {
-  isMySqlDatabase,
-  isPgDatabase,
-  isSQLiteDatabase,
-  SqlFlavorOptions,
-  TableFn,
-} from "./lib/utils.js"
+import { SqlFlavorOptions, TableFn } from "./lib/utils.js"
+import { is } from "drizzle-orm"
 
 import type { Adapter } from "@auth/core/adapters"
 
@@ -260,18 +255,15 @@ export function DrizzleAdapter<SqlFlavor extends SqlFlavorOptions>(
   db: SqlFlavor,
   table?: TableFn<SqlFlavor>
 ): Adapter {
-  if (isMySqlDatabase(db)) {
-    // We need to cast to unknown since the type overlaps (PScale is MySQL based)
+  if (is(db, MySqlDatabase)) {
     return mySqlDrizzleAdapter(db, table as MySqlTableFn)
-  }
-
-  if (isPgDatabase(db)) {
+  } else if (is(db, PgDatabase)) {
     return pgDrizzleAdapter(db, table as PgTableFn)
-  }
-
-  if (isSQLiteDatabase(db)) {
+  } else if (is(db, BaseSQLiteDatabase)) {
     return SQLiteDrizzleAdapter(db, table as SQLiteTableFn)
   }
 
-  throw new Error("Unsupported database type in Auth.js Drizzle adapter.")
+  throw new Error(
+    `Unsupported database type (${typeof db}) in Auth.js Drizzle adapter.`
+  )
 }

packages/adapter-drizzle/src/lib/mysql.ts

@@ -6,10 +6,10 @@ import {
   primaryKey,
   varchar,
   MySqlTableFn,
+  MySqlDatabase,
 } from "drizzle-orm/mysql-core"
 
 import type { Adapter, AdapterAccount } from "@auth/core/adapters"
-import type { MySql2Database } from "drizzle-orm/mysql2"
 
 export function createTables(mySqlTable: MySqlTableFn) {
   const users = mySqlTable("user", {
@@ -77,7 +77,7 @@ export function createTables(mySqlTable: MySqlTableFn) {
 export type DefaultSchema = ReturnType<typeof createTables>
 
 export function mySqlDrizzleAdapter(
-  client: MySql2Database<Record<string, never>>,
+  client: InstanceType<typeof MySqlDatabase>,
   tableFn = defaultMySqlTableFn
 ): Adapter {
   const { users, accounts, sessions, verificationTokens } =
@@ -164,10 +164,7 @@ export function mySqlDrizzleAdapter(
         .then((res) => res[0])
     },
     async linkAccount(rawAccount) {
-      await client
-        .insert(accounts)
-        .values(rawAccount)
-        .then((res) => res[0])
+      await client.insert(accounts).values(rawAccount)
     },
     async getUserByAccount(account) {
       const dbAccount =

packages/adapter-drizzle/src/lib/pg.ts

@@ -6,9 +6,9 @@ import {
   primaryKey,
   integer,
   PgTableFn,
+  PgDatabase,
 } from "drizzle-orm/pg-core"
 
-import type { PostgresJsDatabase } from "drizzle-orm/postgres-js"
 import type { Adapter, AdapterAccount } from "@auth/core/adapters"
 
 export function createTables(pgTable: PgTableFn) {
@@ -68,7 +68,7 @@ export function createTables(pgTable: PgTableFn) {
 export type DefaultSchema = ReturnType<typeof createTables>
 
 export function pgDrizzleAdapter(
-  client: PostgresJsDatabase<Record<string, never>>,
+  client: InstanceType<typeof PgDatabase>,
   tableFn = defaultPgTableFn
 ): Adapter {
   const { users, accounts, sessions, verificationTokens } =

packages/adapter-drizzle/src/lib/sqlite.ts

@@ -67,7 +67,7 @@ export function createTables(sqliteTable: SQLiteTableFn) {
 export type DefaultSchema = ReturnType<typeof createTables>
 
 export function SQLiteDrizzleAdapter(
-  client: BaseSQLiteDatabase<any, any>,
+  client: InstanceType<typeof BaseSQLiteDatabase>,
   tableFn = defaultSqliteTableFn
 ): Adapter {
   const { users, accounts, sessions, verificationTokens } =

packages/adapter-drizzle/src/lib/utils.ts

@@ -39,17 +39,3 @@ export type TableFn<Flavor> = Flavor extends AnyMySqlDatabase
   : Flavor extends AnySQLiteDatabase
   ? SQLiteTableFn
   : AnySQLiteTable
-
-export function isMySqlDatabase(
-  db: any
-): db is MySqlDatabase<any, any, any, any> {
-  return db instanceof MySqlDatabase
-}
-
-export function isPgDatabase(db: any): db is PgDatabase<any, any, any> {
-  return db instanceof PgDatabase
-}
-
-export function isSQLiteDatabase(db: any): db is AnySQLiteDatabase {
-  return db instanceof BaseSQLiteDatabase
-}

packages/adapter-drizzle/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-dynamodb/package.json

@@ -49,12 +49,12 @@
   "devDependencies": {
     "@aws-sdk/client-dynamodb": "^3.36.1",
     "@aws-sdk/lib-dynamodb": "^3.36.1",
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@shelf/jest-dynamodb": "^2.1.0",
     "jest": "^27.4.3"
   },
   "dependencies": {
     "@auth/core": "workspace:*"
   }
-}
+}

packages/adapter-dynamodb/tests/index.test.ts

@@ -1,7 +1,7 @@
 import { DynamoDB } from "@aws-sdk/client-dynamodb"
 import { DynamoDBDocument } from "@aws-sdk/lib-dynamodb"
 import { DynamoDBAdapter } from "../src"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { format } from "../src/"
 const config = {
   endpoint: "http://127.0.0.1:8000",

packages/adapter-dynamodb/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-fauna/package.json

@@ -51,12 +51,12 @@
   },
   "devDependencies": {
     "@fauna-labs/fauna-schema-migrate": "^2.1.3",
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "faunadb": "^4.3.0",
     "jest": "^27.4.3"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-fauna/tests/index.test.ts

@@ -1,5 +1,5 @@
 import { collections, FaunaAdapter, format, indexes, query } from "../src"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { Client as FaunaClient, Get, Match, Ref } from "faunadb"
 
 const client = new FaunaClient({

packages/adapter-fauna/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-firebase/package.json

@@ -48,10 +48,10 @@
     "firebase-admin": "^11.4.1"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "firebase-admin": "^11.4.1",
     "firebase-tools": "^11.16.1",
     "jest": "^29.3.1"
   }
-}
+}

packages/adapter-firebase/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 
 import { FirestoreAdapter, type FirebaseAdapterConfig } from "../src"
 import {

packages/adapter-firebase/tests/jest.config.js

@@ -1,4 +1,4 @@
-import config from "@next-auth/adapter-test/jest/jest-preset.js"
+import config from "@auth/adapter-test/jest/jest-preset.js"
 
 //TODO: update rest of the packages to Jest 29+
 const {testURL, ...rest} = config

packages/adapter-firebase/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-kysely/package.json

@@ -40,8 +40,8 @@
     "kysely": "^0.26.1"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/better-sqlite3": "^7.6.3",
     "@types/pg": "^8.6.5",
     "better-sqlite3": "^8.2.0",
@@ -51,6 +51,6 @@
     "pg": "^8.10.0"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-kysely/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { Pool } from "pg"
 import {
   Kysely,

packages/adapter-kysely/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-mikro-orm/package.json

@@ -46,14 +46,14 @@
   "devDependencies": {
     "@mikro-orm/core": "^5",
     "@mikro-orm/sqlite": "^5",
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "jest": "^29"
   },
   "dependencies": {
     "@auth/core": "workspace:*"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-mikro-orm/tests/entities.test.ts

@@ -13,7 +13,7 @@ import {
   Options,
   types,
 } from "@mikro-orm/core"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 
 globalThis.crypto ??= require("node:crypto").webcrypto
 

packages/adapter-mikro-orm/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-mongodb/package.json

@@ -45,12 +45,12 @@
     "mongodb": "^5 || ^4"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "jest": "^27.4.3",
     "mongodb": "^5.1.0"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-mongodb/tests/custom.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { defaultCollections, format, MongoDBAdapter, _id } from "../src"
 import { MongoClient } from "mongodb"
 const name = "custom-test"

packages/adapter-mongodb/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { defaultCollections, format, MongoDBAdapter, _id } from "../src"
 import { MongoClient } from "mongodb"
 

packages/adapter-mongodb/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-neo4j/package.json

@@ -44,8 +44,8 @@
     "neo4j-driver": "^4.0.0 || ^5.7.0"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/uuid": "^8.3.3",
     "jest": "^27.4.3",
     "neo4j-driver": "^5.7.0"
@@ -54,6 +54,6 @@
     "@auth/core": "workspace:*"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-neo4j/tests/index.test.ts

@@ -1,5 +1,5 @@
 import * as neo4j from "neo4j-driver"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import statements from "./resources/statements"
 
 import { Neo4jAdapter, format } from "../src"

packages/adapter-neo4j/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-pouchdb/package.json

@@ -45,8 +45,8 @@
     "@auth/core": "workspace:*"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/pouchdb": "^6.4.0",
     "jest": "^27.4.3",
     "pouchdb": "^8.0.1",
@@ -54,6 +54,6 @@
     "pouchdb-find": "^8.0.1"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-pouchdb/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import {
   createIndexes,
   PouchDBAdapter,

packages/adapter-pouchdb/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-prisma/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/prisma-adapter",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Prisma adapter for Auth.js",
   "homepage": "https://authjs.dev/reference/adapter/prisma",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -51,17 +51,17 @@
     "@auth/core": "workspace:*"
   },
   "peerDependencies": {
-    "@prisma/client": ">=2.26.0 || >=3 || >=4"
+    "@prisma/client": ">=2.26.0 || >=3 || >=4 || >=5"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
-    "@prisma/client": "^4.15.0",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
+    "@prisma/client": "^5.2.0",
     "jest": "^27.4.3",
     "mongodb": "^4.4.0",
-    "prisma": "^4.15.0"
+    "prisma": "^5.2.0"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
 }

packages/adapter-prisma/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { randomUUID, runBasicTests } from "@next-auth/adapter-test"
+import { randomUUID, runBasicTests } from "@auth/adapter-test"
 import { PrismaClient } from "@prisma/client"
 import { PrismaAdapter } from "../src"
 import { ObjectId } from "mongodb"

packages/adapter-prisma/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-sequelize/package.json

@@ -43,12 +43,12 @@
     "sequelize": "^6.6.5"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "jest": "^27.4.3",
     "sequelize": "^6.6.5"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-sequelize/tests/index.test.ts

@@ -1,5 +1,5 @@
 import { Sequelize, DataTypes } from "sequelize"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import SequelizeAdapter, { models } from "../src"
 
 const sequelize = new Sequelize({

packages/adapter-sequelize/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-supabase/package.json

@@ -42,12 +42,12 @@
     "@supabase/supabase-js": "^2.0.5"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:^0.0.0",
-    "@next-auth/tsconfig": "workspace:^0.0.0",
+    "@auth/adapter-test": "workspace:^0.0.0",
+    "@auth/tsconfig": "workspace:^0.0.0",
     "@supabase/supabase-js": "^2.0.5",
     "jest": "^27.4.3"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-supabase/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { format, SupabaseAdapter } from "../src"
 import { createClient } from "@supabase/supabase-js"
 import type {

packages/adapter-supabase/tests/test.sh

@@ -2,7 +2,7 @@
 
 # install Supabase CLI when run on CI
 if [ "$CI" = true ]; then
-	wget -q -O supabase.deb https://github.com/supabase/cli/releases/download/v0.29.0/supabase_0.29.0_linux_amd64.deb
+	wget -q -O supabase.deb https://github.com/supabase/cli/releases/download/v1.91.1/supabase_1.91.1_linux_amd64.deb
 	sudo dpkg -i supabase.deb
 fi
 
@@ -17,3 +17,4 @@ if npx jest; then
 else
 	supabase stop && exit 1
 fi
+

packages/adapter-supabase/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-test/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "@next-auth/adapter-test",
+  "name": "@auth/adapter-test",
   "version": "0.0.0",
   "repository": "https://github.com/nextauthjs/next-auth.git",
   "contributors": [
@@ -21,6 +21,6 @@
     "@types/nodemailer": "^6.4.4",
     "jest": "^29.5.0",
     "ts-jest": "^27.0.3",
-    "typescript": "^4.2.4"
+    "typescript": "5.2.2"
   }
 }

packages/adapter-typeorm/package.json

@@ -50,8 +50,8 @@
     "@auth/core": "workspace:*"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "jest": "^27.4.3",
     "mssql": "^7.2.1",
     "mysql": "^2.18.1",
@@ -59,7 +59,7 @@
     "sqlite3": "^5.0.8",
     "typeorm": "0.3.15",
     "typeorm-naming-strategies": "^4.1.0",
-    "typescript": "^4.7.4"
+    "typescript": "5.2.2"
   },
   "peerDependencies": {
     "mssql": "^6.2.1 || 7",
@@ -83,6 +83,6 @@
     }
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-typeorm/tests/helpers.ts

@@ -1,6 +1,6 @@
 import { DataSource } from "typeorm"
 import type { DataSourceOptions } from "typeorm"
-import type { TestOptions } from "@next-auth/adapter-test"
+import type { TestOptions } from "@auth/adapter-test"
 import * as defaultEntities from "../src/entities"
 import { parseDataSourceConfig } from "../src/utils"
 

packages/adapter-typeorm/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-upstash-redis/package.json

@@ -44,8 +44,8 @@
     "@upstash/redis": "^1.0.1"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:*",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/adapter-test": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/uuid": "^8.3.3",
     "@upstash/redis": "^1.0.1",
     "dotenv": "^10.0.0",
@@ -54,6 +54,6 @@
     "next-auth": "workspace:*"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-upstash-redis/tests/index.test.ts

@@ -1,6 +1,6 @@
 import "isomorphic-fetch"
 import { Redis } from "@upstash/redis"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import { hydrateDates, UpstashRedisAdapter } from "../src"
 import "dotenv/config"
 

packages/adapter-upstash-redis/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/adapter-xata/package.json

@@ -43,13 +43,13 @@
     "@xata.io/client": ">=0.13.0"
   },
   "devDependencies": {
-    "@next-auth/adapter-test": "workspace:^0.0.0",
-    "@next-auth/tsconfig": "workspace:^0.0.0",
+    "@auth/adapter-test": "workspace:^0.0.0",
+    "@auth/tsconfig": "workspace:^0.0.0",
     "jest": "^27.4.3",
     "@xata.io/client": "^0.13.0",
-    "typescript": "^4.7.4"
+    "typescript": "5.2.2"
   },
   "jest": {
-    "preset": "@next-auth/adapter-test/jest"
+    "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-xata/tests/index.test.ts

@@ -1,5 +1,5 @@
 import "isomorphic-fetch"
-import { runBasicTests } from "@next-auth/adapter-test"
+import { runBasicTests } from "@auth/adapter-test"
 import "dotenv/config"
 import { XataClient } from "../src/xata"
 import { XataAdapter } from "../src"

packages/adapter-xata/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/core",
-  "version": "0.11.1",
+  "version": "0.13.0",
   "description": "Authentication for the Web.",
   "keywords": [
     "authentication",
@@ -84,7 +84,7 @@
     "providers": "node scripts/generate-providers"
   },
   "devDependencies": {
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@types/cookie": "0.5.1",
     "@types/node": "18.11.10",
     "@types/nodemailer": "6.4.6",

packages/core/src/index.ts

@@ -38,7 +38,7 @@
 
 import { assertConfig } from "./lib/assert.js"
 import { ErrorPageLoop } from "./errors.js"
-import { AuthInternal, skipCSRFCheck } from "./lib/index.js"
+import { AuthInternal, raw, skipCSRFCheck } from "./lib/index.js"
 import renderPage from "./lib/pages/index.js"
 import { logger, setLogger, type LoggerInstance } from "./lib/utils/logger.js"
 import { toInternalRequest, toResponse } from "./lib/web.js"
@@ -54,7 +54,7 @@ import type {
 import type { Provider } from "./providers/index.js"
 import { JWTOptions } from "./jwt.js"
 
-export { skipCSRFCheck }
+export { skipCSRFCheck, raw }
 
 /**
  * Core functionality provided by Auth.js.
@@ -137,6 +137,9 @@ export async function Auth(
 
   const internalResponse = await AuthInternal(internalRequest, config)
 
+  // @ts-expect-error TODO: Fix return type
+  if (config.raw === raw) return internalResponse
+
   const response = await toResponse(internalResponse)
 
   // If the request expects a return URL, send it as JSON
@@ -337,6 +340,7 @@ export interface AuthConfig {
   /** @todo */
   trustHost?: boolean
   skipCSRFCheck?: typeof skipCSRFCheck
+  raw?: typeof raw
   /**
    * When set, during an OAuth sign-in flow,
    * the `redirect_uri` of the authorization request

packages/core/src/lib/index.ts

@@ -208,3 +208,14 @@ export async function AuthInternal<
  * passing this value to {@link AuthConfig.skipCSRFCheck}.
  */
 export const skipCSRFCheck = Symbol("skip-csrf-check")
+
+/**
+ * :::danger
+ * This option is intended for framework authors.
+ * :::
+ *
+ * Auth.js returns a web standard {@link Response} by default, but
+ * if you are implementing a framework you might want to get access to the raw internal response
+ * by passing this value to {@link AuthConfig.raw}.
+ */
+export const raw = Symbol("return-type-raw")

packages/core/src/lib/web.ts

@@ -35,7 +35,7 @@ export async function toInternalRequest(
     const url = new URL(req.url.replace(/\/$/, ""))
     // FIXME: Upstream issue in Next.js, pathname segments get included as part of the query string
     url.searchParams.delete("nextauth")
-    const { pathname } = url
+    const pathname = url.pathname.replace(/\/$/, "")
 
     const action = actions.find((a) => pathname.includes(a))
     if (!action) {

packages/core/src/providers/azure-devops.ts

@@ -0,0 +1,180 @@
+import { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+/** @see [Azure DevOps Services REST API 7.0 · Profiles · Get](https://learn.microsoft.com/en-us/rest/api/azure/devops/profile/profiles/get?view=azure-devops-rest-7.0&tabs=HTTP#examples) */
+export interface AzureDevOpsProfile extends Record<string, any> {
+  id: string
+  displayName: string
+  emailAddress: string
+  coreAttributes: { Avatar: { value: { value: string } } }
+}
+
+/**
+ * ## Documentation
+ *
+ * [Microsoft Docs](https://docs.microsoft.com/en-us) · [Azure DevOps](https://docs.microsoft.com/en-us/azure/devops/) · [Authorize access to REST APIs with OAuth 2.0](https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops])
+ *
+ * ## Configuration
+ *
+ * ### Register application
+ *
+ * :::tip
+ * [`https://app.vsaex.visualstudio.com/app/register`](https://app.vsaex.visualstudio.com/app/register)
+ * :::
+ *
+ * Provide the required details:
+ *
+ * - Company name
+ * - Application name
+ * - Application website
+ * - Authorization callback URL
+ *   - `https://example.com/api/auth/callback/azure-devops` for production
+ *   - `https://localhost/api/auth/callback/azure-devops` for development
+ * - Authorized scopes
+ *   - Required minimum is `User profile (read)`
+ *
+ * Click ‘Create Application’
+ *
+ * :::warning
+ * You are required to use HTTPS even for the localhost
+ * :::
+ *
+ * :::warning
+ * You will have to delete and create a new application to change the scopes later
+ * :::
+ *
+ * The following data is relevant for the next step:
+ *
+ * - App ID
+ * - Client Secret (after clicking the ‘Show’ button, ignore App Secret entry above it)
+ * - Authorized Scopes
+ *
+ * ### Set up the environment variables
+ *
+ * In `.env.local` create the following entries:
+ *
+ * ```
+ * AZURE_DEVOPS_APP_ID=<copy App ID value here>
+ * AZURE_DEVOPS_CLIENT_SECRET=<copy generated client secret value here>
+ * AZURE_DEVOPS_SCOPE=<copy space separated Authorized Scopes list here>
+ * ```
+ *
+ * ## Example
+ *
+ * ```js title="pages/api/auth/[...nextauth].js"
+ * import AzureDevOpsProvider from "next-auth/providers/azure-devops"
+ * ...
+ * providers: [
+ *   AzureDevOpsProvider({
+ *     clientId: process.env.AZURE_DEVOPS_APP_ID,
+ *     clientSecret: process.env.AZURE_DEVOPS_CLIENT_SECRET,
+ *     scope: process.env.AZURE_DEVOPS_SCOPE,
+ *   }),
+ * ]
+ * ...
+ * ```
+ *
+ * ### Refresh token rotation
+ *
+ * Use the [main guide](/guides/basics/refresh-token-rotation) as your starting point with the following considerations:
+ *
+ * ```js title="pages/api/auth/[...nextauth].js"
+ * async jwt({ token, user, account }) {
+ *   ...
+ *   // The token has an absolute expiration time
+ *   const accessTokenExpires = account.expires_at * 1000
+ *   ...
+ * }
+ *
+ * async function refreshAccessToken(token) {
+ *   ...
+ *   const response = await fetch(
+ *     "https://app.vssps.visualstudio.com/oauth2/token",
+ *     {
+ *       headers: { "Content-Type": "application/x-www-form-urlencoded" },
+ *       method: "POST",
+ *       body: new URLSearchParams({
+ *         client_assertion_type:
+ *           "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+ *         client_assertion: AZURE_DEVOPS_CLIENT_SECRET,
+ *         grant_type: "refresh_token",
+ *         assertion: token.refreshToken,
+ *         redirect_uri:
+ *           process.env.NEXTAUTH_URL + "/api/auth/callback/azure-devops",
+ *       }),
+ *     }
+ *   )
+ *   ...
+ *   // The refreshed token comes with a relative expiration time
+ *   const accessTokenExpires = Date.now() + newToken.expires_in * 1000
+ *   ...
+ * }
+ * ```
+ */
+export default function AzureDevOpsProvider<P extends AzureDevOpsProfile>(
+  options: OAuthUserConfig<P> & {
+    /**
+     * https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#scopes
+     * @default vso.profile
+     */
+    scope?: string
+  }
+): OAuthConfig<P> {
+  const scope = options.scope ?? "vso.profile"
+  const tokenEndpointUrl = "https://app.vssps.visualstudio.com/oauth2/authorize"
+  const userInfoEndpointUrl =
+    "https://app.vssps.visualstudio.com/_apis/profile/profiles/me?details=true&coreAttributes=Avatar&api-version=6.0"
+
+  return {
+    id: "azure-devops",
+    name: "Azure DevOps",
+    type: "oauth",
+
+    authorization: {
+      url: "https://app.vssps.visualstudio.com/oauth2/authorize",
+      params: { response_type: "Assertion", scope },
+    },
+
+    token: {
+      url: tokenEndpointUrl,
+      async request(context) {
+        const response = await fetch(tokenEndpointUrl, {
+          headers: { "Content-Type": "application/x-www-form-urlencoded" },
+          method: "POST",
+          body: new URLSearchParams({
+            client_assertion_type:
+              "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+            client_assertion: context.provider.clientSecret as string,
+            grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+            assertion: context.params.code as string,
+            redirect_uri: context.provider.callbackUrl,
+          }),
+        })
+        return { tokens: await response.json() }
+      },
+    },
+
+    userinfo: {
+      url: userInfoEndpointUrl,
+      async request(context) {
+        const accessToken = context.tokens.access_token as string
+        const response = await fetch(userInfoEndpointUrl, {
+          headers: {
+            Authorization: `Bearer ${accessToken}`,
+          },
+        })
+        return response.json()
+      },
+    },
+
+    profile(profile) {
+      return {
+        id: profile.id,
+        name: profile.displayName,
+        email: profile.emailAddress,
+        image: `data:image/jpeg;base64,${profile.coreAttributes.Avatar.value.value}`,
+      }
+    },
+
+    options,
+  }
+}

packages/core/src/providers/linkedin.ts

@@ -10,23 +10,11 @@
  */
 import type { OAuthConfig, OAuthUserConfig } from "./index.js"
 
-interface Identifier {
-  identifier: string
-}
-
-interface Element {
-  identifiers?: Identifier[]
-}
-
-export interface LinkedInProfile extends Record<string, any> {
-  id: string
-  localizedFirstName: string
-  localizedLastName: string
-  profilePicture: {
-    "displayImage~": {
-      elements?: Element[]
-    }
-  }
+export interface LinkedInProfile {
+  sub: string
+  name: string
+  email: string
+  picture: string
 }
 
 /**
@@ -83,36 +71,10 @@ export default function LinkedIn<P extends LinkedInProfile>(
   return {
     id: "linkedin",
     name: "LinkedIn",
-    type: "oauth",
-    authorization: {
-      url: "https://www.linkedin.com/oauth/v2/authorization",
-      params: { scope: "r_liteprofile r_emailaddress" },
-    },
-    token: "https://www.linkedin.com/oauth/v2/accessToken",
+    type: "oidc",
     client: {
       token_endpoint_auth_method: "client_secret_post",
     },
-    userinfo: {
-      url: "https://api.linkedin.com/v2/me",
-      params: {
-        projection: `(id,localizedFirstName,localizedLastName,profilePicture(displayImage~digitalmediaAsset:playableStreams))`,
-      },
-    },
-    async profile(profile, tokens) {
-      const emailResponse = await fetch(
-        "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))",
-        { headers: { Authorization: `Bearer ${tokens.access_token}` } }
-      )
-      const emailData = await emailResponse.json()
-      return {
-        id: profile.id,
-        name: `${profile.localizedFirstName} ${profile.localizedLastName}`,
-        email: emailData?.elements?.[0]?.["handle~"]?.emailAddress,
-        image:
-          profile.profilePicture?.["displayImage~"]?.elements?.[0]
-            ?.identifiers?.[0]?.identifier,
-      }
-    },
     style: {
       logo: "/linkedin.svg",
       logoDark: "/linkedin-dark.svg",

packages/core/tsconfig.json

@@ -1,12 +1,16 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "allowJs": true,
     "baseUrl": ".",
     "isolatedModules": true,
     "jsx": "react-jsx",
     "jsxImportSource": "preact",
-    "lib": ["dom", "dom.iterable", "esnext"],
+    "lib": [
+      "dom",
+      "dom.iterable",
+      "esnext"
+    ],
     "target": "ES2020",
     "module": "ESNext",
     "moduleResolution": "node",
@@ -18,6 +22,13 @@
     "declarationMap": true,
     "declaration": true
   },
-  "include": ["src/**/*"],
-  "exclude": ["*.js", "*.d.ts", "lib", "providers"]
-}
+  "include": [
+    "src/**/*"
+  ],
+  "exclude": [
+    "*.js",
+    "*.d.ts",
+    "lib",
+    "providers"
+  ]
+}

packages/frameworks-solid-start/package.json

@@ -35,7 +35,7 @@
     "solid-js": "^1.5.7",
     "solid-start": "^0.2.14",
     "tsup": "^6.5.0",
-    "typescript": "^4.8.2"
+    "typescript": "5.2.2"
   },
   "peerDependencies": {
     "@auth/core": "~0.2.2 || ^0.2.2",
@@ -50,4 +50,4 @@
   "author": "OrJDev <orjdeveloper@gmail.com>",
   "repository": "https://github.com/nextauthjs/next-auth",
   "license": "ISC"
-}
+}

packages/frameworks-sveltekit/package.json

@@ -40,7 +40,7 @@
     "svelte": "^3.54.0",
     "svelte-check": "^2.9.2",
     "tslib": "^2.4.1",
-    "typescript": "^4.9.3",
+    "typescript": "5.2.2",
     "vite": "^4.0.5",
     "vitest": "^0.25.3"
   },
@@ -69,4 +69,4 @@
     },
     "./package.json": "./package.json"
   }
-}
+}

packages/frameworks-sveltekit/tsconfig.json

@@ -8,11 +8,17 @@
     "resolveJsonModule": true,
     "skipLibCheck": true,
     "sourceMap": true,
-    "strict": true
+    "strict": true,
+    "ignoreDeprecations": "5.0" // TODO: https://github.com/sveltejs/kit/issues/8650
   },
   // Path aliases are handled by https://kit.svelte.dev/docs/configuration#alias
   //
   // If you want to overwrite includes/excludes, make sure to copy over the relevant includes/excludes
   // from the referenced tsconfig.json - TypeScript does not merge them in
-  "exclude": ["scripts", "*.js", "../node_modules/**", "./[!ambient.d.ts]**"]
-}
+  "exclude": [
+    "scripts",
+    "*.js",
+    "../node_modules/**",
+    "./[!ambient.d.ts]**"
+  ]
+}

packages/next-auth/package.json

@@ -95,7 +95,7 @@
     "@babel/preset-react": "^7.17.12",
     "@babel/preset-typescript": "^7.17.12",
     "@edge-runtime/jest-environment": "1.1.0-beta.35",
-    "@next-auth/tsconfig": "workspace:*",
+    "@auth/tsconfig": "workspace:*",
     "@swc/core": "^1.2.198",
     "@swc/jest": "^0.2.21",
     "@testing-library/dom": "^8.13.0",

packages/next-auth/tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@next-auth/tsconfig/tsconfig.base.json",
+  "extends": "@auth/tsconfig/tsconfig.base.json",
   "compilerOptions": {
     "declarationMap": true,
     "emitDeclarationOnly": true,