Users collection in Payload is intended to be used as application users?

default discord avatar
11 months ago

I'm developing an application that implements Next-Auth for user authentication. I want to implement Payload as CMS. Should I migrate my auth provider to Payload?

  • discord user avatar
    Payload Team
    11 months ago


    Payload's auth is 100% meant to be used for application users and we've done it a LOT
  • default discord avatar
    11 months ago

    I just run both repos. It's amazing how it works!!

    But now my question is: Is it possible to connect Payload with Next-auth?

    If not, is there any way to use different providers like google or github for authentication?

  • discord user avatar
    Payload Team
    11 months ago

    I haven't heard of anyone doing this yet, and honestly I haven't looked into Next Auth at all yet just because Payload can do it for us

    You can build your own google / github auth pattern but it's kinda tough tbh

    we maintain an Enterprise OAuth2.0 plugin which can be used in those contexts but that requires an enterprise license

  • default discord avatar
    3 months ago

    I'm part way into trying to get next-auth to work with Payload mainly because I started a NextJS project with a template that used Auth.js (

    ) - I was looking for something up to date, using the /app directory with Tailwind and Typescript.

    The Payload examples from the next-auth-frontend and template-ecommerce-nextjs are great and make sense so I don't know if I'm on a hiding to nothing with Auth.js and I should just pull it out and switch over. Are there any examples of NextJS with the /app directory and Payload?

    This is where I've got to with Auth.js treating Payload as a CredentialsProvider - the logon works and sets a next-auth.session-token (as long as there is a value in .env for NEXTAUTH_SECRET)

     // adding a credential provider to use PayloadCMS with email and password
          // name: "Credentials",
          // The name to display on the sign in form (e.g. 'Sign in with...')
          name: 'PayloadCMS',
          // `credentials` is used to generate a form on the sign in page.
          // You can specify which fields should be submitted, by adding keys to the `credentials` object.
          // e.g. domain, username, password, 2FA token, etc.
          // You can pass any HTML attribute to the <input> tag through the object.
          credentials: {
            email: {
              label: 'Email',
              type: 'text',
              value: '', // REMOVE!!
              placeholder: '',
            password: { label: 'Password', type: 'password' },
          async authorize(credentials, req) {
             // Auth to PayloadCMS using REST
            const res = await fetch(`${process.env.NEXT_PUBLIC_CMS_URL}/api/users/login`, {
              method: 'POST',
              credentials: 'include',
              headers: { 'Content-Type': 'application/json' },
              body: JSON.stringify(credentials),
            if (res.ok) {
              const { message, user, token, exp, errors } = await res.json()
              console.log(message, user)
              if (errors) throw new Error(errors[0].message)
              // setUser(data?.loginUser?.user)
              // setStatus('loggedIn')
              return user
            return null // shows error message
            // throw new Error('Invalid login')

    Looking at it a bit more I think next-auth (auth.js) is kind of fighting Payload because Payload already creates the JWT and adds it as a cookie so there is nothing really for AuthJS to do. It desn't make sense for next-auth/auth.js to be creating its own JWT

  • discord user avatar
    Payload Team
    3 months ago

    yeah i don't think we would ever need next-auth on top of payload honestly

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!


Connect with the Payload Community on Discord



Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.