Skip to content
Migrating from NextAuth.js v4? Read our migration guide.

providers/frontegg

Built-in sign in with Frontegg integration.

FronteggProfile

The returned user profile from Frontegg when using the profile callback. Reference.

Indexable

[claim: string]: unknown

Properties

email

email: string;

The user’s email

email_verified

email_verified: boolean;

A boolean indicating if the user’s email is verified

name

name: string;

The user’s name

profilePictureUrl

profilePictureUrl: string;

The user’s picture

roles

roles: string[];

The user’s roles

sub

sub: string;

The user’s unique Frontegg ID


default()

default(options): OIDCConfig<FronteggProfile>

Setup

Callback URL

https://example.com/api/auth/callback/frontegg

Configuration

import { Auth } from "@auth/core"
import Frontegg from "@auth/core/providers/frontegg"
 
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
    Frontegg({
      clientId: AUTH_FRONTEGG_ID,
      clientSecret: AUTH_FRONTEGG_SECRET,
      issuer: AUTH_FRONTEGG_ISSUER
    }),
  ],
})

Configuring Frontegg

Follow these steps:

Log into the Frontegg portal

Authentication > Login method > Hosted login > Add your callback url here <{{APP_URL}}/api/auth/callback/frontegg>

Then, create a .env.local file in the project root add the following entries:

Get the following from the Frontegg’s portal:

AUTH_FRONTEGG_ID="<Client ID>" # Environments > Your environment > Env settings
AUTH_FRONTEGG_SECRET="<API KEY>" # Environments > Your environment > Env settings
AUTH_FRONTEGG_ISSUER="<https://[YOUR_SUBDOMAIN].frontegg.com>" # Environments > Your environment > Env settings > Domains > Domain name

Resources

Notes

The Frontegg provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

By default, Auth.js assumes that the Frontegg provider is based on the OIDC spec

Help

If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Parameters

ParameterType
optionsOIDCUserConfig<FronteggProfile>

Returns

OIDCConfig<FronteggProfile>

Auth.js © Balázs Orbán and Team - 2025