I’m excited to announce that Better Auth is joining Vercel.
From the very beginning, this team has been our biggest inspiration and has always reflected many of the reasons we started working on Better Auth.
Vercel shares our commitment to keeping auth open source, framework and platform agnostic. Joining forces gives us more resources and room to focus on building the framework that much of the community relies on.
Together, we’ll also be able to invest more deeply in where auth is heading: a future where agents act on users’ behalf and need secure, scoped, and revocable access, while bringing these primitives across Vercel’s products.
I’m incredibly grateful to our community, everyone who inspired us in different ways and helped us get here.
Three years ago, I was building an open-source web analytics platform and I needed to add auth. Back then, whenever I started a project with Next.js, I’d reach for NextAuth. Most of the time, all I needed was “sign in with Google” and a simple user object, so it worked great.
But for that project, I needed organizations (multi-tenant): inviting teammates, roles, permissions, proper access control. I looked for something I could pull in and use alongside NextAuth, but nothing really existed. The options were to build it myself or use a third-party auth service.
It took me a couple of weeks to build organizations into the project and refactor everything around it, and I still wasn’t satisfied with the result. Shortly after, I started experimenting with next-org, a wrapper on top of NextAuth that would add organization support and document best practices. I kept hitting walls, the APIs never felt ergonomic, and I eventually gave up midway.
Then I kept running into the same problem everywhere.
I was working on a small Expo app, and adding OAuth with NextAuth felt nearly impossible. And later, I wanted to see if I could move a Next.js project to Svelte, but there was no “NextAuth for Svelte,” so the migration was painful.
Around that time, before AI became a daily topic and when the React-vs-everything debates flared up every other week, there was a recurring argument on X about whether we should be rolling our own auth or just use a service.
Most people seemed to want to own their auth. Almost every reason not to boiled down to “I don’t want to spend time building feature X.” So I started thinking about building a framework-agnostic auth framework with a simple core for everyday apps, extensible with plugins for any auth feature you need.
I came up with the name better-auth and made a promise to myself: if the package name was available on npm, that was my sign to build it.
Luckily, it was.
So I started working on it, on and off, for about 7 months, while also building adjacent libraries like better-fetch (which I needed for the Better Auth client) and better-call (a simple web server framework for the Better Auth backend). After rewriting the whole framework about four times, sweating the docs and what not, I posted a screenshot on X with just: “September 28.”
I had almost no following then, but somehow that post got people’s attention. I spent the week finalizing the last pieces and published the first release on September 28.
From week one, people started joining the Discord, opening issues, giving feedback, and actually using it. Better Auth stayed in beta for the first three months, and every Friday through the end of November 2024 I shipped a new release packed with fixes, improvements, and new features, until we hit 1.0.
Around then, I got pretty intense about it all. I wanted to keep improving the framework, stay engaged with the community on Discord, keep GitHub tidy, and learn every new auth concept people surfaced through feature requests and bug reports.
I think that worked really well. People loved Better Auth in a way that still feels rare. I kept seeing tweets on X praising the DX, the API design, and the docs—and the developer community started creating YouTube tutorials, writing blog posts, and recommending the project to others.
I used to watch Y Combinator videos religiously. I’d tried starting a local startup before, but I wanted to apply to YC only once I had something that was really working.
Better Auth felt like that thing.
It wasn’t completely clear how it would become a business, but I figured we’d work that out and if anyone was going to take a bet on me, it would be YC. I applied, interviewed with Pete, and he was gracious enough to take a chance on me. I got in.
Getting into YC was an extraordinary moment for someone who was born and raised in Ethiopia. Moving to San Francisco for YC felt surreal. I’d spent so much time chronically online on X that I got familiar quickly - SF is basically X, but in real life.
At the end of YC, we raised capital led by Peak XV (formerly Sequoia India & Southeast Asia), along with more than 50 funds and angel investors, to build a company around Better Auth. That’s when I started thinking beyond open source: how we’d hire, whether we’d be in person or remote, what kind of company we wanted to build, and what Better Auth could become.
Later, while chatting with Balázs about the future plans for Auth.js, he shared that a lot of what we were doing with Better Auth was similar to the general direction the Auth.js team had been thinking about.
We saw an opportunity for Better Auth to take over the project and, long term, figure out a path to transition people over while continuing to maintain Auth.js and fix security issues and other bugs.
That’s how Auth.js / NextAuth.js ended up joining Better Auth:
That was a full-circle moment for me, given that I started by using NextAuth myself. And we got to have cool things like the auth npm package too. :)
When you build open source, the obvious path is to build a hosted platform around it. But Better Auth is a framework, and one of the main reasons people use it is that they don’t want to outsource auth in the first place. I was never that interested in building a traditional hosted auth service.
So our first plan - “act one” - was to find additional value we could offer through a platform that extended the framework: a dashboard, security features, audit logs. We launched our first attempt on January 1 as Better Auth Infrastructure.
Then the pace of AI change made a new problem impossible to ignore: agents and auth.
A world where agents act on behalf of users creates a whole new set of security and authorization problems. Securing agentic workflows is quickly becoming one of the most important challenges in software.
We started researching what auth should look like in that world, launched the Agent Auth protocol, and began talking with other companies about the next version - including Vercel.
Through that work, it became clear Vercel was the best place to continue both our open-source auth mission and this new exploration. We’re a small team; the agent identity problem is big and moving fast. With Vercel’s infrastructure, distribution, community, and product surface area, we can bring these ideas to developers at a much larger scale than we could alone — and without splitting our focus between maintaining the framework and building everything around it.
What’s coming next
Better Auth: This transition lets us refocus on Better Auth’s original mission without having to shape the strategy around monetization - helping developers own their auth. And now we can do that with even greater access to resources to enhance and extend the Better Auth framework.
Agent Auth: Through our Agent Auth Protocol, we’ve been exploring key primitives shaping the agent security stack. Vercel has already been at the forefront of agentic infrastructure, especially with recent launches like Eve and Vercel Connect, along with higher-level tooling that makes auth easier for internal apps, like Vercel Passport.
We hope to drive the evolution of the identity and access layer for infrastructure as we accelerate into the agentic world.
Thank you to everyone who has been part of this team over the last couple of years, and to everyone in the community and our customers who pushed this project forward in so many ways.
Thank you to the open-source maintainers and builders whose work this project relies on, and from whom I’ve learned so much.
Thank you to Pete Koomen, Arnav Sahu from Peak XV, and every investor who took a chance on me early and supported me throughout this journey.
Thank you everyone at Vercel that made this happen, I’m looking forward to building together!