Will next-auth signIn expose API credentials if it's called from client component?
Unanswered
Giant Chinchilla posted this in #help-forum
Giant ChinchillaOP
Let's say I have a client LoginForm.tsx component and on form submit I do:
and in NextAuth authOptions -> providers -> credentials I do some fetch request to external API and pass API key, will that key get exposed to client side?
"use client";
// ...
import { signIn } from "next-auth/react";
// ...
const response = await signIn("credentials", {
email: form.email,
password: form.password,
redirect: false,
});and in NextAuth authOptions -> providers -> credentials I do some fetch request to external API and pass API key, will that key get exposed to client side?
2 Replies
Giant ChinchillaOP
seems like it doesn't if its correctly configured like in https://authjs.dev/getting-started/migrating-to-v5#configuration-file
console logging where I do the fetch to external api also outputs it to the terminal where
run dev is running instead of browser so I assume everything is server sided and not exposed to client side