This page documents every top-level option accepted by theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/nuxt-alt/auth/llms.txt
Use this file to discover all available pages before exploring further.
auth key in your nuxt.config.ts. Options control the built-in middleware, error-handling behavior, token validation, redirect logic, storage backends, and the authentication strategies themselves. All options are optional and fall back to the defaults listed below.
Middleware
When
true, the auth middleware is applied globally to every route in your application. Individual pages can still opt out using definePageMeta({ auth: false }). This option is ignored if enableMiddleware is false.Master switch for the built-in auth middleware. Setting this to
false disables all automatic route protection, including global middleware.Error Handling
When
true, the auth state is automatically reset whenever an error is emitted through $auth.onError. You can also supply a function (...args) => boolean — the reset only happens if the function returns true, allowing you to filter which errors trigger a reset.When
true, the auth state is reset whenever any HTTP response returns a 401 Unauthorized status. You can replace the boolean with a callback (error, auth, scheme) => void to handle the error yourself:When
true, any exceptions thrown by the storage layer (for example, if localStorage is unavailable) are silently swallowed instead of being re-thrown. Useful when you need graceful degradation in restricted browser environments.Token & Session
Enables periodic client-side token expiry checks. Set to
true to use the default interval of 1000 ms, or provide a number of milliseconds for a custom interval. When a token is found to be expired and cannot be refreshed, an ExpiredAuthSessionError is thrown and the session is reset.The property path on the authenticated user object that holds the user’s scopes. Used by
$auth.hasScope(scope) to check whether the current user possesses a particular permission.When
true, a Vue watcher monitors the reactive loggedIn state. If it changes (for example, the token expires client-side), the user is automatically redirected to the home or logout redirect path depending on the new state.Strategies
A map of named strategy configurations. Each key becomes the strategy name used with
$auth.loginWith('strategyName'). The value is a strategy-specific options object (e.g. local, oauth2, refresh). See the individual strategy pages for the full option set for each type.The name of the strategy that is activated on application initialization. If left unset, the module automatically uses the first key defined in
strategies. You rarely need to set this manually.Stores
Thestores object controls how and where auth state is persisted. See Storage for a full explanation of each backend and its trade-offs.
The key used when calling Nuxt’s
useState() to create the reactive auth state. Change this if 'auth' conflicts with another useState key in your application.Set to
true to use a Pinia store for reactive auth state instead of Nuxt’s useState. Requires @pinia/nuxt to be installed and added to modules.The Pinia store ID used when
stores.pinia.enabled is true.Enables cookie-based persistence. Cookies are the recommended default because they are sent with every HTTP request, making tokens available server-side during SSR.
String prepended to every cookie name written by the auth module (e.g.
auth.token, auth.strategy).Passed directly to
cookie-es when serializing cookies. Accepts any CookieSerializeOptions field such as path, sameSite, maxAge, domain, secure, and httpOnly. In production the secure flag is automatically applied.Enables
localStorage as an additional persistence backend. Browser-only — has no effect during SSR.String prepended to every
localStorage key written by the auth module.Enables
sessionStorage as an additional persistence backend. Values are cleared when the browser tab is closed. Browser-only — has no effect during SSR.String prepended to every
sessionStorage key written by the auth module.Redirects
Theredirect object and related options govern where users are sent at various points in the auth lifecycle. See Redirects for a detailed explanation of each redirect path and the available strategies.
The path unauthenticated users are redirected to when they try to access a protected route.
The path users land on after a successful logout.
The path users land on after a successful login. When
rewriteRedirects is true this is overridden by the stored pre-login URL.The OAuth2 callback path. The module expects the strategy to handle the token exchange at this URL.
When
true, the URL the user was trying to reach before being sent to the login page is saved and restored after a successful login. Disable this to always redirect to redirect.home.When
true, the full path including query parameters is used when storing and restoring the pre-login URL instead of just the pathname.Determines how the pre-login URL is preserved.
'storage' saves it to the enabled storage backends (cookie/localStorage). 'query' appends it as a ?to=<url> query parameter on the login URL.Plugin Extensions
An array of additional Nuxt plugin file paths (or plugin objects) to register alongside the auth module’s own plugin. Use this to extend or hook into auth behavior with your own composables or global setup logic. Accepts the same values as the
plugins array in nuxt.config.ts.Internal Options
Seed value for the reactive auth state object. This option is set internally by the module before the
Storage class is initialized and should not be set manually in nuxt.config.ts.Full Configuration Example
The followingnuxt.config.ts shows all commonly used options together: