Documentation Index
Fetch the complete documentation index at: https://mintlify.com/nuxt-alt/auth/llms.txt
Use this file to discover all available pages before exploring further.
@nuxt-alt/auth is a Nuxt 3-only rewrite of @nuxtjs/auth. The API is intentionally familiar — the same strategy names, the same redirect configuration keys, the same composable name — but there are important differences in how tokens are stored, how HTTP requests are made, and how the module integrates with the Nuxt 3 ecosystem. This guide covers every breaking change and highlights the new features you gain after migrating.
Breaking Changes
1. Package Name
Remove the old package and install the new one along with its required HTTP module:@nuxt-alt/auth to the modules array in nuxt.config.ts. You do not need to add @nuxt-alt/http manually — the auth module installs it automatically — but if you do add it explicitly, make sure it appears after @nuxt-alt/auth and before any proxy module.
nuxt.config.ts
2. Module Config Key
The configuration key remainsauth in nuxt.config.ts. No change is required here.
3. HTTP Request Body: data → body
@nuxtjs/auth-next used axios under the hood, which accepts a data property for the request body. @nuxt-alt/auth uses @nuxt-alt/http (built on ofetch), which uses body instead. Every place where you passed data to loginWith() or login() must be updated.
auth.request() or auth.requestWith() calls that previously used data as well.
4. Default Storage Changed
@nuxtjs/auth enabled localStorage by default. @nuxt-alt/auth defaults to cookie storage and disables both localStorage and sessionStorage. This is intentional: cookies work in SSR environments; localStorage does not.
localStorage for token persistence between tabs or for very long-lived sessions, you can re-enable it — but be aware it will not be read during SSR rendering.
5. Pinia Replaces Vuex
@nuxtjs/auth required a Vuex store and wrote auth state directly into it. @nuxt-alt/auth uses Nuxt 3’s useState by default (no dependency required) and optionally supports Pinia.
store/index.js or Vuex setup that existed solely to satisfy the old auth module.
6. $auth.strategy Type Change
In @nuxtjs/auth, the strategy getter returned a type that included token and refreshToken properties. In @nuxt-alt/auth, strategy returns the base Scheme type, which does not include those properties. Two additional typed getters have been added for token-specific access.
$auth.strategy.token or $auth.strategy.refreshToken to use the appropriate typed getter instead.
What Stayed the Same
The following parts of the API are compatible with@nuxtjs/auth and require no changes:
Config key
auth: in nuxt.config.ts works exactly as before.Strategy names
local, cookie, oauth2, openIDConnect, refresh — all unchanged.Provider names
auth0, github, google, facebook, discord, laravelSanctum, laravelPassport, laravelJWT.useAuth() composable
The composable name and its return value are identical.
Page meta
definePageMeta({ auth: 'guest' }) and definePageMeta({ auth: false }) work the same way. Note that auth: true is no longer a valid value — pages are protected by default when globalMiddleware is enabled.Redirect keys
redirect.login, redirect.logout, redirect.callback, redirect.home.Core methods
$auth.loggedIn, $auth.user, $auth.login(), $auth.logout(), $auth.fetchUser(), $auth.reset().Error handling
$auth.onError() listener registration works the same way.New Features in @nuxt-alt/auth
Migrating from@nuxtjs/auth also gives you access to features that did not exist in the original module:
tokenValidationInterval — periodic token expiry checking
tokenValidationInterval — periodic token expiry checking
Set to
true (1000ms default) or a number of milliseconds to enable a background interval that continuously checks token expiry and triggers a refresh or reset as needed. This catches expired tokens even when the user is idle on the same page.resetOnResponseError — automatic 401 handling
resetOnResponseError — automatic 401 handling
When enabled, any 401 response from any auth request triggers an automatic reset. You can also pass a function for full control:
redirectStrategy: 'query' — query-parameter redirects
redirectStrategy: 'query' — query-parameter redirects
In addition to the default
storage strategy (which stores the redirect target in localStorage/cookies), you can use query to append ?to=... to the login URL. This is useful for shareable login links.stores.state.namespace — useState namespace
stores.state.namespace — useState namespace
Customize the key used by Nuxt’s
useState for auth state. Useful when you have multiple auth-related state slices and want to avoid key collisions.OAuth2 clientWindow — popup authentication
OAuth2 clientWindow — popup authentication
The OAuth2 strategy now supports a popup-based login flow, so users don’t leave the current page during OAuth authorization.
TypeScript UserInfo augmentation
TypeScript UserInfo augmentation
Extend the
UserInfo interface via declaration merging to get full type safety on auth.user:Module path aliases
Module path aliases
Three path aliases are available for building custom schemes and providers:
#auth/runtime— core classes and middleware#auth/providers— built-in provider configurations#auth/utils— shared utility functions