Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/nuxt-alt/auth/llms.txt

Use this file to discover all available pages before exploring further.

The Discord provider configures @nuxt-alt/auth to authenticate users through Discord’s OAuth2 service. It uses the oauth2 scheme with the authorization code grant type and PKCE challenge method set to S256, providing an additional layer of security during the code exchange. Because the token endpoint requires a server-side request, the provider registers a Nuxt server route via addAuthorize (with PKCE enabled) to perform the exchange, keeping your clientSecret off the browser. The user profile is fetched from the Discord REST API after a successful login.

Required Options

OptionTypeDescription
clientIdstringThe Client ID of your Discord application
clientSecretstringThe Client Secret of your Discord application

Configuration

export default defineNuxtConfig({
  auth: {
    strategies: {
      discord: {
        clientId: 'YOUR_CLIENT_ID',
        clientSecret: 'YOUR_CLIENT_SECRET',
        // Optional: override the default scopes
        scope: ['identify', 'email'],
      },
    },
  },
})

Auto-Configured Defaults

When the strategy name is discord, the provider automatically sets the following values. Any property you specify in your own config takes precedence.
PropertyAuto-Configured Value
scheme'oauth2'
endpoints.authorizationhttps://discord.com/api/oauth2/authorize
endpoints.tokenhttps://discord.com/api/oauth2/token
endpoints.userInfohttps://discord.com/api/users/@me
grantType'authorization_code'
codeChallengeMethod'S256'
scope['identify', 'email']
token.property'access_token'
token.type'Bearer'
token.name'Authorization'
refreshToken.property'refresh_token'
responseType'token'
clientSecretTransport'body'
The Discord provider does not auto-configure a logout endpoint. Discord requires a POST request to https://discord.com/api/oauth2/token/revoke to revoke a token. If you need explicit token revocation on logout, configure the endpoints.logout property manually in your strategy config.

Logging In

Trigger the Discord OAuth redirect from any component or composable:
const auth = useAuth()
await auth.loginWith('discord')
The user is redirected to Discord’s authorization page. After granting access, Discord redirects back to your application’s callback route. The registered server route exchanges the authorization code (and PKCE verifier) for an access token, then @nuxt-alt/auth fetches the user’s profile from the Discord API.
In your Discord application’s OAuth2 settings, add your application’s callback URL to the Redirects list. Navigate to the Discord Developer Portal, select your application, and go to OAuth2 → General. The default callback route used by @nuxt-alt/auth is /login.

Build docs developers (and LLMs) love