Manual Setup
If you don't want the npx @convex-dev/auth
command to make these changes for
you, follow these steps after you've installed the library.
For code changes you can also refer to the example repo (opens in a new tab).
Configure SITE_URL
The SITE_URL
environment variable is used when redirecting back to your site
during OAuth sign-in and for magic links sent via email.
You don't need to configure this variable if you're only using passwords.
Setting environment variables Convex docs (opens in a new tab).
For local development you can run (adjust the port number as needed!):
npx convex env set SITE_URL http://localhost:5173
Configure private and public key
Run the following script via node generateKeys.mjs
:
import { exportJWK, exportPKCS8, generateKeyPair } from "jose";
const keys = await generateKeyPair("RS256");
const privateKey = await exportPKCS8(keys.privateKey);
const publicKey = await exportJWK(keys.publicKey);
const jwks = JSON.stringify({ keys: [{ use: "sig", ...publicKey }] });
process.stdout.write(
`JWT_PRIVATE_KEY="${privateKey.trimEnd().replace(/\n/g, " ")}"`,
);
process.stdout.write("\n");
process.stdout.write(`JWKS=${jwks}`);
process.stdout.write("\n");
Copy the whole output and paste it into your Convex dashboard deployment's Environment Variables (opens in a new tab) page.
You should now have two variables set up: JWT_PRIVATE_KEY
and JWKS
(in
addition to SITE_URL
).
Modify tsconfig.json
+ "skipLibCheck": true,
+ "moduleResolution": "Bundler",
- "moduleResolution": "Node",
You might need to add "skipLibCheck": true
to your project-level
tsconfig.json
as well.
Configure auth.config.ts
export default {
providers: [
{
domain: process.env.CONVEX_SITE_URL,
applicationID: "convex",
},
],
};
Initialize auth.ts
import { convexAuth } from "@convex-dev/auth/server";
export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
providers: [],
});
Configure http.ts
import { httpRouter } from "convex/server";
import { auth } from "./auth";
const http = httpRouter();
auth.addHttpRoutes(http);
export default http;
Continue to Step 3 in the Setup guide.