nextauthjs · rk1 · Sep 29, 2024 · Sep 29, 2024 · eitan-revach · Jan 20, 2025
@@ -36,6 +36,7 @@ body:
         - "Box"
         - "Bungie"
         - "ClickUp"
+        - "Cloudinary"
         - "Cognito"
         - "Concept2"
         - "Coinbase"

@@ -63,6 +63,7 @@
     "boxyhq-saml": "BoxyHQ SAML",
     "bungie": "Bungie",
     "clickup": "ClickUp",
+    "cloudinary": "Cloudinary",
     "cognito": "Cognito",
     "coinbase": "Coinbase",
     "descope": "Descope",

@@ -0,0 +1,103 @@
+import { Callout } from "nextra/components"
+import { Code } from "@/components/Code"
+
+<img align="right" src="/img/providers/cloudinary.svg" height="64" width="64" />
+
+# Cloudinary Provider
+
+## Resources
+
+- [Cloudinary OAuth documentation](https://cloudinary.com/documentation/using_oauth_to_access_cloudinary_apis)
+
+## Setup
+
+### Callback URL
+
+<Code>
+  <Code.Next>
+
+```bash
+https://example.com/api/auth/callback/cloudinary
+```
+
+  </Code.Next>
+  <Code.Qwik>
+
+```bash
+https://example.com/auth/callback/cloudinary
+```
+
+  </Code.Qwik>
+  <Code.Svelte>
+
+```bash
+https://example.com/auth/callback/cloudinary
+```
+
+  </Code.Svelte>
+</Code>
+
+### Environment Variables
+
+```
+AUTH_CLOUDINARY_ID
+AUTH_CLOUDINARY_SECRET
+```
+
+### Configuration
+
+<Code>
+  <Code.Next>
+
+```ts filename="/auth.ts"
+import NextAuth from "next-auth"
+import Cloudinary from "next-auth/providers/cloudinary"
+
+export const { handlers, auth, signIn, signOut } = NextAuth({
+  providers: [Cloudinary],
+})
+```
+
+  </Code.Next>
+  <Code.Qwik>
+
+```ts filename="/src/routes/[email protected]"
+import { QwikAuth$ } from "@auth/qwik"
+import Cloudinary from "@auth/qwik/providers/cloudinary"
+
+export const { onRequest, useSession, useSignIn, useSignOut } = QwikAuth$(
+  () => ({
+    providers: [Cloudinary],
+  })
+)
+```
+
+  </Code.Qwik>
+  <Code.Svelte>
+
+```ts filename="/src/auth.ts"
+import { SvelteKitAuth } from "@auth/sveltekit"
+import Cloudinary from "@auth/sveltekit/providers/cloudinary"
+
+export const { handle, signIn, signOut } = SvelteKitAuth({
+  providers: [Cloudinary],
+})
+```
+
+  </Code.Svelte>
+  <Code.Express>
+
+```ts filename="/src/app.ts"
+import { ExpressAuth } from "@auth/express"
+import Cloudinary from "@auth/express/providers/cloudinary"
+
+app.use("/auth/*", ExpressAuth({ providers: [Cloudinary] }))
+```
+
+  </Code.Express>
+</Code>
+
+### Notes
+
+- The Cloudinary `userinfo` endpoint returns only a `sub` which is used for both the `id` and the `email` in the user's profile. If you'd like to get more information about the user – you can use the [Cloudinary Account Provisioning API](https://cloudinary.com/documentation/provisioning_api)
+- If the OAuth token is used against the Admin/Upload API, the user must be assigned a Master Admin role within the product environment
@@ -0,0 +1,80 @@
+/**
+ * <div style={{backgroundColor: "#fff", display: "flex", justifyContent: "space-between", color: "#3448c5", padding: 16}}>
+ * <span>Built-in <b>Cloudinary</b> integration.</span>
+ * <a href="https://cloudinary.com/">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/cloudinary.svg" width="48" height="48" />
+ * </a>
+ * </div>
+ *
+ * @module providers/cloudinary
+ */
+import { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+export interface CloudinaryProfile {
+  sub: string
+}
+
+/**
+ * Add Cloudinary login to your page.
+ *
+ * ### Setup
+ *
+ * #### Callback URL
+ * ```
+ * https://example.com/api/auth/callback/cloudinary
+ * ```
+ *
+ * #### Configuration
+ * ```ts
+ * import { Auth } from "@auth/core"
+ * import Cloudinary from "@auth/core/providers/cloudinary"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [
+ *     Cloudinary({
+ *       clientId: CLOUDINARY_CLIENT_ID,
+ *       clientSecret: CLOUDINARY_CLIENT_SECRET,
+ *     }),
+ *   ],
+ * })
+ * ```
+ *
+ * ### Resources
+ *
+ * - [Cloudinary OAuth documentation](https://cloudinary.com/documentation/using_oauth_to_access_cloudinary_apis)
+ *
+ * ### Notes
+ * - If the OAuth token is used against the Admin/Upload API, the user must be assigned a Master Admin role within the product environment
+ * - If you'd like to get more information about the user – you can use the [Cloudinary Account Provisioning API](https://cloudinary.com/documentation/provisioning_api)
+ *
+ * ## Help
+ *
+ * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
+ *
+ * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
+ * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
+ * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
+ */
+export default function Cloudinary<P extends CloudinaryProfile>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "cloudinary",
+    name: "Cloudinary",
+    type: "oauth",
+    clientId: options.clientId,
+    clientSecret: options.clientSecret,
+    wellKnown: "https://oauth.cloudinary.com/.well-known/openid-configuration",
+    client: {
+      token_endpoint_auth_method: "client_secret_post",
+    },
+    profile(profile) {
+      return {
+        id: profile.sub,
+        email: profile.sub,
+      }
+    },
+    style: { bg: "#fff", text: "#3448c5" },
+  }
+}