Beta
The Neon Auth with Better Auth is in Beta. Share your feedback on Discord or via the Neon Console.
Complete these steps before taking your application to production with Neon Auth.
Auth production checklist
0%Add your production domain(s) to enable OAuth and email verification redirects.
Replace shared SMTP (
auth@mail.myneon.app) with your own email service for reliable delivery and higher limits. A custom email provider is also required if you want to use verification links instead of verification codes.Set the name your users see in user-facing auth messages. Applies to Neon Auth (Better Auth) integrations. Defaults to the Neon project name.
Set up your own Google and GitHub OAuth apps to replace shared development keys.
Email verification is not enabled by default. Since anyone can sign up for your application, enabling email verification adds an important verification step to ensure users own their email address.
Disable the "Allow Localhost" setting in your project's Settings → Auth page. This setting is enabled by default for development but should be disabled in production to improve security.
Email provider
Neon Auth uses a shared SMTP provider (auth@mail.myneon.app) by default for development and testing. For production, configure your own email provider for better deliverability and higher sending limits.
Configure custom SMTP
In your project's Settings → Auth page, configure your email provider:
- Select Custom SMTP provider
- Enter your SMTP credentials:
- Host: Your SMTP server hostname (for example,
smtp.gmail.com) - Port: SMTP port (typically
465for SSL or587for TLS) - Username: Your SMTP username
- Password: Your SMTP password or app-specific password
- Sender email: Email address to send from
- Sender name: Display name for sent emails
- Host: Your SMTP server hostname (for example,
- Click Save
Email provider requirements
- Verification links: Require a custom email provider
- Verification codes: Work with shared or custom email providers
- Password reset: Works with shared or custom email providers
note
The shared email provider (auth@mail.myneon.app) is suitable for development and testing. For production applications, use a custom email provider for better deliverability and to avoid rate limits.
Application name
Neon Auth uses the application name in user-facing auth messages, such as verification emails and password resets. By default, this is set to the Neon project name. This setting is available for Neon Auth (Better Auth) integrations only.
To set a custom application name:
- Go to Auth in your Neon project
- Select the Configuration tab
- In the Project Info panel, edit the Application Name field
Each branch manages its own application name independently, so preview and development branches can use different names than production.
You can also update the application name via the API. See Update auth configuration.
Localhost access
The "Allow Localhost" setting in your project's Settings → Auth page is enabled by default to allow authentication requests from localhost during development.
Disable for production
For production environments, disable this setting to improve security:
- Go to Settings → Auth in your Neon project
- Find the Allow Localhost toggle
- Disable the toggle
important
Only enable "Allow Localhost" for local development. Disabling this setting in production prevents unauthorized authentication requests from localhost, improving your application's security posture.
Need help?
Join our Discord Server to ask questions or see what others are doing with Neon. For paid plan support options, see Support.