Configure various authentication methods for your self-hosted Langtrace setup using NextAuth.js.
Langtrace uses NextAuth.js, a complete open-source authentication solution for Next.js applications. NextAuth.js provides a secure and flexible framework for handling various authentication methods, including OAuth providers and custom credentials.
We support multiple authentication methods to accommodate different organizational needs:
You can enable one or more of these methods by configuring the appropriate environment variables. Thanks to NextAuth.js, no code changes are required to switch between these authentication options.
Regardless of the chosen authentication method(s), the following NextAuth.js-related environment variables are required:
NEXTAUTH_SECRET
: A secure random string used by NextAuth.js to encrypt tokens and sign/encrypt cookies.NEXTAUTH_URL
: The public URL of your application, used by NextAuth.js for callback URLs and links.Set up a single administrator account
Allow users to log in with their Google accounts
Enable login via Microsoft Azure Active Directory
This method allows a single administrator account to log in using an email and password.
Set NEXT_PUBLIC_ENABLE_ADMIN_LOGIN
to true
to enable this method.
When using password authentication:
ADMIN_EMAIL
and ADMIN_PASSWORD
).Only the admin account can invite new users. Regular users cannot create additional accounts.
This approach allows you to maintain control over user access while still enabling multiple users to access your Langtrace instance.
Allows users to log in using their Google accounts. This method uses OAuth 2.0.
To obtain these credentials:
Go to the Google Cloud Console
Create a new project or select an existing one
Enable the Google+ API
Create OAuth 2.0 credentials (OAuth client ID)
Set the authorized redirect URIs. For local development, use:
http://localhost:3000/api/auth/callback/google
For production, use your actual domain:
https://your-app-domain.com/api/auth/callback/google
Note the client ID and client secret
For more information, refer to the official Google documentation.
When setting up for local development, make sure to add
http://localhost:3000
to the list of “Authorized JavaScript origins” in your
Google Cloud Console project settings.
Enables login via Microsoft Azure Active Directory, suitable for organizations using Microsoft 365 or Azure AD.
To obtain these credentials:
your-app-url/api/auth/callback/azure-ad
Note the client ID, client secret, and tenant ID
For more information, refer to the official Microsoft documentation.To enable a specific login method:
NEXTAUTH_SECRET
and NEXTAUTH_URL
are properly configured.The application will automatically enable the login methods for which valid credentials are provided. You can enable multiple methods simultaneously by setting the environment variables for each desired method.
ADMIN_EMAIL
and ADMIN_PASSWORD
.Need another provider? Langtrace uses Auth.js (formerly NextAuth.js), which integrates with many providers. Add a feature request on GitHub if you want us to add support for a specific provider.
Langtrace currently supports Admin Password Login, Google OAuth, and Azure AD OAuth out of the box. However, thanks to the flexibility of Auth.js, it’s possible to extend this to include many other authentication providers.
If you need support for a provider that’s not currently included:
We’re always looking to improve Langtrace and make it more versatile for our users’ needs. Your feedback and requests help us prioritize development efforts.
Configure various authentication methods for your self-hosted Langtrace setup using NextAuth.js.
Langtrace uses NextAuth.js, a complete open-source authentication solution for Next.js applications. NextAuth.js provides a secure and flexible framework for handling various authentication methods, including OAuth providers and custom credentials.
We support multiple authentication methods to accommodate different organizational needs:
You can enable one or more of these methods by configuring the appropriate environment variables. Thanks to NextAuth.js, no code changes are required to switch between these authentication options.
Regardless of the chosen authentication method(s), the following NextAuth.js-related environment variables are required:
NEXTAUTH_SECRET
: A secure random string used by NextAuth.js to encrypt tokens and sign/encrypt cookies.NEXTAUTH_URL
: The public URL of your application, used by NextAuth.js for callback URLs and links.Set up a single administrator account
Allow users to log in with their Google accounts
Enable login via Microsoft Azure Active Directory
This method allows a single administrator account to log in using an email and password.
Set NEXT_PUBLIC_ENABLE_ADMIN_LOGIN
to true
to enable this method.
When using password authentication:
ADMIN_EMAIL
and ADMIN_PASSWORD
).Only the admin account can invite new users. Regular users cannot create additional accounts.
This approach allows you to maintain control over user access while still enabling multiple users to access your Langtrace instance.
Allows users to log in using their Google accounts. This method uses OAuth 2.0.
To obtain these credentials:
Go to the Google Cloud Console
Create a new project or select an existing one
Enable the Google+ API
Create OAuth 2.0 credentials (OAuth client ID)
Set the authorized redirect URIs. For local development, use:
http://localhost:3000/api/auth/callback/google
For production, use your actual domain:
https://your-app-domain.com/api/auth/callback/google
Note the client ID and client secret
For more information, refer to the official Google documentation.
When setting up for local development, make sure to add
http://localhost:3000
to the list of “Authorized JavaScript origins” in your
Google Cloud Console project settings.
Enables login via Microsoft Azure Active Directory, suitable for organizations using Microsoft 365 or Azure AD.
To obtain these credentials:
your-app-url/api/auth/callback/azure-ad
Note the client ID, client secret, and tenant ID
For more information, refer to the official Microsoft documentation.To enable a specific login method:
NEXTAUTH_SECRET
and NEXTAUTH_URL
are properly configured.The application will automatically enable the login methods for which valid credentials are provided. You can enable multiple methods simultaneously by setting the environment variables for each desired method.
ADMIN_EMAIL
and ADMIN_PASSWORD
.Need another provider? Langtrace uses Auth.js (formerly NextAuth.js), which integrates with many providers. Add a feature request on GitHub if you want us to add support for a specific provider.
Langtrace currently supports Admin Password Login, Google OAuth, and Azure AD OAuth out of the box. However, thanks to the flexibility of Auth.js, it’s possible to extend this to include many other authentication providers.
If you need support for a provider that’s not currently included:
We’re always looking to improve Langtrace and make it more versatile for our users’ needs. Your feedback and requests help us prioritize development efforts.