Login/Register
"ikm" must be at least one byte in length
Asked Answered
next.jsnext-auth
A

6

10

https://next-auth.js.org/errors#get_authorization_url_error "ikm" must be at least one byte in length { message: '"ikm" must be at least one byte in length', stack: 'TypeError: "ikm" must be at least one byte in length\n' +

I'm following this example: https://vercel.com/guides/nextjs-multi-tenant-application

Arvo answered 6/6, 2022 at 13:33 Comment(0)
D
20

Make sure that your NEXTAUTH_SECRET environment variable in your .env file is populated. You can grab one here: https://generate-secret.vercel.app/32

If your dev environment is running make sure to restart it after updating the variable!

Derision answered 7/6, 2022 at 21:35 Comment(2)
I am setting my NEXTAUTH_SECRET but it still doesn't work still getting the same errorSoapberry
what AK-35 describes can happen if other relevant values are empty. see that explanationPollinate
P
2

I had similar issue and resolved it by providing non-empty value for JWT_SIGNING_PRIVATE_KEY and JWT_SECRET in .env file

Hope this helps somebody

Plating answered 4/10, 2022 at 16:45 Comment(0)
L
0

I had similar error on a NextJs Project. Corrected after setting a value of the variable NEXTAUTH_SECRET in the .env file.

Leupold answered 20/8, 2022 at 18:47 Comment(0)
P
0

TL;DR:

make sure that the [...nextauth].ts defines the secrets correctly

Explanation

NextAuth looks up the secrets:

# in NextAuthApiHandler

  (_options$secret = options.secret) !== null && _options$secret !== void 0 ? _options$secret : options.secret = (_options$jwt$secret = (_options$jwt = options.jwt) === null || _options$jwt === void 0 ? void 0 : _options$jwt.secret) !== null && _options$jwt$secret !== void 0 ? _options$jwt$secret : process.env.NEXTAUTH_SECRET;

So it's using secrets in the following order:

options.secret
options.jwt.secret
process.env.NEXTAUTH_SECRET

the options are taken from:

# [...nextauth].ts

...
  jwt: {
    secret: process.env.SECRET,
  },
...
  secret: process.env.SECRET,
...

thus, you need to make sure that the .env file (especially if there are more than one) defines the values correctly which are being used at these places - an empty value isn't sufficient - openssl rand -hex 32 would do the job.

Pollinate answered 15/11, 2023 at 12:39 Comment(0)
C
0

I also get the same error. and it turns out that the problem is only in the length of NEXTAUTH_SECRET in the .env file. I tried a longer password and it worked.

Charliecharline answered 27/11, 2023 at 7:52 Comment(0)
R
0

I also faced the same issue i was adding the NEXTAUTH_SECRET in .env file as NEXT_AUTH_SECRET,later i recognized it and fixed and yes be sure to add secrets in the app/api/auth/[...nextauth]/router.ts or router.js file

Ramsgate answered 10/6 at 4:57 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.