I am the CEO of Backtick (backtickai.com) - an AI-native issue tracker designed to remove manual task management. Our product is built using mostly open-source frameworks and products; we strongly adhere to this ideology in our company. However, we currently use PropelAuth, which is not open-source, so we are looking to migrate away from it.
Better-auth seems like a good option. It supports multi-tenancy out of the box, has good documentation, and is MIT licensed. However, it's very new, not battle-tested, and I'm unsure about its security vulnerabilities.
Next-auth, while battle-tested, makes setting up multi-tenancy a pain.
If it's between these two, my preference would be Next-auth because of its maturity. But I'm wondering how you all are handling authentication. Which framework or hosted service are you using?
I would appreciate your comments on this.