Skip to content
Migrating from NextAuth.js v4? Read our migration guide.

providers/wikimedia

Built-in Wikimedia integration.

WikimediaProfile

Extends

Properties

blocked

blocked: boolean;

confirmed_email

confirmed_email: boolean;

editcount

editcount: number;

email

email: string;

grants

grants: WikimediaGrant[];

groups

groups: WikimediaGroup[];

realname

realname: string;

registered

registered: string;

rights

rights: WikimediaRight[];

sub

sub: string;

username

username: string;

WikimediaGrant

type WikimediaGrant: 
  | "basic"
  | "blockusers"
  | "checkuser"
  | "createaccount"
  | "delete"
  | "editinterface"
  | "editmycssjs"
  | "editmyoptions"
  | "editmywatchlist"
  | "editpage"
  | "editprotected"
  | "editsiteconfig"
  | "globalblock"
  | "highvolume"
  | "import"
  | "mergehistory"
  | "oath"
  | "oversight"
  | "patrol"
  | "privateinfo"
  | "protect"
  | "rollback"
  | "sendemail"
  | "shortenurls"
  | "uploadfile"
  | "viewdeleted"
  | "viewmywatchlist";

WikimediaGroup

type WikimediaGroup: 
  | "*"
  | "user"
  | "autoconfirmed"
  | "extendedconfirmed"
  | "bot"
  | "sysop"
  | "bureaucrat"
  | "steward"
  | "accountcreator"
  | "import"
  | "transwiki"
  | "ipblock-exempt"
  | "oversight"
  | "rollbacker"
  | "propertycreator"
  | "wikidata-staff"
  | "flood"
  | "translationadmin"
  | "confirmed"
  | "flow-bot"
  | "checkuser";

WikimediaRight

type WikimediaRight: 
  | "abusefilter-log"
  | "apihighlimits"
  | "applychangetags"
  | "autoconfirmed"
  | "autopatrol"
  | "autoreview"
  | "bigdelete"
  | "block"
  | "blockemail"
  | "bot"
  | "browsearchive"
  | "changetags"
  | "checkuser"
  | "checkuser-log"
  | "createaccount"
  | "createpage"
  | "createpagemainns"
  | "createtalk"
  | "delete"
  | "delete-redirect"
  | "deletedhistory"
  | "deletedtext"
  | "deletelogentry"
  | "deleterevision"
  | "edit"
  | "edit-legal"
  | "editinterface"
  | "editmyoptions"
  | "editmyusercss"
  | "editmyuserjs"
  | "editmyuserjson"
  | "editmywatchlist"
  | "editprotected"
  | "editsemiprotected"
  | "editsitecss"
  | "editsitejs"
  | "editsitejson"
  | "editusercss"
  | "edituserjs"
  | "edituserjson"
  | "globalblock"
  | "import"
  | "importupload"
  | "ipblock-exempt"
  | "item-merge"
  | "item-redirect"
  | "item-term"
  | "markbotedits"
  | "massmessage"
  | "mergehistory"
  | "minoredit"
  | "move"
  | "move-subpages"
  | "movefile"
  | "movestable"
  | "mwoauth-authonlyprivate"
  | "nominornewtalk"
  | "noratelimit"
  | "nuke"
  | "patrol"
  | "patrolmarks"
  | "property-create"
  | "property-term"
  | "protect"
  | "purge"
  | "read"
  | "reupload"
  | "reupload-own"
  | "reupload-shared"
  | "rollback"
  | "sendemail"
  | "skipcaptcha"
  | "suppressionlog"
  | "tboverride"
  | "templateeditor"
  | "torunblocked"
  | "transcode-reset"
  | "translate"
  | "undelete"
  | "unwatchedpages"
  | "upload"
  | "upload_by_url"
  | "viewmywatchlist"
  | "viewsuppressed"
  | "writeapi";

default()

default<P>(options): OAuthConfig<P>

Add Wikimedia login to your page.

Setup

Callback URL

https://example.com/api/auth/callback/wikimedia

Configuration

import { Auth } from "@auth/core"
import Wikimedia from "@auth/core/providers/wikimedia"
 
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
    Wikimedia({
      clientId: WIKIMEDIA_CLIENT_ID,
      clientSecret: WIKIMEDIA_CLIENT_SECRET,
    }),
  ],
})

Resources

Configuration steps

After registration, you can initially test your application only with your own Wikimedia account. You may have to wait several days for the application to be approved for it to be used by everyone.

Notes

This provider also supports all Wikimedia projects:

  • Wikipedia
  • Wikidata
  • Wikibooks
  • Wiktionary
  • etc..

Please be aware that Wikimedia accounts do not have to have an associated email address. So you may want to add check if the user has an email address before allowing them to login.

By default, Auth.js assumes that the Wikimedia provider is based on the OAuth 2 specification.

💡

The Wikimedia provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Disclaimer If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Type parameters

Type parameter
P extends WikimediaProfile

Parameters

ParameterType
optionsOAuthUserConfig<P>

Returns

OAuthConfig<P>

Auth.js © Balázs Orbán and Team - 2025