#404 on POST /api/auth using @convex-dev/auth with Next.js app route

Hi @snow perch. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

The knowledge sources don’t give a single definitive root cause for your exact setup, but they do describe several closely related 404-on-/api/auth and middleware issues with Convex Auth + Next.js. Here’s what we can say with confidence.

1. Why isn’t middleware intercepting /api/auth?

When Convex Auth runs in a Next.js App Router app, signIn (from @convex-dev/auth/react) posts to /api/auth. That request must:

1. Hit your Next.js middleware (middleware.ts in the correct directory), and
2. Be proxied from Next.js to your Convex deployment via the Convex Auth HTTP routes.

If either of these fails, you’ll see POST /api/auth 404.

From prior cases:

• A 404 on /api/auth often meant the middleware wasn’t being hit at all (wrong location, missing file, or wrong matcher).[Github OAuth 404; src dir fix]
• In a src-based Next.js app, the fix was to move middleware.ts into src/ so Next.js actually runs it.[src dir fix]

Given you’re using src/app/layout.tsx, you likely also need src/middleware.ts (not at the project root). If middleware.ts is at the root while the app is under src/, Next.js won’t run it, so /api/auth will never be intercepted.

So the most likely reason the middleware isn’t intercepting /api/auth is that it’s not in the directory Next.js expects (or not present at all in src).

2. Do you need to create app/api/auth/route.ts?

For Convex Auth (not Better Auth), the docs and support threads do not mention creating a Next.js app/api/auth/route.ts handler. Convex Auth uses:

• convex/http.ts on the Convex side, where auth.addHttpRoutes(http) registers the HTTP routes, and
• Next.js middleware (convexAuthNextjsMiddleware) to proxy /api/auth to your Convex deployment.[Nextjs server API; POST /api/auth 404 in monorepo]

The only place a route.ts is explicitly required is in the Better Auth docs, where you must add:

// app/api/auth/[...all]/route.ts
import { nextJsHandler } from "@convex-dev/better-auth/nextjs";

export const { GET, POST } = nextJsHandler();

[Better Auth Next guide]

You’re using @convex-dev/auth, not @convex-dev/better-auth, so based on the sources you should not need to manually create app/api/auth/route.ts for Convex Auth.

3. Could the matcher be blocking /api/auth?

Your matcher:

export const config = {
  matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api|trpc)(.*)"],
};

This is exactly the pattern shown in the Convex Auth Next.js authz docs and in multiple working examples.[Authz middleware example; working middleware examples]

It explicitly includes "/(api|trpc)(.*)", so /api/auth should be matched. There’s nothing in the knowledge sources suggesting this matcher would prevent the proxy from working.

4. Other common causes of /api/auth 404 in the sources

From similar threads:

• Routes not registered in convex/http.ts (e.g., auth.addHttpRoutes(http) missing or not deployed) cause /api/auth 404s.[Monorepo 404]
• Middleware missing or in the wrong place (e.g., not in src/ when using src/app) also leads to /api/auth 404s.[Github OAuth 404; src dir fix]

Given your code:

• Middleware logic and matcher look consistent with the docs.
• You’re using ConvexAuthNextjsServerProvider and ConvexAuthNextjsProvider as recommended.[Nextjs server API]

So, based on the sources, the most likely fixes are:

1. Ensure middleware.ts is in src/middleware.ts (since you’re using src/app/...).
2. Confirm your convex/http.ts registers auth routes (e.g., auth.addHttpRoutes(http)) and that you’ve run npx convex dev or npx convex deploy since adding them.[Monorepo 404]

If after that you still see POST /api/auth 404, the knowledge sources don’t provide more specific debugging steps, so I can’t say more without going beyond them.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: