The Role
Design and evolve the open-source auth framework and enterprise platform: core architecture, public APIs, plugin and package systems, cross-runtime compatibility, reactive client state, security protocols, release quality, and OSS contributor leadership.
Summary Generated by Built In
About Better Auth
The Role
Why You Should Join
What You'll Work On
What We're Looking For
Bonus Points
Compensation & Benefits
Better Auth is the most comprehensive authentication framework for TypeScript. We're the most upvoted YC Launch in history and are used by thousands of developers shipping everything from startup projects to enterprise products.
We’re a small team building foundational infrastructure that other developers depend on, so the bar is high: every decision we make affects security, correctness, and developer experience at scale. We’re also building an enterprise layer on top of the open-source framework for teams that need more operational, organizational, and compliance-oriented capabilities.
We’re now extending that work into agent auth: secure identity, approval, delegation, and capability grants for AI agents operating across runtimes, services, and organizations.
You’ll work across the open-source core and the enterprise platform we’re building on top of it. This is not a feature-factory role. You’ll make architectural decisions that shape Better Auth’s public APIs, plugin system, runtime compatibility, reactive client behavior, and security model.
This is also a leadership role in an open-source product. You’ll help drive technical direction, maintain a high quality bar in review, mentor contributors and teammates, and make thoughtful decisions about what belongs in the framework versus what belongs in the enterprise layer.
Your work will be used by developers immediately after it ships. The decisions you make will have long-lived impacts on API stability, extensibility, and trust.
You’ll have real ownership on a small team with outsized reach. The work here is deeply technical, highly leveraged, and lands in production quickly across thousands of developer-built products. We’re also early in a new frontier: helping define how authentication should work for AI-native products, agents, and developer tooling. If you’re excited by infrastructure at the intersection of identity, open source, and emerging AI workflows, you’ll get to shape that direction from the beginning.
This is still an early team, which means you won’t just join the culture, you’ll help define it. We value initiative, strong technical judgment, open discussion, and the humility to change course when the facts change. We care deeply about heads-down building, thoughtful API design, and giving people meaningful ownership over ambitious work.
- Core framework architecture — auth endpoints, sessions, cookies, request context, middleware, and before/after hook pipelines
- Public API and type system design — shaping stable, ergonomic interfaces across the framework, plugins, and client libraries
- Plugin and package architecture — evolving Better Auth’s extension model across the core library and first-party packages
- Reactive client systems — designing and evolving the typed client, shared session state model, and cross-framework reactive architecture that power React, Vue, Svelte, Solid, and Lynx
- Runtime and framework compatibility — ensuring Better Auth works correctly and consistently across Node.js, Bun, Deno, Cloudflare Workers, and multiple framework integrations
- Security and identity protocols — OAuth2, OIDC, SAML, SCIM, passkeys, CSRF protections, origin validation, rate limiting, and secure session handling
- Enterprise platform foundations — helping define and build capabilities around org management, provisioning, admin workflows, observability, analytics, and operational tooling
- OSS/commercial product boundaries — deciding what belongs in the open-source framework, what belongs in the enterprise layer, and how the two compose cleanly
- Release quality and contributor experience — code review, issue triage, docs, tests, migration strategy, and safe upgrade paths for users
- Experience level — 7+ years of software engineering experience building and shipping production systems in TypeScript
- Advanced TypeScript — You’re comfortable with complex generics, conditional types, mapped types, template literal types, and inference, and you know how to use them to design developer-facing libraries
- API Design Instinct — You think carefully about ergonomics, backwards compatibility, migration paths, and the long-term consequences of public API decisions
- Security and Platform Judgment — You’re comfortable working in auth-heavy, security-sensitive systems and can reason across sessions, tokens, redirects, CSRF, OAuth2/OIDC, and cross-runtime constraints
- Open Source Leadership — You communicate clearly, write thoughtful reviews, maintain a high quality bar, and understand the responsibility that comes with building APIs other developers depend on
- Ownership — You’re comfortable taking ambiguous, high-leverage work from idea through implementation, release, and follow-through
- Experience maintaining or leading widely-used open-source libraries
- Experience building authentication, identity, developer infrastructure, or other security-sensitive systems
- Experience with plugin systems, adapter layers, or multi-package TypeScript monorepos
- Familiarity with reactive state primitives and multi-framework client libraries
- Experience building enterprise or B2B platform features such as SSO, SCIM, org management, admin tooling, auditability, or compliance-oriented workflows
- Experience thinking carefully about OSS versus commercial boundaries in developer products
- Competitive salary + meaningful equity with room to grow
- Health, dental, vision
- Unlimited PTO (that we actually encourage you to use)
- SF office access + daily catered lunches & snacks
Better Auth is an equal opportunity employer. We believe diverse teams build better security infrastructure.
Skills Required
- 7+ years of software engineering experience building and shipping production systems in TypeScript
- Advanced TypeScript (generics, conditional types, mapped types, template literal types)
- Strong API design instincts prioritizing ergonomics, backwards compatibility, and migration paths
- Experience reasoning about authentication and security: sessions, tokens, redirects, CSRF, OAuth2/OIDC, SAML, SCIM, passkeys, secure session handling
- Open source leadership: clear communication, high-quality reviews, mentoring contributors
- Ownership of ambiguous, high-leverage projects from idea through implementation and release
- Experience maintaining or leading widely-used open-source libraries
- Experience building authentication, identity, or other security-sensitive systems
- Experience with plugin systems, adapter layers, or multi-package TypeScript monorepos
- Familiarity with reactive state primitives and multi-framework client libraries (React, Vue, Svelte, Solid, Lynx)
- Experience building enterprise/B2B platform features (SSO, SCIM, org management, admin tooling, auditability, compliance)
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Better Auth is a framework-agnostic, comprehensive authentication and authorization framework for TypeScript. It provides developers with tools to manage user authentication, offering features like email/password, social sign-on, multi-factor authentication, and session management, designed to scale from small projects to enterprise applications.
