params.auth0, cookies().getAll(), and cookies().set('appSession', ...). cookies() should be awaited errors - Next 15.0.2

[sterno2510]

Checklist

• The issue can be reproduced in the nextjs-auth0 sample app (or N/A).
• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

When using the getSession function imported from auth0/nextjs-auth0, I get a few errors in the console when the app compiles.

Specifically these 3:

1. Error: Route "/dashboard" used cookies().getAll(). cookies() should be awaited before using its value. Learn more: https://nextjs.org/docs/messages/sync-dynamic-apis
2. Error: Route "/dashboard" used cookies().set('appSession', ...). cookies() should be awaited before using its value. Learn more: https://nextjs.org/docs/messages/sync-dynamic-apis
3. Error: Route "/api/auth/[auth0]" used params.auth0. params should be awaited before using its properties. Learn more: https://nextjs.org/docs/messages/sync-dynamic-apis

All three errors appear to be coming from here:

at get (file:///Users/brianstern/code/ai-companion-next/node_modules/next/src/server/base-server.ts:3121:48)

  29 |     ...args: A
  30 |   ): ReturnType<F> {
> 31 |     return fn.call(thisArg, ...args);
     |              ^
  32 |   }
  33 |
  34 |   bind<T>(_context: types.Context, target: T): T {

Reproduction

1. Use getSession()
2. Run app with npm run dev
3. Go to route and errors appear in console.

Additional context

No response

nextjs-auth0 version

3.5.0

Next.js version

15.0.2

Node.js version

22.8.0

[nicolopadovan]

The same issue arises when using any of the other functions that use headers() or cookies(), such as getAccessToken and similar.
This is due to the breaking changes that were implemented in NextJS 15.
I am guessing that this is a very important issue: it breaks the possibility to correctly authenticate server-side code.

A fix should be relatively simple using the specific codemod provided by NextJS

[MrSimmmons]

Many discussions have been made over at #1779

TLDR; NextJS 15 IS NOT SUPPORTED until v4 is released.

V4 is effectively a rewrite and has many breaking changes, but is in beta. So id recommend using the beta if you want to use Next 15, or waiting for the official release whenever that happens

[brth31]

Thanks for reporting this issue. These errors are related to Next.js 15's new requirement for async handling of cookies and headers, which is a breaking change. As noted in our announcement, Next.js 15 compatibility is only available in our v4 beta release.

Closing this issue as it's being tracked as part of the broader Next.js 15 compatibility work. For v4 beta specific issues, please open new issues and tag them accordingly.

[sterno2510]

Thank you for the information! I appreciate the feedback!