Lambda service for Netlify CMS authentication

Usage no npm install needed!

<script type="module">
  import netlifyCmsAuthLambda from '';


Netlify CMS Authentication as a Lambda Service

This library exposes as a lambda service.


As a library

npm i netlify-cms-auth-lambda

AWS Lambda example using serverless-http:

// handler.js
const serverless = require('serverless-http')
const app = require('netlify-cms-github-lambda')
module.exports = serverless(app)

This repository includes this for convenience in handler.js, which you can use as a Serverless service as described below, but you might also wish to consume this library as an Express app to deploy using a different framework or on a different cloud platform. Make sure you configure your production environment appropriately.

As a Serverless AWS Lambda service

  1. Clone this repository
git clone
  1. Install dependencies
npm i
  1. Configure your local Serverless and AWS environment

  2. Configure your production environment

The following Serverless configuration will prepare an authentication server for Github on AWS Lambda and API Gateway. You can also configure for use with another provider, like Gitlab. To do this, see configuration details in the original library: vencax/netlify-cms-github-oauth-provider. serverless.yml should be added to your local repository.

# serverless.yml
service: netlify-cms-auth

  name: aws
  runtime: nodejs8.10
  stage: prod
  region: us-east-1

    handler: handler.handler
      NODE_ENV: production
      OAUTH_CLIENT_ID: # get from
      OAUTH_CLIENT_SECRET: # get from
      - http: ANY /
      - http: 'ANY {proxy+}'

This is also where you can prepare additional Serverless configuration, such as a custom domain.

  1. Deploy with the Serverless CLI
sls deploy

Your authentication server should now be running, e.g. at

  1. Configure Netlify CMS

For instance, the following backend configuration is what you'll need to if you deploy to AWS without a custom domain.

# config.yml
  name: github
  repo: username/repo
  branch: master
  auth_endpoint: /prod/auth

Note, if you deploy via AWS to, make sure you set base_url to and auth_endpoint to /prod/auth. Otherwise, you may find yourself frustrated.