I know this topic has come up before, and I’m sure it’s on Replit’s radar, but I wanted to raise it again because it remains a major problem in Agent 3.
The core issue is that Replit Agent seems unable to stop creating new authentication systems—despite significant time and money already invested in building and maintaining a working one. This leads to endless duplication and conflicts.
No matter what safeguards I try to put in place, the agent keeps going off-track:
It builds entirely new authentication systems for new features instead of reusing the existing one.
It sometimes tries to fall back on outdated fragments of failed authentication attempts from earlier runs.
The result is constant confusion and broken functionality.
This isn’t an isolated issue—I’ve run into the same problem at least 50 times. Nothing the agent builds ever works the first time, because it gets stuck trying to juggle multiple, conflicting authentication systems.
At this point, I’ve had to start explicitly stating in every prompt exactly which authentication system to use whenever it’s relevant, just to prevent the agent from inventing a new one.
Yesterday I made the mistake of letting the agent run for nearly two hours on high power mode—at a cost of $100—only to find it had built everything around the wrong authentication system. That’s on me for not guiding it more tightly, but it’s also a clear sign of a deeper issue.
I’ve already wasted thousands of dollars in usage credits repairing authentication-related problems. While I’ll try prompting more carefully moving forward, this feels like a fundamental flaw in how the agent handles authentication, and it doesn’t seem to be improving.
Yeah, it seemed to be fixed for a little bit but I noticed it going off the rails 24-hours later. Agent was prompting me to input username / password (there was a little button that allowed me to take the wheels in their VM). I could also include username/pw in prompt and that would work until opening a new agent window.
I think yesterday it started messing with the Auth again and had to remind myself I should be including a line “For any testing, use username / password for login”. Hopefully you have an option for basic auth.
What have you been using it for? I’m trying to get a feel for when I change autonomy levels, Medium has been working so well for me, it’s hard to change off of it.
I am on day 5 of dealing with authentication issues between Replit and Clerk. I might be in a good patch right at this moment but I am working through admin panel page authentication issues that I need to work to fully test functionality.
Is Clerk the right solution? Should I roll back to 5 days ago and restart from there?
Too many times I wind up having to specify implement, test, bug fix, implement etc.
Be great if we could say,
Refer to project 123.
Use the authentication system as built and implement this into the current application.
Or even better, a pre-built wizard that asks for the services you want to authenticate with, and have it craft it using proven, working, fully tested templates.
Please.
I know you get paid on tokens, and that’s fine, but if you make it easier to to do the off the shelf stuff, we’ll be using a lot more of them for the right reasons
