Clerk Changelog

SOC 2 / HIPAA Certifications

We're proud to announce that we are officially SOC 2 Type 2, and HIPAA certified! Security and privacy are our utmost directives here at Clerk. While we talk a big game about developer experience (and live up to it!), everyone at Clerk knows that security and privacy take precedence over any other initiative. These new certifications highlight our commitment to securing your data and keeping it private.

The entire team worked on this initiative -- it involved a lot of training, a complete audit of all our processes, and a complete audit of every system that Clerk uses. We are extraordinarily confident in the security and privacy of all data in our systems.

If you would like a copy of our SOC2 report, please email us at support@clerk.dev.

Organizations updates

We've made considerable progress towards a release of Clerk's Organizations feature.

New Backend API Endpoints

• Organization Object
  • List, Create, Read, Update, Delete
  • Merge/Update Metadata
  • Create/Update Logo
• Organization Memberships
  • List, Create, Read, Update, Delete

Thanks to the contributors: Giannis Katsanos, Alex Ntousias

Email deliverability

We've created a new guide that outlines every step Clerk takes to endure that your verification emails are delivered to your inbox in a timely manner. There's a lot that goes into an email, especially ones as crucial as verification emails. Any delay, or dropped email, is catastrophic, and we treat them as critical errors here at Clerk. To learn more check our email deliverability guide.

Thanks to the contributors: Agis Anastasopoulos

Test mode

When running automated tests, you don't actually need to send out SMSs and Emails, but, you do want to test all of your code flows as exact as possible. We've create a new "Test Mode", that will let you use "fictional" phone numbers and emails which will always result in the same verification codes.

Thanks to the contributors: Braden Sidoti

React 18 support

This week we updated every React package we publish (including Next.js, Remix, Redwood, Expo, Gatsby) to support React 18.

They were a few compatibility issues, primarily with typescript and strictmode. Please contact us in Discord if issues persist.

Thanks to the contributors: Nikos Douvlis, Peter Perlepes

Remix & Fauna tutorial

Ian, our Head of Developer Advocacy, published a new end-to-end tutorial this week for Remix, Fauna, and Clerk. Follow along to learn how to build a Movie Emoji Quiz!

Our tutorials are a great way to get started with new technologies. We take a lot of care in building step-by-step guides, and explaining the high level concepts as we introduce them.

Thanks to the contributors: Ian McPhail

Email deliverability updates

We had a few reports of Outlook deliverability issues this week that we've been working to resolve.

The "From" email address for magic links and verification emails is now configurable by an API request. Soon, it will also be added to the dashboard.

We've also been working with Outlook-specific deliverability specialists to improve our inbox rate.

Deliverability is a persistent challenge as different postmasters have fluctuating requirements. If you're having deliverability issues, please contact support.

Thanks to the contributors: Agis Anastasopoulos

Organization deletion

Our Organization Management beta is well underway! About 15% of our new customers are now enrolling and we continue to receive great feedback.

This week we added deletion endpoints to our frontend API so users can delete their own organizations. Just call .destroy() on an Organization resource.

Thanks to the contributors: Alex Ntousias, Nikos Douvlis

Community Spotlight: E2E Clerk tests in Cypress

Lynn Romich published a great blog⁠ about his experience building E2E Clerk tests with Cypress. Thank you, Lynn!

Expo / React Native support

The full Clerk API is now supported in Expo and React Native!

This is our first SDK for mobile and charts a course for future integrations.

The patterns are extensible to any native client (mobile, native desktop, chrome extensions) and open source in our Javascript repository⁠.

Thanks to the contributors: Sokratis Vidros

Organization "slug" field

Development of our Organization Management features continues!

This week we added a URL-friendly "slug" field to assist developers who configure one-subdomain-per-organization.

Thanks to the contributors: Giannis Katsanos

Usernames in JWT templates

The {{user.username}} shortcode has been added to JWT templates so developers can securely pass the active user's usernames anywhere they need.

Thanks to the contributors: Agis Anastasopoulos, Haris Chaniotakis

Bucket o' Remix updates

We launched a ton of new content about our Remix integration this week:

• New marketing page
• New documentation
• New blog: It's the little things: Three developer experience delights of our Remix authentication package

Thanks to the contributors: Charles Wefso, Ian McPhail, Braden Sidoti, Colin Sidoti

It's been a very wide-ranging week at Clerk, as we've added and improved features across many different parts of the product.

Gatsby SSR Alpha

Hot off the press! Today we launched an alpha version of SSR support for Gatsby. It's been a real treat putting this together so quickly after receiving the request through Github⁠ just last week.

The new version is tagged 3.0.0-alpha.2, and available as gatsby-plugin-clerk on npm⁠.

The usage is not documented yet, but it's really simple. Just use our withServerAuth wrapper, and pull the authentication context from props:

import { withServerAuth } from 'gatsby-plugin-clerk/ssr'

export const getServerData = withServerAuth(async (props) => {
  const { userId, sessionId, getToken } = props.auth
  return { props: { message: '' } }
})

Note: this release does not support authentication in Gatsby Functions yet. Support will be added for version 3 reaches general availability.

Thanks to the contributors: Nikos Douvlis, Peter Perlepes

Organization improvements

The reception of our new Organization object has been incredible - with a few developers already using the functionality in production.

This week we launched two new features associated with organizations:

Webhooks

The Svix webhook integration in Clerk's dashboard now has events for:

• organization.created
• organization.updated
• organizationInvitation.created
• organizationInvitation.revoked
• organizationMembership.deleted
• organizationMembership.updated

Metadata

Developers can now attach public and private metadata to the Organization object, just like they can for the User object.

Thanks to the contributors: Giannis Katsanos, Alex Ntousias, Nikos Petridis

Improved observability

Observability has become a focal point for our SDKs. We're working to improve our errors so they guide developers to the right solution.

This week we added observability of the "authentication result" to two more contexts:

1. Next.js edge middleware⁠
2. Remix loaders and actions⁠

More to come soon!

Thanks to the contributors: Nikos Douvlis, Peter Perlepes

OAuth after Sign Up

OAuth connections can now be be added after a user has signed up.

This can be accomplish through the <UserProfile/> component, or through the useUser() hook and the user.createExternalAccount() function.

Thanks to the contributors: Agis Anastasopoulos, Haris Chaniotakis

Mergeable custom metadata

Metadata fields can now be updated via deep-merge in addition to complete replacement. This functionality was added to the Backend API to start.

Thanks to the contributors: Giannis Katsanos

Improved observability

We updated our Next.js and Node SDKs⁠ to add a Auth-Result header when the authentication state is unknown or signed out.

This will help us debug situations where your backend thinks the user is signed out, but the frontend knows they are signed in. Usually the reason for this is quite benign, but it can be tricky to debug.

Thanks to the contributors: Peter Perlepes

Optional usernames

Usernames can now be optional, instead of only Required or completely Off.

You can make the change from the "Email, Phone, Username" settings page in your dashboard:

Thanks to the contributors: Alex Ntousias

Community Spotlight: RedwoodJS

We'd like to wish a hearty congratulations to RedwoodJS on their v1 launch.

We've had a shared Slack with the Redwood team for a few months now as we collaborated to build the Clerk integration. The folks there are incredibly kind, patient, and innovative and we can't wait to see how the framework evolves.

Learn more about our RedwoodJS authentication integration.

Instant Component previews

Sign-up, sign-in, and user profile components can now be previewed instantly after an application is created in Clerk - no code required! Just click the preview buttons on thie sidebar.

Thanks to the contributors: Marcel Cruz

In-house docs

Piece-by-piece, we're moving our documentation in-house! Our previous vendor was great for written documentation, but we constantly found ourselves wanting to add dynamic and interactive elements to our documentation.

With our new solution, built on Sanity and Next.js, we can more easily develop custom elements in our documentation. Stay tuned as our onboarding gets even easier in the months ahead.

The new documentation is available on clerk.dev/docs.

Thanks to the contributors: Charles Wefso, Ian McPhail

Email deliverability improvements

We noticed a small subset of customers we're having a few email deliverability issues. In particular, the customers who launched a brand new application on Clerk and have never sent emails from their domain before. These developers had zero "domain reputation" and gmail was delaying the delivery of magic links and sms codes.

This week, we made three small adjustments that seem to have resolved the issue:

1. Improved the formatting of the plaintext "part" of our emails
2. Removed unnecessary query string variables and & with just &
3. Removed the application name from the email subject

We will continue to monitor deliverability and make adjustments as needed.

Thanks to the contributors: Agis Anastasopoulos, Haris Chaniotakis

Community spotlight: Supabase Launch Week!

Congratulations to Supabase on their tremendous launch week!

Supabase is an incredible product and we share many customers through our Supabase integration.

We're proud to have launched our integration in their new Partner Gallery⁠ this week, but also just really excited to try their new functions.