Clerk Changelog

Whether you're in stealth-mode, running a private beta, or want to only ever manually onboard your customers, we know managing user access can be extremely important.

So allow us to introduce our newest sign-up mode: Restricted

What’s new?

In contrast to the Public sign-up mode that allows for anyone to sign-up to your application, Restricted mode means you have full control over your sign-ups.

Use our Backend APIs or the Clerk Dashboard to manage who gets access. Only users who have received invitations will have the ability sign-up. As mentioned, this can be helpful for use-cases where you want to tightly control who has access to your application whether by inviting folks individually or only supporting previously onboarded B2B customers via Enterprise SSO.

Ready to dive in?

Head to your Clerk Dashboard, or check out how to enable Restricted sign up mode to get started.

TanStack Start is an exciting new full-stack React framework that provides tons of great functionality like full-document SSR, streaming, server functions, bundling, and more. It's built by the same folks who have contributed some wonderful tools that we all know and love, like TanStack Router and TanStack Query.

We're so excited by it, we've even helped by sponsoring the project.

And today, we're proud to announce @clerk/tanstack-start@beta, a new official SDK that allows developers to add authentication and authorization into their TanStack Start application in matter of minutes.

The SDK comes fully equiped with Clerk's UI components, server utilities, and low level utilities for any of your custom flows.

Use Clerk UI components

Clerk's pre-built UI components give you a beautiful, fully-functional user and organization management experience in minutes.

Here's an example on how simple it is to build a sign-in page using Clerk's <SignIn /> component inside your TanStack Start applications.

import { SignIn } from '@clerk/tanstack-start'
import { createFileRoute } from '@tanstack/react-router'

export const Route = createFileRoute('/sign-in/$')({
  component: Page,
})

function Page() {
  return <SignIn />
}

Server functions

You can also pair our getAuth() utility function with TanStack Start's server functions to protect your routes.

import { createFileRoute, useRouter, redirect } from '@tanstack/react-router'
import { createServerFn } from '@tanstack/start'
import { getAuth } from '@clerk/tanstack-start/server'

const authStateFn = createServerFn('GET', async (_, { request }) => {
  const { userId } = await getAuth(request)

  if (!userId) {
    throw redirect({
      to: '/sign-in/$',
    })
  }

  return { userId }
})

export const Route = createFileRoute('/')({
  component: Home,
  beforeLoad: async () => await authStateFn(),
  loader: async ({ context }) => {
    return { userId: context.userId }
  },
})

function Home() {
  const router = useRouter()
  const state = Route.useLoaderData()

  return <h1>Welcome your user id is {state.userId}!</h1>
}

This is just the beginning. You can learn more on how to get started building TanStack Start applications with Clerk, check out our TanStack Start Quickstart guide.

We're excited to see what you build 🏝️.

Previously, Clerk only supported hosting one application per domain without causing cookie collisions and this limitation forced our users into a handful of unacceptable workarounds. So, we went back to the drawing board and rearchitected the way we set and handle our cookies to finally support multiple apps under the same domain.

Now, cookies are more tightly scoped, enabling useful scenarios like:

• Staging and production environments on the same domain: No more need to buy a separate domain just to set up a staging environment. Your production environment can live at example.com, and your staging app can live at staging.example.com.

• Separate apps, same TLD: Some customers had multiple apps but wanted to keep the top-level domain consistent. Enable a scenario like dashboard.example.com and admin.example.com without needing a separate domain.

• Developing multiple apps on localhost at the same time: You can now develop multiple applications on localhost simultaneously using different ports (e.g., on localhost:3000 and localhost:3001) out of the box.

The best part is, there’s no need to make any changes to your applications - everything works out of the box. Just ensure your Clerk SDKs are up to date to fully leverage this feature. We’ve been rolling out this change gradually over the past few weeks and have done the heavy lifting to ensure everything runs seamlessly.

There are even more improvements to come as it relates to enabling best-in-class deployment workflows (cough staging instances cough), and this foundational change gets us a step closer to that reality.

Easily integrate Hugging Face into your applications as either an authentication method or an external account that can be linked to your existing users. 🤗

Visit our Setup guide to configure a Hugging Face Connected App for your application in minutes.

We've expanded our Expo SDK with a new hook, useLocalCredentials, which combines the capabilities of Clerk's user management with the concept of Local Authentication in native apps.

For applications that allow their users to log in with an identifier and a password, useLocalCredentials enables them to use biometric authentication like Face ID, or Touch ID, when they sign back into the app. So, the next time they need to provide their credentials, they can simply use their device's biometrics.

Credentials are stored securely on the user's device only when they first sign in and can later be retrieved only after the user successfully passes biometric authentication.

Visit the Local Credentials guide to learn more about how to integrate this into your Expo app today.

Ever look through our list of built-in authentication providers and be disappointed that you couldn't find the one your users are looking for? Well first off, we're sorry we let you down. But today's a new day...

Starting now you can add any OpenID Connect (OIDC) spec-compliant OAuth provider to your Clerk application today. It's as easy as filling out a form.

We've even added Debug section where you can test your configuration and troubleshoot by viewing errors and API responses.

Head to the Clerk Dashboard, or have a look at our custom provider docs and never be dissappointed by Clerk again*

* We can't actually promise this, but we'll do our best!