Changelog August 4, 2023

⛔️ Prevent Fake Accounts with Disposable Email Blocking

Clerk now offers the ability to block disposable and temporary emails during sign-up. When this setting is enabled, emails entered during sign-up will be checked in real-time against a frequently updated database of over 160,000 known disposable email providers. If a match is found, the sign-up is blocked to prevent abuse from invalid accounts.

The setting can be enabled on the Settings page of the Clerk Dashboard⁠ →

✨ Other Fixes & Improvements

• Enabled the allowedRedirectOrigins prop in Clerk Hosted Pages to mitigate unvalidated redirect vulnerabilities⁠ in production instances. With this setting, only same-origin redirects will be allowed from Hosted Pages.
• Fixed bugs in username sorting logic for the Users and Members tables in the Clerk Dashboard.
• Added a user.hasImage boolean to Clerk's Frontend API and ClerkJS⁠ package. This field indicates whether the user has a profile image and, if they do, whether their profile image was uploaded by the user or was sourced from their connected social provider.
  • This field can, for example, be used to ensure users have a profile image by allowing you to leverage it to build logic and a UI to display a profile image uploader if the user has signed up without a social provider and has not yet added a profile image.
• Added a new JWT template for WunderGraph⁠ in the Integrations section of the Clerk Dashboard.

📅 Events

We're excited to announce that Clerk is sponsoring React Rally in Salt Lake City on August 17th and 18th. If you're planning on attending, let us know – we'd love to meet you! We'll have cookies, swag, and a surprise or two. And if you're not sure, there's still time 😉

Grab your ticket here →⁠

📚 Resources

• Implementing Role-Based Access Control in the Next.js App Router⁠: In this tutorial written by Eugene Musebe⁠, you will learn how to integrate RBAC in your Next.js app using organizations powered by Clerk.
• How to Build an AI Companion⁠: In this 6-hour tutorial on the Code with Antonio⁠ YouTube channel, you’ll learn how to build an AI Companion app using Pinecone⁠, Replicate⁠, Planetscale⁠, Shadcn UI⁠, and more!
• How We Roll – Chapter 9: Infrastructure: In this chapter of How We Roll, Dev Agrawal⁠ provides an in-depth look at the infrastructure that powers Clerk’s authentication capabilities.
• A Comprehensive Guide to GDPR-Compliant Auth Solutions⁠: If you’re interested in learning about GDPR compliant auth solutions, you’ll enjoy this in-depth article by MadaShindeInai⁠.
• Build and Deploy a Threads App⁠: Learn how to build a full stack Threads App in this YouTube tutorial from JavaScript Mastery⁠ using Next.js⁠, Clerk, MongoDB⁠, UploadThing⁠, Zod⁠, and more!

🙌 Community Shoutouts

• Kudos to Subham Bharadwaj⁠ on launching Scribbly, a digital journal app built with Next.js, Shadcn UI⁠, Tinybird⁠ and auth powered by Clerk. Nice work!
• Big thank you to Thibault Le Ouay⁠ for open sourcing openstatus.dev⁠, a Statuspage alternative built with Clerk! The project is available on GitHub⁠ for anyone to check out and contribute. Appreciate you contributing to open source software and giving back to the developer community!
• Shout out to Ahmed El Aksaan⁠, the founder of Noodle.run⁠, an open-source platform to help students manage and help super-power their productivity. They have already hit 10,000 GitHub stars⁠, and growing, in record time!

Stay tuned for future updates. If you have feedback or suggestions, leave us feedback on the docs via Docsly⁠, tweet us at @ClerkDev⁠, or join the Clerk Community⁠ on Discord.