Clerk Changelog

Introducing sign-up modes, starting with Restricted mode. Take control of who can join your app and prevent unexpected sign-ups.

Whether you're in stealth-mode, running a private beta, or want to only ever manually onboard your customers, we know managing user access can be extremely important.

So allow us to introduce our newest sign-up mode: Restricted

What’s new?

In contrast to the Public sign-up mode that allows for anyone to sign-up to your application, Restricted mode means you have full control over your sign-ups.

Use our Backend APIs or the Clerk Dashboard to manage who gets access. Only users who have received invitations will have the ability sign-up. As mentioned, this can be helpful for use-cases where you want to tightly control who has access to your application whether by inviting folks individually or only supporting previously onboarded B2B customers via Enterprise SSO.

Ready to dive in?

Head to your Clerk Dashboard, or check out how to enable Restricted sign up mode to get started.

Contributors
Konstantinos Pittas
Nikos Papageorgiou

TanStack Start SDK Beta

Category
SDK
Published

Add authentication and authorization to your TanStack Start application in minutes with the new Clerk SDK.

TanStack Start is an exciting new full-stack React framework that provides tons of great functionality like full-document SSR, streaming, server functions, bundling, and more. It's built by the same folks who have contributed some wonderful tools that we all know and love, like TanStack Router and TanStack Query.

We're so excited by it, we've even helped by sponsoring the project.

And today, we're proud to announce @clerk/tanstack-start@beta, a new official SDK that allows developers to add authentication and authorization into their TanStack Start application in matter of minutes.

The SDK comes fully equiped with Clerk's UI components, server utilities, and low level utilities for any of your custom flows.

Use Clerk UI components

Clerk's pre-built UI components give you a beautiful, fully-functional user and organization management experience in minutes.

Here's an example on how simple it is to build a sign-in page using Clerk's <SignIn /> component inside your TanStack Start applications.

app/routes/sign-in.$.tsx
import { SignIn } from '@clerk/tanstack-start'
import { createFileRoute } from '@tanstack/react-router'

export const Route = createFileRoute('/sign-in/$')({
  component: Page,
})

function Page() {
  return <SignIn />
}

Server functions

You can also pair our getAuth() utility function with TanStack Start's server functions to protect your routes.

app/routes/index.tsx
import { createFileRoute, useRouter, redirect } from '@tanstack/react-router'
import { createServerFn } from '@tanstack/start'
import { getAuth } from '@clerk/tanstack-start/server'

const authStateFn = createServerFn('GET', async (_, { request }) => {
  const { userId } = await getAuth(request)

  if (!userId) {
    throw redirect({
      to: '/sign-in/$',
    })
  }

  return { userId }
})

export const Route = createFileRoute('/')({
  component: Home,
  beforeLoad: async () => await authStateFn(),
  loader: async ({ context }) => {
    return { userId: context.userId }
  },
})

function Home() {
  const router = useRouter()
  const state = Route.useLoaderData()

  return <h1>Welcome your user id is {state.userId}!</h1>
}

This is just the beginning. You can learn more on how to get started building TanStack Start applications with Clerk, check out our TanStack Start Quickstart guide.

We're excited to see what you build 🏝️.

Contributor
Vaggelis Yfantis

Host multiple Clerk apps on the same domain

Category
Product
Published

We are thrilled to introduce a highly anticipated feature that allows multiple applications to be hosted under the same domain.

Previously, Clerk only supported hosting one application per domain without causing cookie collisions and this limitation forced our users into a handful of unacceptable workarounds. So, we went back to the drawing board and rearchitected the way we set and handle our cookies to finally support multiple apps under the same domain.

Now, cookies are more tightly scoped, enabling useful scenarios like:

  • Staging and production environments on the same domain: No more need to buy a separate domain just to set up a staging environment. Your production environment can live at example.com, and your staging app can live at staging.example.com.

  • Separate apps, same TLD: Some customers had multiple apps but wanted to keep the top-level domain consistent. Enable a scenario like dashboard.example.com and admin.example.com without needing a separate domain.

  • Developing multiple apps on localhost at the same time: You can now develop multiple applications on localhost simultaneously using different ports (e.g., on localhost:3000 and localhost:3001) out of the box.

The best part is, there’s no need to make any changes to your applications - everything works out of the box. Just ensure your Clerk SDKs are up to date to fully leverage this feature. We’ve been rolling out this change gradually over the past few weeks and have done the heavy lifting to ensure everything runs seamlessly.

There are even more improvements to come as it relates to enabling best-in-class deployment workflows (cough staging instances cough), and this foundational change gets us a step closer to that reality.

Contributors
Nikos Douvlis
Dimitris Klouvas
Mark Pitsilos
Nikos Papageorgiou

Hugging Face SSO Provider

Category
SSO
Published

Enable users to sign in to your application using their Hugging Face accounts.

Easily integrate Hugging Face into your applications as either an authentication method or an external account that can be linked to your existing users. 🤗

Visit our Setup guide to configure a Hugging Face Connected App for your application in minutes.

Contributor
Nikos Polykandriotis

Local Credentials in Expo

Category
SDK
Published

Use biometric authentication for returning users in your Expo application.

We've expanded our Expo SDK with a new hook, useLocalCredentials, which combines the capabilities of Clerk's user management with the concept of Local Authentication in native apps.

For applications that allow their users to log in with an identifier and a password, useLocalCredentials enables them to use biometric authentication like Face ID, or Touch ID, when they sign back into the app. So, the next time they need to provide their credentials, they can simply use their device's biometrics.

Credentials are stored securely on the user's device only when they first sign in and can later be retrieved only after the user successfully passes biometric authentication.

Visit the Local Credentials guide to learn more about how to integrate this into your Expo app today.

Contributor
Pantelis Eleftheriadis

Instantly add and configure any OpenID Connect (OIDC) compliant OAuth provider

Ever look through our list of built-in authentication providers and be disappointed that you couldn't find the one your users are looking for? Well first off, we're sorry we let you down. But today's a new day...

Starting now you can add any OpenID Connect (OIDC) spec-compliant OAuth provider to your Clerk application today. It's as easy as filling out a form.

We've even added Debug section where you can test your configuration and troubleshoot by viewing errors and API responses.

Head to the Clerk Dashboard, or have a look at our custom provider docs and never be dissappointed by Clerk again*

* We can't actually promise this, but we'll do our best!

Contributor
Konstantinos Pittas