# Clerk Changelog — Page 5

# Native React Native components, Google Sign-In, and Core 3
URL: https://clerk.com/changelog/2026-03-09-expo-native-components.md
Date: 2026-03-09
Category: SDK
Description: @clerk/expo now ships prebuilt native components (AuthView, UserButton, UserProfileView), native Google Sign-In, and Core-3 Signal APIs.

`@clerk/expo` 3.1 brings native UI components powered by SwiftUI (iOS) and Jetpack Compose (Android), native Google Sign-In, and the new Core-3 Signal API. This is a major version bump that requires Expo SDK 53+.

## Native React Native components

Three prebuilt native components are now available from `@clerk/expo/native`:

- **`<AuthView />`** renders the full sign-in/sign-up UI natively, with support for `signIn`, `signUp`, and `signInOrUp` modes. Session sync to the JS SDK happens automatically.
- **`<UserButton />`** displays the user's avatar and opens the native profile modal on tap. It fills its parent container, so the parent controls the size and shape.
- **`<UserProfileView />`** renders the profile management UI inline. For modal presentation, use the new `useUserProfileModal()` hook.

All components use hook-based state management rather than callbacks. React to auth state changes with `useAuth()` in a `useEffect`:

```tsx
import { AuthView, UserButton } from '@clerk/expo/native'
import { useAuth, useUserProfileModal } from '@clerk/expo'

function App() {
  const { isSignedIn } = useAuth()
  const { presentUserProfile } = useUserProfileModal()

  if (!isSignedIn) {
    return <AuthView mode="signInOrUp" />
  }

  return (
    <>
      <View style={{ width: 44, height: 44, borderRadius: 22, overflow: 'hidden' }}>
        <UserButton />
      </View>
      <TouchableOpacity onPress={presentUserProfile}>
        <Text>Manage Profile</Text>
      </TouchableOpacity>
    </>
  )
}
```

These components require the `@clerk/expo` Expo config plugin, which automatically adds the [clerk-ios](https://github.com/clerk/clerk-ios) and [clerk-android](https://github.com/clerk/clerk-android) native SDKs to your project. See the [native components overview](/docs/reference/expo/native-components/overview) for setup and usage.

## Native Google Sign-In

Google Sign-In now uses platform-native APIs instead of browser-based OAuth:

- **iOS**: ASAuthorization (system credential picker)
- **Android**: Credential Manager (one-tap / passkey-ready)

This is exposed via the `NativeClerkGoogleSignIn` TurboModule spec and integrated into the `@clerk/expo` config plugin. No extra packages are needed beyond configuring your Google OAuth credentials in the Clerk Dashboard.

## Core-3 Signal APIs

`@clerk/expo` 3.1 ships with the [Core-3 Signal API](/docs/guides/development/upgrading/upgrade-guides/core-3), which replaces the legacy `setActive()` pattern with reactive hooks:

```tsx
// Core 3
const { signIn } = useSignIn()
await signIn.create({ identifier: email })
await signIn.password({ password })
if (signIn.status === 'complete') {
  await signIn.finalize({ navigate: () => router.push('/') })
}
```

Key changes from Core 2:

- `signIn.password()`, `signIn.emailCode.sendCode()` replace `signIn.attemptFirstFactor()`
- `signIn.finalize()` replaces `setActive({ session: signIn.createdSessionId })`
- Error handling via `errors.fields.identifier?.message` instead of try/catch

See the [Expo quickstart](/docs/quickstarts/expo) and [Core-3 upgrade guide](/docs/guides/development/upgrading/upgrade-guides/core-3) for migration details.

## New hooks

Three new hooks are exported from `@clerk/expo`:

| Hook                    | Description                                                                                   |
| ----------------------- | --------------------------------------------------------------------------------------------- |
| `useUserProfileModal()` | Present the native profile modal imperatively. Returns `{ presentUserProfile, isAvailable }`. |
| `useNativeSession()`    | Access native SDK session state: `isSignedIn`, `sessionId`, `user`, `refresh()`.              |
| `useNativeAuthEvents()` | Listen for auth state changes (`signedIn`, `signedOut`) from native components.               |

## Get started

Follow the [Expo quickstart](/docs/quickstarts/expo) to set up a new project with native components, or check the [native components reference](/docs/reference/expo/native-components/overview) for the full API. The [clerk-expo-quickstart](https://github.com/clerk/clerk-expo-quickstart) repo has three example apps: JS-only, JS with native sign-in, and full native components.

---

# X social connection improvements
URL: https://clerk.com/changelog/2026-03-06-x-social-connection-improvements.md
Date: 2026-03-06
Category: SSO
Description: We're rolling out improvements to the X social connection.

Users who sign in with X/Twitter now get their email address returned as part of the authentication flow. Previously, they were prompted to enter it manually as an extra step for.'

Additionally, Clerk development instances can now enable the X/Twitter connection with zero additional config for easier testing.

To add X/Twitter v2 as a social connection in your application, see the [X/Twitter guide](/docs/guides/configure/auth-strategies/social-connections/x-twitter).

---

# JWT format support for M2M tokens
URL: https://clerk.com/changelog/2026-02-24-m2m-jwt-tokens.md
Date: 2026-03-05
Category: M2M
Description: M2M tokens can now be issued as JWTs, enabling networkless verification and eliminating per-verification costs.

## Why JWT?

JWT M2M tokens offer several advantages over opaque tokens:

- **Networkless verification** — JWTs can be verified locally using your instance's public key, without making a network request to Clerk's servers
- **No verification cost** — Opaque token verification costs `$0.00001` per request, while JWT verification is free since it happens locally
- **Self-contained** — All necessary information (machine ID, claims, expiration) is embedded in the token itself
- **Lower latency** — Local verification is significantly faster than a network round-trip

## When to use opaque tokens

Opaque tokens remain valuable for security-sensitive scenarios:

- **Instant revocation** — Opaque tokens can be invalidated immediately, while JWTs remain valid until they expire
- **Maximum security** — Opaque tokens do not contain any embedded information. Server-side verification is required to access payload data.

## Getting Started

**Dashboard**

To generate your M2M token format:

1. Navigate to [Machines](https://dashboard.clerk.com/~/machines/configure) in the Clerk Dashboard
2. Select the machine you want to generate the token for.
3. Select **Generate token**
4. Toggle **Generate token as JWT**
5. Select **Create**

**SDK**

```javascript
// Create a JWT token on Machine A
const m2mToken = await clerkClient.m2m.createToken({
  tokenFormat: 'jwt',
})

// Send authenticated request to Machine B
await fetch('<machine-b-url>', {
  headers: {
    Authorization: `Bearer ${m2mToken.token}`,
  },
})

// Verify the token on Machine B — no network request needed
const verified = await clerkClient.m2m.verify({ token })
```

### Pricing

We will begin charging for M2M token usage starting March 16, 2026. The pricing will be:

- `$0.001` per token creation
- `$0.00001` per token verification (opaque tokens only)

For more details, see the [M2M tokens documentation](/docs/machine-auth/m2m-tokens) and [token formats documentation](/docs/guides/development/machine-auth/token-formats).

---

# Chrome Extension JavaScript SDK support
URL: https://clerk.com/changelog/2026-03-04-chrome-extension-js-quickstart.md
Date: 2026-03-04
Category: SDK
Description: The Chrome Extension SDK now supports vanilla JavaScript with createClerkClient(), and deprecates the /background import path.

The `@clerk/chrome-extension` SDK now fully supports vanilla JavaScript (non-React) usage through `createClerkClient()` imported from `@clerk/chrome-extension/client`. A new [Chrome Extension JS Quickstart](/docs/getting-started/quickstart/chrome-extension-js) guide is available to help you get started.

## `createClerkClient()` for vanilla JS

Use `createClerkClient()` from `@clerk/chrome-extension/client` to initialize Clerk in a popup or side panel without React:

```ts {{ filename: 'src/popup.ts' }}
import { createClerkClient } from '@clerk/chrome-extension/client'

const clerk = createClerkClient({
  publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
})

await clerk.load({
  allowedRedirectProtocols: ['chrome-extension:'],
})
```

## `background` option for `createClerkClient()`

Whether you're using React or vanilla JS, `createClerkClient()` from `@clerk/chrome-extension/client` now accepts a `background: true` option for use in background service workers. This replaces the separate `@clerk/chrome-extension/background` import.

```ts {{ filename: 'src/background/index.ts' }}
import { createClerkClient } from '@clerk/chrome-extension/client'

async function getToken() {
  const clerk = await createClerkClient({
    publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
    background: true,
  })

  if (!clerk.session) {
    return null
  }

  return await clerk.session?.getToken()
}
```

## Deprecation: `@clerk/chrome-extension/background`

Importing `createClerkClient` from `@clerk/chrome-extension/background` is now deprecated. Both React and vanilla JS extensions should update to import from `@clerk/chrome-extension/client` with the `background: true` option instead.

---

# Core 3
URL: https://clerk.com/changelog/2026-03-03-core-3.md
Date: 2026-03-03
Category: SDK
Description: The latest major release of Clerk's SDKs, with improved customization APIs, a theme editor, broader keyless mode support, modern React compatibility, and performance improvements.

We're excited to announce the latest major release of Clerk's SDKs, Core 3. With the release, [we're investing in better customization primitives and agent-friendly APIs](/blog/2026-03-03-clerk-for-the-ai-era). Highlights include:

- [**Improved customization APIs**](#improved-customization-apis): New hooks for building custom sign in, sign up, and checkout flows.
- [**Theme editor and interactive docs**](#theme-editor-and-interactive-docs): Customize components visually and preview props live in the docs.
- [**Agent-optimized onboarding**](#agent-optimized-onboarding-for-more-frameworks): Keyless mode for more SDKs: TanStack Start, Astro, and React Router.
- [**Modern React support**](#modern-react-support): Improved support for apps that use concurrent rendering features.
- [**Performance improvements**](#performance-improvements): Smaller bundles, faster token fetching, better offline handling.

## Upgrade today

We've built an upgrade CLI that scans your codebase and applies codemods for most breaking changes. If you've used our upgrade tool before, the process is the same.

```bash
npx @clerk/upgrade
```

Core 3 requires **Node.js 20.9.0+**. For the full list of changes, upgrade prompts, and step-by-step instructions, see the [Core 3 upgrade guide](/docs/guides/development/upgrading/upgrade-guides/core-3).

> \[!NOTE]
> If you need to reference the previous documentation, the [Core 2 docs](/docs/core-2) are still available.

## Improved customization APIs

We've redesigned the APIs for the `useSignIn`, `useSignUp` and `useCheckout` hooks, and introduced a new `useWaitlist` hook. These refreshed APIs make building custom auth UIs easier for humans and agents.

Previously, you needed to maintain your own state for attempt status, loading states, and error parsing. Now, it's all exposed from the hooks:

```javascript
// signIn is stateful, updates will trigger re-renders
const { signIn, fetchStatus, errors } = useSignIn()

// Step methods map directly to the flow
await signIn.password({ emailAddress, password })
await signIn.emailCode.sendCode()
await signIn.emailCode.verifyCode({ code })

// Read the resource's status directly
signIn.status // 'needs_first_factor' | 'needs_second_factor' | 'complete'

// Built-in fetch state
fetchStatus // 'idle' | 'fetching'

// Structured field-level errors
errors.fields.identifier // "Couldn't find your account"
errors.fields.password // "Password is incorrect"
```

The same structure applies whether you're building a sign up form, a waitlist, or a checkout flow, so you don't need to learn a different API for each one. The hooks are designed to work with any component library, whether you're using shadcn/ui, Radix, or your own components.

We've also rewritten all of our [custom flow documentation](/docs/guides/development/custom-flows/overview) to use the new hooks.

## Theme editor and interactive docs

We've launched a [theme editor](https://clerk.com/components/theme-editor) that lets you visually customize Clerk's prebuilt components and copy the resulting `appearance` prop configuration into your app. You can adjust colors, spacing, typography, and borders, and see the changes in real time. Give it a whirl and share your custom themes with us!

Our component documentation is now interactive too. You can tweak props, see live previews, and copy working code directly from the docs.

## Agent-optimized onboarding for more frameworks

Keyless mode, the ability to try Clerk without creating an account or configuring API keys, now works with **TanStack Start**, **Astro**, and **React Router**. You can go from `pnpm install` to a working auth setup without leaving your editor. Great for agents!

## Modern React support

Clerk now works correctly when your app is using React's concurrent features, including transitions, Suspense, and streaming SSR. Previously, Clerk's auth state synchronization could conflict with concurrent rendering, leading to stale state during `useTransition` navigations or hydration mismatches with streaming. Core 3 reworks how Clerk manages auth state internally to resolve these issues. No code changes are needed on your end.

## Performance improvements

- **Smaller bundles**: React is now shared across all framework SDKs instead of being bundled separately with Clerk's components. This saves roughly \~50KB gzipped (the size of `react` + `react-dom`) for apps using components and framework-specific packages like `@clerk/nextjs` or `@clerk/tanstack-react-start`.
- **Faster satellite domains**: Previously, satellite domains triggered a Handshake redirect to the primary domain on every first page load, even for anonymous visitors. Core 3 introduces a `satelliteAutoSync` option (defaults to `false`) that skips the redirect when no session cookies exist. The handshake now only fires after an explicit sign in action, eliminating the unnecessary redirect for most satellite traffic.
- **Better offline handling**: `getToken()` previously returned `null` both when the user was signed out and when the device was offline. The latter was unintentional. It now throws a `ClerkOfflineError` when the network is unavailable, so you can more reliably handle being offline in your application.
- **Optimized token fetching**: `getToken()` now proactively refreshes session tokens in the background before they expire, so your app never has to wait for a token refresh mid-request. This eliminates intermittent blocking delays in apps that make frequent API calls, like AI chat apps with sequential requests.

## Other updates

- **Simplified package names**: `@clerk/clerk-react` is now `@clerk/react`. `@clerk/clerk-expo` is now `@clerk/expo`. The upgrade CLI handles the rename.
- **Unified `<Show>` component**: `<Protect>`, `<SignedIn>`, and `<SignedOut>` are replaced by a single `<Show>` component. Use `when="signed-in"`, `when="signed-out"`, or pass a condition callback for authorization checks. In certain scenarios, these components still expose the content they are wrapping in your source code. We picked `Show` as the new name to make it clear that this utility should be only be used to control visibility. [Learn more](/docs/react/reference/components/control/show).

```jsx {{ prettier: false }}
// Previously <SignedIn>
<Show when="signed-in">
  <Dashboard />
</Show>

// Previously <Protect>
<Show when={(has) => has({ role: 'admin' })}>
  <AdminPanel />
</Show>
```

- **Automatic light/dark theme**: Previously, you had to manually switch Clerk's component theme depending on the theme of your application. Now, Clerk's components automatically match your app's color scheme if it supports light and dark mode. No additional configuration needed. [Learn more](/docs/react/guides/customizing-clerk/appearance-prop/themes#default-theme).
- **Automatic Vite env detection**: Clerk detects environment variables in Vite-based projects automatically. No more manually passing `VITE_CLERK_PUBLISHABLE_KEY`. [Learn more](/docs/guides/development/clerk-environment-variables).
- **Portal provider**: New `UNSAFE_PortalProvider` component lets you specify a custom container for Clerk's portaled UI elements (popovers, modals, tooltips). This solves a common issue when using Clerk components inside libraries like Radix Dialog or React Aria, where portaled elements would render to `document.body` and end up behind the dialog. [Learn more](/docs/reference/components/utilities/portal-provider).
- **Frontend API proxy helper**: `clerkMiddleware` in Next.js and Express now supports proxying requests to Clerk's Frontend API. Previously, you had to implement this yourself following the guide in our docs. Enable it with `frontendApiProxy: { enabled: true }` in your middleware config. [Learn more](/docs/guides/dashboard/dns-domains/proxy-fapi).
- **Types subpath exports**: You can now import Clerk types directly from any SDK package (e.g. `import type { UserResource } from '@clerk/react/types'`) instead of installing the separate `@clerk/types` package. `@clerk/types` has been deprecated.
- **Next.js cache components support**: Baseline support for Next.js's cache components. If you're using cache components, `ClerkProvider` should be placed inside `<body>` rather than wrapping `<html>`.
- **Component changelog**: A new centralized [component changelog](/docs/reference/components/changelog) tracks visual and behavioral updates to prebuilt components, independent of SDK releases.

## Deprecations

- **Clerk Elements**: Deprecated in favor of the redesigned hooks, which cover the same custom UI use cases with less complexity.
- **`@clerk/types`**: As mentioned above, the dedicated types package has been deprecated in favor of exposing types through existing SDKs.
- For additional deprecations and breaking changes, see the [upgrade guide](/docs/guides/development/upgrading/upgrade-guides/core-3).

If you run into issues upgrading, reach out on [Discord](https://clerk.com/discord) or contact [support](https://clerk.com/contact/support). We're here to help. Happy building!

---

# Organization retention report
URL: https://clerk.com/changelog/2026-02-24-organization-retention.md
Date: 2026-02-24
Category: Dashboard
Description: Track how well your application retains organizations with automatic organization retention tracking.

Understand how well your application retains organizations with the new organization retention report. Clerk automatically tracks how many organizations remain active after creation, enabling you to visualize how your organization retention is trending versus industry benchmarks.

### Features

- Change the interval to see how your organization cohorts retain over the first 30 days, 8 weeks, and 3 months.
- Visualize how your retention is changing over time by comparing the last three or six cohorts.
- Set a goal shape to measure how your retention is improving towards industry benchmarks.
- View recent cohorts in progress, or toggle off 'show incomplete period' to see only cohorts with complete data.