Enable users to sign in to your application using their Vercel accounts.
Vercel is now available as a built-in SSO provider, allowing users to sign in to your application using their Vercel accounts.
Visit the setup guide to configure Sign in with Vercel for your application.
You can now enable Organizations directly in your app during development, without navigating to the Clerk Dashboard.
When you first use organization components or hooks in a development instance, Clerk will automatically prompt you to enable Organizations. The prompt includes a toggle to allow personal accounts and a link to the Dashboard for advanced configuration.
This reduces friction when building B2B applications — no more context switching between your code editor and the Dashboard just to enable a feature.
Build custom role based access control (RBAC) systems by managing organization roles and permissions via an API.
You can now completely manage permissions and roles through the Clerk Backend API. Build sophisticated access control systems tailored to your application's needs — whether you're syncing roles from external systems, automating permission assignments, or creating custom admin interfaces.
The following endpoints are now available on Clerk's backend API:
Organization Permissions
Organization Roles
Role Permissions
Visit the API reference for detailed documentation on request parameters and response formats.
Clerk Billing now supports linking an existing Stripe account.
You can now link and use an existing Stripe account for Clerk Billing, as long as the account is not associated with another platform.
Head to your billing settings in the Clerk Dashboard to get started today.
Last Friday, Troy Hunt shared that 625 million never-before-leaked passwords had been added to Have I Been Pwned, the password leak detection service. The update brought relief to our team at Clerk, which had been fighting credential stuffing attacks for the two weeks prior.
Attackers were attempting to test millions of stolen passwords in quick bursts, with seemingly endless rotating IPs and TLS fingerprints to slip past rate limiters.
While we were able to mitigate the vast majority of the attack, leaks of this scale mean that even 99.9% effectiveness isn’t enough.
So we decided to kill credential stuffing for good, with a mechanism we’re calling Client Trust.
Client Trust is Clerk’s new defense against credential stuffing. It works by treating every new device as untrusted until the user has signed in on it.
Here’s what that means in practice:
Then Clerk will automatically require a second factor, with either a one-time passcode or a magic link, depending on the application’s settings.
That’s it. No extra configuration and no guesswork. Just automatic protection from day one.
We know that developers don’t want to choose between user experience and security. Client Trust is designed to make that trade-off obsolete.
It’s invisible when it should be, and decisive when it must be. No more leaked-password panics. No more hoping users turned on 2FA.
With Client Trust, your users are protected even when their password is included in a 0-day credential leak.
Client Trust is included in all Clerk plans, and automatically enabled for new applications.
Existing applications must enable the update manually from the Updates page of the dashboard. For most customers, it’s available as one-click update.
You can now update billing plan prices even when the plan has active paid subscriptions.
Previously, when a billing plan had active paid subscriptions, the price fields in the dashboard were disabled and couldn't be modified. This was a protective measure to prevent accidental changes that could affect existing subscribers.
With this update, you now have full control over your plan pricing, regardless of subscription status.
When you update the price of a plan with active subscriptions:
We're working on additional functionality that will give you even more control over pricing updates. In a future release, you'll be able to automatically transition existing subscriptions to updated pricing at their next billing date.
To update pricing for an active plan: