Clerk Changelog

As an initial action, we’re introducing the ability to set passwords as compromised, with the option to immediately sign out all active sessions for the affected user. This triggers a reset password session task, requiring the user to set a new password on their next sign-in. Additional actions will be introduced in the future.

How to force password resets for an entire instance

If you need to protect all users at once—such as during a suspected platform-wide security incident—you can require a password reset for every account in your instance.

This is currently done by setting all existing passwords as compromised, which will trigger a reset password session task for affected users. Each user will be required to set a new password the next time they sign-in.

1. Navigate to Configure > Instance Settings > Security Measures in your Clerk Dashboard.
2. Select Set all passwords as compromised.

How to force a password reset for a specific user

When only a single account is at risk, you can require a password reset for that user alone.

This action triggers a reset password session task for the user, ensuring they must change their password before continuing.

1. Navigate to the User Details page for the user.
2. In the Password section, under the actions dropdown, select Set password as compromised.

Getting started

All new instances have password reset session task enabled by default. Existing instances must manually opt-in via the Reset password session task update⁠ on the Updates page.

If you’re using custom authentication flows, make sure your application handles:

• The Reset password session task
• The associated password compromised error

You can now filter organizations in the Clerk Dashboard by name, slug, or creation date. These filters work alongside the existing search functionality to help you locate specific organizations faster.

Whether you need to find organizations by their display name, unique slug identifier, or when they were created, the new filter menu provides quick access to refine your organization list.

To use the filters, click the filter icon next to the search bar on the Organizations page⁠ in your application instance.

We're excited to announce new organization reports in the Clerk Dashboard. You can now monitor how many organizations are being created by day, week, and month. You can also track your total organization count at a glance.

These new reports provide quick insights into organization creation patterns, making it easier to monitor growth and identify trends in your organization adoption.

API keys are now available for authorization, with management built-in to the prebuilt components. This feature is part of the machine authentication suite.

Zero-Code UI Components

When you enable API keys in the Clerk Dashboard⁠, an API Keys tab appears in your <UserProfile /> and <OrganizationProfile /> components. Users can then create, view, and revoke their API keys.

You can also use the standalone <APIKeys /> component anywhere in your application:

import { APIKeys } from '@clerk/nextjs'

export default function Page() {
  return <APIKeys />
}

Backend SDK Integration

You can also create and manage API keys programmatically using the Backend SDK, with control over scopes, claims, and expiration:

const apiKey = await clerkClient.apiKeys.create({
  name: 'Production API Key',
  subject: 'user_xxx', // or 'org_xxx' for organization keys
  scopes: ['read:data', 'write:data'],
  secondsUntilExpiration: 86400, // optional: expires in 24 hours
})

// Store apiKey.secret immediately - it's only shown once!

Verify API Keys in Your Routes

Use the auth() helper to verify API keys in your backend. An example of this using Next.js is shown below:

import { auth } from '@clerk/nextjs/server'
import { NextResponse } from 'next/server'

export async function GET() {
  const { isAuthenticated, userId, scopes } = await auth({
    acceptsToken: 'api_key',
  })

  if (!isAuthenticated) {
    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
  }

  // Check scopes for fine-grained access control
  if (!scopes?.includes('read:data')) {
    return NextResponse.json({ error: 'Missing required scope' }, { status: 403 })
  }

  return NextResponse.json({ userId })
}

Key Features

• User & Organization scoped — Keys maintain identity context, always tied to a user or organization
• Instant revocation — API keys use opaque tokens (not JWTs), enabling immediate invalidation
• Scopes — Define exactly what each key can access
• Custom claims — Store additional metadata on keys (backend SDK only)
• Optional expiration — Set TTL or keep keys long-lived

Pricing

API keys are free to use during the beta period. After general availability, they'll move to a simple usage-based pricing model:

• $0.001 per key creation
• $0.0001 per key verification

Billing isn't live yet — we'll provide at least 30 days' notice before billing begins. We'll also provide usage stats and monitoring in the Dashboard before then, so you'll have complete visibility over your usage and costs.

Get Started Today

Ready to let your users create API keys? Check out these resources:

• API keys guide — Complete walkthrough of enabling and using API keys
• Backend SDK reference — Full API for creating, listing, verifying, and revoking keys
• Dashboard⁠ — Enable API keys for your application
• Tutorial — Build a SaaS application with Clerk and API keys, step by step

We'd love to hear your feedback as you try out API keys. Your input during the beta period will help us refine the feature. Have questions or suggestions? Reach out through our feedback portal⁠ or join the discussion in our Discord community.

We're excited to introduce prebuilt UI views that make it incredibly easy to add authentication flows to your Android applications.

These new Android views provide complete authentication experiences out of the box, eliminating the need to build custom sign-in and user management interfaces from scratch. With just a few lines of code, you can now add authentication and user management to your Android app that matches Material Design standards and includes advanced features like multi-factor authentication, social sign-in, and comprehensive user profile management.

AuthView - Complete Authentication Flow

The AuthView provides a comprehensive authentication experience supporting both sign-in and sign-up flows, multi-factor authentication, password reset, account recovery and more.

import androidx.compose.runtime.Composable
import androidx.compose.ui.Modifier
import androidx.compose.ui.Alignment
import androidx.compose.ui.layout.fillMaxSize
import androidx.lifecycle.compose.collectAsStateWithLifecycle
import com.clerk.api.Clerk
import com.clerk.ui.auth.AuthView
import com.clerk.ui.userbutton.UserButton

@Composable
fun HomeView() {
  val user by Clerk.userFlow.collectAsStateWithLifecycle()
  Box(
    modifier = Modifier.fillMaxSize(),
    contentAlignment = Alignment.Center,
  ) {
      if (user != null) {
        UserButton()
      } else {
        AuthView()
      }
   }
}

UserButton - Profile Access Made Simple

The UserButton displays the current user's profile image in a circular button and opens the full user profile when tapped.

import androidx.compose.material3.TopAppBar
import com.clerk.ui.userbutton.UserButton

TopAppBar(title = {}, actions = { UserButton() })

UserProfileView - Comprehensive Account Management

The UserProfileView provides a complete interface for users to manage their accounts, including personal information, security settings, account switching, and sign-out functionality.

import androidx.compose.runtime.Composable
import androidx.compose.ui.Modifier
import androidx.compose.ui.Alignment
import androidx.compose.ui.layout.fillMaxSize
import androidx.lifecycle.compose.collectAsStateWithLifecycle
import com.clerk.api.Clerk
import com.clerk.ui.userprofile.UserProfileView

@Composable
fun ProfileView() {
  val user by Clerk.userFlow.collectAsStateWithLifecycle()
  Box(
    modifier = Modifier.fillMaxSize(),
    contentAlignment = Alignment.Center,
  ) {
      if (user != null) {
        UserProfileView()
      }
   }
}

ClerkTheme - Customization

The new theming system allows you to customize the appearance of all Clerk views to match your app's design.

import android.app.Application
import androidx.compose.ui.graphics.Color
import com.clerk.ui.theme.ClerkTheme
import com.clerk.ui.theme.ClerkColors
import com.clerk.api.Clerk

class MyApplication : Application() {

  override fun onCreate() {
    super.onCreate()
      Clerk.initialize(
        this,
        key,
        options = ClerkConfigurationOptions(enableDebugMode = true),
        theme = ClerkTheme(colors = ClerkColors(primary = Color.Red)),
      )
  }
}

Light and Dark Mode Support

All Clerk Android views automatically support both light and dark mode appearance, adapting seamlessly to the user's system preferences.

Breaking changes

The Clerk Android SDK has been split into two packages:

• com.clerk:clerk-api - The core Clerk SDK for authentication and user management. (This was previously called com.clerk:clerk-android)
• com.clerk:clerk-ui - The Clerk UI components for authentication and user management.

The com.clerk:clerk-ui pulls the com.clerk:clerk-api package as a dependency, so you only need to add the com.clerk:clerk-ui package to your dependencies if you're using the Clerk UI components.

Getting Started

To get started follow the Quickstart Guide and see the views docs:

• AuthView
• UserButton
• UserProfileView
• ClerkTheme

Feedback

We're excited to see what you build with these new views! Share your feedback and join the conversation in our Discord community⁠.

When configuring SAML or OIDC connections, you can now view detailed error logs directly in the Dashboard.

Each error log includes the error code, message, and actionable guidance on how to resolve the issue.

For more information on common SSO errors, check out our documentation.