Handling requests with the Node SDK
Node SDK Middleware
The Clerk Node SDK offers two authentication middlewares specifically for Express and Connect/Express compatible frameworks such as Fastify.
ClerkExpressWithAuth()
ClerkExpressWithAuth()
is a lax middleware that returns an empty auth object when an unauthenticated request is made.
ClerkExpressRequireAuth()
ClerkExpressRequireAuth()
is a strict middleware that raises an error when an unauthenticated request is made.
Express error handlers
Express comes with a default error handler for errors encountered in the middleware chain.
Developers can also implement their own custom error handlers as detailed in the Express error handling guide. An example error handler can be found above.
If you are using the strict middleware variant, the err
passed to your error handler will contain enough context for you to respond as you deem fit.
Middleware options
These options can be used with both ClerkExpressWithAuth
and ClerkExpressRequireAuth
.
- Name
audience
- Type
string | string[]
- Description
A string or list of audiences. If passed, it is checked against the
aud
claim in the token.
- Name
authorizedParties?
- Type
string[]
- Description
An allowlist of origins to verify against, to protect your application from the subdomain cookie leaking attack.
For example:['http://localhost:3000', 'https://example.com']
- Name
jwtKey
- Type
string
- Description
Used to verify the session token in a networkless manner. Supply the PEM public key from the API keys page -> Show JWT public key -> PEM Public Key section in the Clerk Dashboard. It's recommended to use the environment variable instead. For more information, refer to Manual JWT verification.
- Name
onError
- Type
(error: ClerkAPIResponseError) => unknown
- Description
This function can act as a custom error handler tailored to the needs of your application.
- Name
signInUrl
- Type
string
- Description
The URL to redirect to when the user is not authenticated.
| isSatellite
| boolean \| (url: URL) => boolean
| When using Clerk's satellite feature, this should be enabled for secondary domains. |
| domain
| string \| (url: URL) => boolean
| The domain used for satellites to inform Clerk where this application is deployed. |
| proxyUrl
| string
| If using a proxy, specify the URL of the proxy. |
Feedback
Last updated on