# Upgrading @clerk/clerk-sdk-node to Core 2 > The Node SDK is no longer supported. [Upgrade to the Express SDK](https://clerk.com/docs/guides/development/upgrading/upgrade-guides/node-to-express.md). Core 2 is included in the Node.js SDK starting with version 5. This new version ships with a variety of smaller DX improvements and housekeeping items. Each of the potentially breaking changes are detailed in this guide, below. By the end of this guide, you’ll have successfully upgraded your Node project to use `@clerk/clerk-sdk-node` v5. You’ll learn how to update your dependencies, resolve breaking changes, and find deprecations. Step-by-step instructions will lead you through the process. ## Preparing to upgrade Before upgrading, it's highly recommended that you update your Clerk SDKs to the latest Core 1 version (`npm i @clerk/clerk-sdk-node@4`). Some changes required for Core 2 SDKs can be applied incrementally to the v5 release, which should contribute to a smoother upgrading experience. After updating, look out for deprecation messages in your terminal and browser console. By resolving these deprecations you'll be able to skip many breaking changes from Core 2. Additionally, some of the minimum version requirements for some base dependencies have been updated such that versions that are no longer supported or are at end-of-life are no longer guaranteed to work correctly with Clerk. **Updating Node.js** You need to have Node.js `18.17.0` or later installed. Last year, Node.js 16 entered EOL (End of life) status, so support for this version has been removed across Clerk SDKs. You can check your Node.js version by running `node -v` in your terminal. Learn more about how to [update and install Node.js](https://nodejs.org/en/learn/getting-started/how-to-install-nodejs). ## Updating to Core 2 Whenever you feel ready, go ahead and install the latest version of any Clerk SDKs you are using. Make sure that you are prepared to patch some breaking changes before your app will work properly, however. The commands below demonstrate how to install the latest version. ```npm npm install @clerk/clerk-sdk-node ``` ## CLI upgrade helper Clerk now provides a `@clerk/upgrade` CLI tool that you can use to ease the upgrade process. The tool will scan your codebase and produce a list of changes you'll need to apply to your project. It should catch the vast majority of the changes needed for a successful upgrade to any SDK including Core 2. This can save you a lot of time reading through changes that don't apply to your project. To run the CLI tool, navigate to your project and run it in the terminal: ```npm npx @clerk/upgrade --from=core-1 ``` If you are having trouble with `npx`, it's also possible to install directly with `npm i @clerk/upgrade -g`, and can then be run with the `clerk-upgrade` command. ## Breaking Changes ### `cjs/instance` and `esm/instance` imports no longer needed If you are using either of these import paths, they are no longer necessary and you can import directly from the top level `@clerk/express` path. ```js import { ... } from '@clerk/clerk-sdk-node/esm/instance' import { ... } from '@clerk/clerk-sdk-node/cjs/instance' import { ... } from '@clerk/clerk-sdk-node' ``` ### Clerk client setters removed in favor of `createClerkClient` options The following setter methods have been removed in the latest version. If you were using any of these functions, their functionality can be replaced by instead passing the corresponding option to `createClerkClient`. - `setClerkApiVersion` - `setClerkHttpOptions` - `setClerkServerApiUrl` - `setClerkApiKey` Code example: ```js import { clerkClient, setClerkApiKey, setClerkApiVersion, setClerkHttpOptions, setClerkServerApiUrl, } from '@clerk/clerk-sdk-node' setClerkApiKey('...') setClerkApiVersion('...') setClerkHttpOptions('...') setClerkServerApiUrl('...') const clerkClient = createClerkClient({ secretKey: '...', apiVersion: '...', httpOptions: '...', serverApiUrl: '...', }) await clerkClient.users.getUser(userId) ``` ### Removed: `orgs` claim on JWT In the previous version of Clerk's SDKs, if you decode the session token that Clerk returns from the server, you'll currently find an `orgs` claim on it. It lists all the orgs associated with the given user. Now, Clerk returns the `org_id`, `org_slug`, and `org_role` of the **active** organization. The `orgs` claim was part of the `JwtPayload`. Here are a few examples of where the `JwtPayload` could be found. filename: Next.js ```typescript import { getAuth } from '@clerk/nextjs/server' const claims: JwtPayload = getAuth(request).sessionClaims import { getAuth } from '@clerk/ssr.server' const claims: JwtPayload = (await getAuth(request)).sessionClaims ``` filename: Fastify ```typescript import { getAuth } from '@clerk/fastify' const claims: JwtPayload = (await getAuth(request)).sessionClaims ``` filename: @clerk/backend ```typescript import { createClerkClient } from '@clerk/backend' const clerkClient = createClerkClient({ secretKey: '' }) const requestState = await clerkClient.authenticateRequest(request, { publishableKey: '' }) const claims: JwtPayload = requestState.toAuth().sessionClaims ``` filename: @clerk/clerk-sdk-node ```typescript import { clerkClient } from '@clerk/clerk-sdk-node' router.use((...args) => clerkClient.expressRequireAuth()(...args)) router.get('/me', async (req, reply: Response) => { return reply.json({ auth: req.auth }) }) ``` If you would like to have your JWT return all of the user's organizations, you can create a [custom JWT template](https://clerk.com/docs/guides/sessions/jwt-templates.md) in your dashboard. Add `{ "orgs": "user.organizations" }` to it. ### Image URL Name Consolidation There are a number of Clerk primitives that contain images, and previously they each had different property names, like `avatarUrl`, `logoUrl`, `profileImageUrl`, etc. In order to promote consistency and make it simpler for developers to know where to find associated images, all image properties are now named `imageUrl`. See the list below for all affected classes: The `logoUrl` property of any [Organization object](https://clerk.com/docs/reference/objects/organization.md) has been changed to `imageUrl`. The `profileImageUrl` property of any `User` object has been changed to `imageUrl`. The `profileImageUrl` property of any `OrganizationMembershipPublicUserData` object has been changed to `imageUrl`. The `picture` property of any [ExternalAccount object](https://clerk.com/docs/reference/types/external-account.md) has been changed to `imageUrl`. ### Deprecation removals & housekeeping As part of this major version, a number of previously deprecated props, arguments, methods, etc. have been removed. Additionally there have been some changes to things that are only used internally, or only used very rarely. It's highly unlikely that any given app will encounter any of these items, but they are all breaking changes, so they have all been documented below. > For this section more than any other one, use the CLI upgrade tool (`npx @clerk/upgrade`). Changes in this > section are very unlikely to appear in your codebase, the tool will save time looking for them. #### Deprecation removals If you are updating a user's password via the [User.update method](https://clerk.com/docs/reference/objects/user.md#update), it must be changed to [User.updatePassword](https://clerk.com/docs/reference/objects/user.md#update-password) instead. This method will require the current password as well as the desired new password. We made this update to improve the security of password changes. Example below: ```js user.update({ password: 'foo' }) user.updatePassword({ currentPassword: 'bar', newPassword: 'foo', signOutOfOtherSessions: true, }) ``` The `CLERK_API_KEY` environment variable was renamed to `CLERK_SECRET_KEY`. To update, go to the [**API keys**](https://dashboard.clerk.com/~/api-keys) page in the Clerk Dashboard. After choosing your framework, copy and paste the new keys. Ensure this update is applied across all environments (e.g., development, staging, production). The `CLERK_FRONTEND_API` environment variable was renamed to `CLERK_PUBLISHABLE_KEY`. To update, go to the [**API keys**](https://dashboard.clerk.com/~/api-keys) page in the Clerk Dashboard. After choosing your framework, copy and paste the new keys. Ensure this update is applied across all environments (e.g., development, staging, production). **Note:** The values are different, so this isn't just a key replacement. [More information](https://clerk.com/docs/guides/development/deployment/production.md#api-keys-and-environment-variables). The `apiKey` argument passed to `ClerkExpressRequireAuth` must be changed to `secretKey`. ```js import { ClerkExpressRequireAuth } from '@clerk/clerk-sdk-node' ClerkExpressRequireAuth({ apiKey: '...' }) ClerkExpressRequireAuth({ secretKey: '...' }) ``` The `apiKey` argument passed to `ClerkExpressWithAuth` must be changed to `secretKey`. ```js import { ClerkExpressWithAuth } from '@clerk/clerk-sdk-node' ClerkExpressWithAuth({ apiKey: '...' }) ClerkExpressWithAuth({ secretKey: '...' }) ``` The `apiKey` argument passed to `createClerkClient` must be changed to `secretKey`. ```js import { createClerkClient } from '@clerk/clerk-sdk-node' createClerkClient({ apiKey: '...' }) createClerkClient({ secretKey: '...' }) ``` The `apiKey` argument passed to `createClerkExpressRequireAuth` must be changed to `secretKey`. ```js import { createClerkExpressRequireAuth } from '@clerk/clerk-sdk-node' createClerkExpressRequireAuth({ apiKey: '...' }) createClerkExpressRequireAuth({ secretKey: '...' }) ``` The `apiKey` argument passed to `createClerkExpressWithAuth` must be changed to `secretKey`. ```js import { createClerkExpressWithAuth } from '@clerk/clerk-sdk-node' createClerkExpressWithAuth({ apiKey: '...' }) createClerkExpressWithAuth({ secretKey: '...' }) ``` The `frontendApi` argument passed to `createClerkClient` must be changed to `publishableKey`. Note that the values of the two keys are different, so both keys and values need to be changed. You can find your application's Publishable Key in the Clerk Dashboard. ```js import { createClerkClient } from '@clerk/clerk-sdk-node' createClerkClient({ frontendApi: '...' }) createClerkClient({ publishableKey: '...' }) ``` The `frontendApi` argument passed to `createClerkExpressRequireAuth` must be changed to `publishableKey`. Note that the values of the two keys are different, so both keys and values need to be changed. You can find your application's Publishable Key in the Clerk Dashboard. ```js import { createClerkExpressRequireAuth } from '@clerk/clerk-sdk-node' createClerkExpressRequireAuth({ frontendApi: '...' }) createClerkExpressRequireAuth({ publishableKey: '...' }) ``` The `frontendApi` argument passed to `ClerkExpressRequireAuth` must be changed to `publishableKey`. Note that the values of the two keys are different, so both keys and values need to be changed. You can find your application's Publishable Key in the Clerk Dashboard. ```js import { ClerkExpressRequireAuth } from '@clerk/clerk-sdk-node' ClerkExpressRequireAuth({ frontendApi: '...' }) ClerkExpressRequireAuth({ publishableKey: '...' }) ``` The `frontendApi` argument passed to `createClerkExpressWithAuth` must be changed to `publishableKey`. Note that the values of the two keys are different, so both keys and values need to be changed. You can find your application's Publishable Key in the Clerk Dashboard. ```js import { createClerkExpressWithAuth } from '@clerk/clerk-sdk-node' createClerkExpressWithAuth({ frontendApi: '...' }) createClerkExpressWithAuth({ publishableKey: '...' }) ``` The `frontendApi` argument passed to `ClerkExpressWithAuth` must be changed to `publishableKey`. Note that the values of the two keys are different, so both keys and values need to be changed. You can find your application's Publishable Key in the Clerk Dashboard. ```js import { ClerkExpressWithAuth } from '@clerk/clerk-sdk-node' ClerkExpressWithAuth({ frontendApi: '...' }) ClerkExpressWithAuth({ publishableKey: '...' }) ``` #### Other Breaking changes There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await organization.getRoles({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await organization.getMemberships({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await organization.getDomains({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await organization.getInvitations({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await organization.getMembershipRequests({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await user.getOrganizationInvitations({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await user.getOrganizationSuggestions({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` There have been a couple changes to the pagination arguments that can be passed into this function - `limit` has been renamed to `pageSize`, and `offset` has been renamed to `initialPage`. This will help to make it more clear and simple to reason about pagination control. Example of how changes might look below: ```js const { data } = await user.getOrganizationMemberships({ limit: 10, pageSize: 10, offset: 10, initialPage: 2, }) ``` The response payload of `Users.getOrganizationMembershipList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.users.getOrganizationMembershipList() const { data, totalCount } = await clerkClient.users.getOrganizationMembershipList() ``` The response payload of `Users.getOrganizationInvitationList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.users.getOrganizationInvitationList() const { data, totalCount } = await clerkClient.users.getOrganizationInvitationList() ``` The return type for this function was previously `[Items]` but has now been updated to `{ data: [Items], totalCount: number }`. Since the Clerk API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily. A before/after code example can be seen below: ```js const data = await clerkClient.organizations.getOrganizationInvitationList({ organizationId: '...', }) data.forEach(() => {}) data.data.forEach(() => {}) ``` The return type for this function was previously `[Items]` but has now been updated to `{ data: [Items], totalCount: number }`. Since the Clerk API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily. A before/after code example can be seen below: ```js const { user } = useUser() const membershipList = user.getOrganizationMembershipList() membershipList.forEach(() => {}) membershipList.data.forEach(() => {}) ``` The response payload of `Users.getOrganizationList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.users.getOrganizationList() const { data, totalCount } = await clerkClient.users.getOrganizationList() ``` The return type for this function was previously `[Items]` but has now been updated to `{ data: [Items], totalCount: number }`. Since the Clerk API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily. A before/after code example can be seen below: ```js const { organization } = useOrganization() const orgList = organization.getOrganizationList() orgList.forEach(() => {}) orgList.data.forEach(() => {}) ``` The response payload of `Invitations.getInvitationList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.invitations.getInvitationList() const { data, totalCount } = await clerkClient.invitations.getInvitationList() ``` The response payload of `Sessions.getSessionList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.sessions.getSessionList() const { data, totalCount } = await clerkClient.sessions.getSessionList() ``` The response payload of `Users.getUserList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.users.getUserList() const { data, totalCount } = await clerkClient.users.getUserList() ``` The response payload of `AllowlistIdentifiers.getAllowlistIdentifierList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.allowlistIdentifiers.getAllowlistIdentifierList() const { data, totalCount } = await clerkClient.allowlistIdentifiers.getAllowlistIdentifierList() ``` The response payload of `Clients.getClientList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.clients.getClientList() const { data, totalCount } = await clerkClient.allowlistIdentifiers.getClientList() ``` The response payload of `RedirectUrls.getRedirectUrlList` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.redirectUrls.getRedirectUrlList() const { data, totalCount } = await clerkClient.redirectUrls.getRedirectUrlList() ``` The response payload of `Users.getUserOauthAccessToken` was changed as part of the core 2 release. Rather than directly returning ` data`, the return signature is now `{ data, totalCount }`. Since Backend API responses are paginated, the `totalCount` property is helpful in determining the total number of items in the response easily, and this change in the backend SDK aligns the response shape with what the Backend API returns directly. Here's an example of how the response shape would change with this modification: ```js const data = await clerkClient.users.getUserOauthAccessToken() const { data, totalCount } = await clerkClient.users.getUserOauthAccessToken() ``` The value of this export has changed from `https://api.clerk.dev` to `https://api.clerk.com`. If you were relying on the text content of this value not changing, you may need to make adjustments. We changed the values that our middleware adds to the `request` object after running. Previously it returned a `LegacyAuthObject` type, and now it returns an `AuthObject` type, the difference between the two types is as such: ```ts type LegacyAuthObject = { type AuthObject = { sessionId: string | null actor: ActClaim | undefined | null userId: string | null getToken: ServerGetToken | null debug: AuthObjectDebug | null claims: JwtPayload | null sessionClaims: JwtPayload | null orgId: string | undefined | null orgRole: OrganizationCustomRoleKey | undefined | null orgSlug: string | undefined | null orgPermissions: OrganizationCustomPermissionKey[] | undefined | null has: CheckAuthorizationWithCustomPermissions | null } ``` If you were using the `claims` key on the request after running middleware, you will need to instead use `sessionClaims`. Additionally, if you were using the `LooseAuthProp` or `StrictAuthProp` exported types anywhere, note that these have been adjusted to fit the shape of the new middleware response typing. The `Clerk` default import has changed to `createClerkClient` and been moved to a named import rather than default. You must update your import path in order for it to work correctly. Example below of the fix that needs to be made: ```js import Clerk from '@clerk/clerk-sdk-node' import { createClerkClient } from '@clerk/clerk-sdk-node' ``` The `createClerkExpressRequireAuth` method now requires a clerk public key in order to work correctly. It can be passed in as a parameter directly, or picked up via environment variable. An error will be thrown now if there's no public key provided, this was not previously the case. The `createClerkExpressWithAuth` method now requires a clerk public key in order to work correctly. It can be passed in as a parameter directly, or picked up via environment variable. An error will be thrown now if there's no public key provided, this was not previously the case. --- ## Sitemap [Overview of all docs pages](https://clerk.com/docs/llms.txt)