Skip to main content
Docs

<Protect>

The <Protect /> component protects content or even entire routes based on:

  • authentication: whether the user is signed-in or not.
  • authorization: whether the user has been granted a specific type of access control (role, permission, feature, or plan)

<Protect /> always performs authentication checks. To perform , you can pass different props, like role, permission, feature, or plan.

<Protect /> accepts a fallback prop that will be rendered if the user fails the authentication or authorization checks.

<Protect /> can be used both client-side and server-side (in Server Components).

Caution

This component only visually hides its children when the current user is not authorized. The contents of its children remain accessible via the browser's source code even if the user fails the authorization check. Do not use this component to hide sensitive information that should be completely inaccessible to unauthorized users. For truly sensitive data, perform on the server before sending the data to the client.

Usage

Authentication checks

<Protect /> always performs authentication checks. It will render its children if the user is signed-in, and its fallback prop if the user is signed-out.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect fallback={<p>Users that are signed-out can see this.</p>}>
      <p>Users that are signed-in can see this.</p>
    </Protect>
  )
}

export default App

Authorization checks

To limit who is able to see the content that <Protect> renders, you can pass one of the access control props: permission, role, feature, or plan. It's recommended to use permission-based authorization over role-based authorization, and feature-based authorization over plan-based authorization, as they are more flexible, easier to manage, and more secure.

If you do not pass any of the access control props, <Protect> will render its children if the user is signed in, regardless of their role or its permissions.

For more complex authorization logic, pass conditional logic to the condition prop.

Render content by permissions

The following example demonstrates how to use the <Protect /> component to protect content by checking if the user has the org:invoices:create permission.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect
      permission="org:invoices:create"
      fallback={<p>You do not have the permissions to create an invoice.</p>}
    >
      <p>Users with permission org:invoices:create can see this.</p>
    </Protect>
  )
}

export default App

Render content by role

While authorization by permission is recommended, for convenience, <Protect> allows a role prop to be passed.

The following example demonstrates how to use the <Protect /> component to protect content by checking if the user has the org:billing role.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect
      role="org:billing"
      fallback={<p>Only a member of the Billing department can access this content.</p>}
    >
      <p>Users with role org:billing can see this.</p>
    </Protect>
  )
}

export default App

Render content by plan

The following example demonstrates how to use <Protect /> to protect content by checking if the user has a plan.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect
      plan="bronze"
      fallback={<p>Sorry, only subscribers to the Bronze plan can access this content.</p>}
    >
      <p>Welcome, Bronze subscriber!</p>
    </Protect>
  )
}

export default App

Render content by feature

The following example demonstrates how to use <Protect /> to protect content by checking if the user has a feature.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect
      feature="premium_access"
      fallback={
        <p>Sorry, only subscribers with the Premium Access feature can access this content.</p>
      }
    >
      <p>Congratulations! You have access to the Premium Access feature.</p>
    </Protect>
  )
}

export default App

Render content conditionally

The following example uses <Protect>'s condition prop to conditionally render its children if the user has the correct role.

src/App.tsx
import { Protect } from '@clerk/clerk-react'

function App() {
  return (
    <Protect
      condition={(has) => has({ role: 'org:admin' }) || has({ role: 'org:billing_manager' })}
      fallback={<p>Only an Admin or Billing Manager can access this content.</p>}
    >
      <p>The settings page.</p>
    </Protect>
  )
}

export default App

Properties

  • Name
    condition?
    Type
    has => boolean
    Description

    Optional conditional logic that renders the children if it returns true.

  • Name
    fallback?
    Type
    JSX
    Description

    Optional UI to show when a user doesn't have the correct type of access control to access the protected content.

  • Name
    feature?
    Type
    string
    Description

    Optional string corresponding to a feature.

  • Name
    plan?
    Type
    string
    Description

    Optional string corresponding to a plan.

  • Name
    permission?
    Type
    string
    Description

    Optional string corresponding to a permission in the format org:<feature>:<permission>

  • Name
    role?
    Type
    string
    Description

    Optional string corresponding to a role in the format org:<role>

  • Name
    treatPendingAsSignedOut?
    Type
    boolean
    Description

    A boolean that indicates whether to treat as signed out. Defaults to true.

Feedback

What did you think of this content?
GitHubEdit on GitHub

Last updated on