Skip to main content
Docs

Clerk billing for B2B SaaS

Warning

Billing is currently in Beta and its APIs are experimental and may undergo breaking changes. To mitigate potential disruptions, we recommend pinning your SDK and clerk-js package versions.

Clerk billing for B2B SaaS allows you to create plans and manage subscriptions for companies or organizations in your application. If you'd like to charge individual users, see Billing for B2C SaaS. You can also combine both B2C and B2B billing in the same application.

Enable billing

To enable billing for your application, navigate to the Billing Settings page in the Clerk Dashboard. This page will guide you through enabling billing for your application.

Clerk billing costs just 0.7% per transaction, plus Stripe's transaction fees which are paid directly to Stripe. Clerk Billing is not the same as Stripe Billing. Plans and pricing are managed directly through the Clerk Dashboard and won't sync with your existing Stripe products or plans. Clerk uses Stripe only for payment processing, so you don't need to set up Stripe Billing.

Payment gateway

Once you have enabled billing, you will see the following Payment gateway options for collecting payments via Stripe:

  • Clerk development gateway: A shared test Stripe account used for development instances. This allows developers to test and build billing flows in development without needing to create and configure a Stripe account.
  • Stripe account: Use your own Stripe account for production. A Stripe account created for a development instance cannot be used for production. You will need to create a separate Stripe account for your production environment.

Create a plan

Subscription plans are what your customers subscribe to. There is no limit to the number of plans you can create. If your Clerk instance has existing custom permissions, the corresponding features from those permissions will automatically be added to the free plan for orgs. This ensures that organization members get the same set of custom permissions when billing is enabled, because all organizations start on the free plan.

To create a plan, navigate to the Plans page in the Clerk Dashboard. Here, you can create, edit, and delete plans. To setup B2B billing, select the Plans for Organizations tab and select Add Plan. When creating a plan, you can also create features for the plan; see the next section for more information.

Tip

What is the Publicly available option?

Add features to a plan

Features make it easy to give entitlements to your plans. You can add any number of features to a plan.

You can add a feature to a plan when you are creating a plan. To add it after a plan is created:

  1. Navigate to the Plans page in the Clerk Dashboard.
  2. Select the plan you'd like to add a feature to.
  3. In the Features section, select Add Feature.

Tip

What is the Publicly available option?

Create a pricing page

You can create a pricing page by using the <PricingTable /> component. This component displays a table of plans and features that customers can subscribe to. It's recommended to create a dedicated page, as shown in the following example.

Note

To see an example of how to create a pricing table page, please select one of the frontend SDKs on the sidebar.

Control access with features, plans, and permissions

You can use Clerk's features, plans, and permissions to gate access to content using . There are a few ways to do this, but the recommended approach is to either use the has() method or the <Protect> component.

The has() method is available for any JavaScript-based framework, while <Protect> is a component, and therefore, is only available for React-based frameworks.

Important

Permission-based authorization checks link with feature-based authorization checks. This means that if you are checking a custom permission, it will only work if the feature part of the permission key (org:<feature>:<permission>) is a feature included in the organization's active plan. For example, say you want to check if an organization member has the custom permission org:teams:manage, where teams is the feature. Before performing the authorization check, you need to ensure that the user's organization is subscribed to a plan that has the teams feature. If the user's organization is not subscribed to a plan that has the teams feature, the authorization check will always return false, even if the user has the custom permission.

Example: Using has()

Use the has() method to test if the organization has access to a plan:

const hasPremiumAccess = has({ plan: 'gold' })

Or a feature:

const hasPremiumAccess = has({ feature: 'widgets' })

The has() method is a server-side helper that checks if the organization has been granted a specific type of access control (role, permission, feature, or plan) and returns a boolean value. has() is available on the auth object, which you will access differently depending on the framework you are using.

Tip

Why aren't custom permissions appearing in the session token (JWT) or in API responses (including the result of the has() check)?

The following example demonstrates how to use has() to check if an organization has a plan.

src/routes/bronze-content.ts
import { createClerkClient } from '@clerk/backend'

const clerkClient = createClerkClient({
  publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
  secretKey: process.env.CLERK_SECRET_KEY,
})

const domain =
  process.env.NODE_ENV === 'production' ? 'https://example.com' : 'http://localhost:3000'

export async function GET(request: Request) {
  const authenticatedRequest = await clerkClient.authenticateRequest(request, {
    authorizedParties: [domain],
  })

  const user = authenticatedRequest.toAuth()

  if (user === null || user.userId === null) {
    return new Response('Unauthorized', { status: 401 })
  }

  const hasBronzePlan = user.has({ plan: 'bronze' })

  if (!hasBronzePlan) {
    return new Response('For Bronze subscribers only')
  }

  return new Response('Only subscribers to the Bronze plan can access this content.')
}

The following example demonstrates how to use has() to check if an organization has a feature.

src/routes/premium-content.ts
import { createClerkClient } from '@clerk/backend'

const clerkClient = createClerkClient({
  publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
  secretKey: process.env.CLERK_SECRET_KEY,
})

const domain =
  process.env.NODE_ENV === 'production' ? 'https://example.com' : 'http://localhost:3000'

export async function GET(request: Request) {
  const authenticatedRequest = await clerkClient.authenticateRequest(request, {
    authorizedParties: [domain],
  })

  const user = authenticatedRequest.toAuth()

  if (user === null || user.userId === null) {
    return new Response('Unauthorized', { status: 401 })
  }

  const hasPremiumAccess = user.has({ feature: 'premium_access' })

  if (!hasPremiumAccess) {
    return new Response('Only subscribers with the Premium Access feature can access this content.')
  }

  return new Response('Our Exclusive Content')
}

The following example demonstrates how to use has() to check if an organization has a permission.

src/routes/manage-premium-content.ts
import { createClerkClient } from '@clerk/backend'

const clerkClient = createClerkClient({
  publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
  secretKey: process.env.CLERK_SECRET_KEY,
})

const domain =
  process.env.NODE_ENV === 'production' ? 'https://example.com' : 'http://localhost:3000'

export async function GET(request: Request) {
  const authenticatedRequest = await clerkClient.authenticateRequest(request, {
    authorizedParties: [domain],
  })

  const user = authenticatedRequest.toAuth()

  if (user === null || user.userId === null) {
    return new Response('Unauthorized', { status: 401 })
  }

  const hasPremiumAccessManage = user.has({ permission: 'org:premium_access:manage' })

  if (!hasPremiumAccessManage) {
    return new Response(
      'Only subscribers with the Premium Access Manage permission can access this content.',
    )
  }

  return new Response('Our Exclusive Content')
}

Example: Using <Protect>

The <Protect> component protects content or even entire routes by checking if the organization has been granted a specific type of access control (role, permission, feature, or plan). You can pass a fallback prop to <Protect> that will be rendered if the organization does not have the access control.

The following example demonstrates how to use <Protect> to protect a page by checking if the organization has a plan.

Note

To see an example of how to use the Protect component, please select one of the frontend SDKs on the sidebar.

The following example demonstrates how to use <Protect> to protect a page by checking if the organization has a feature.

Note

To see an example of how to use the Protect component, please select one of the frontend SDKs on the sidebar.

The following example demonstrates how to use <Protect> to protect a page by checking if the organization has a permission.

Note

To see an example of how to use the Protect component, please select one of the frontend SDKs on the sidebar.

Feedback

What did you think of this content?

Last updated on