December 16, 2025
We're closing out 2025 with powerful new features like API keys, native Android components, and zero-config credential stuffing protection to help you build secure apps faster than ever.
Happy holidays from all of us at Clerk!
API Keys Public Beta
API Keys are now available in public beta, bringing comprehensive machine authentication capabilities into your applications with zero additional code required. When you enable API keys in the Clerk Dashboard, an API Keys tab automatically appears in your <UserProfile /> and <OrganizationProfile /> components, allowing your users to create, view, and revoke their API keys seamlessly.
You can enable API keys for users, organizations, or both depending on your application's needs. API keys maintain full identity context, staying tied to either a user or organization, while supporting granular scopes for fine-grained access control.
- Zero-code UI integration with automatic API key management in prebuilt components and the optional, standalone
<APIKeys />component - Comprehensive backend SDK for programmatic key creation, management, and verification with custom claims and scopes
- Instant revocation capabilities using opaque tokens instead of JWTs for immediate invalidation
- Flexible authentication verification through the
auth()helper with scope-based access control in your API routes
Learn more about API keys in our comprehensive guide, explore the Backend SDK reference, or enable the feature directly in the Clerk Dashboard.
Prebuilt Android Components
Clerk now offers ready-to-use authentication views for Android applications, bringing the same comprehensive authentication experience you know from web development directly to native Android apps. These new prebuilt UI components eliminate the need to build custom sign-in and user management interfaces from scratch, providing complete authentication flows with just a few lines of code.
The new Android component library includes core views that handle every aspect of user authentication and management: AuthView for comprehensive sign-in/sign-up flows with MFA and recovery, UserButton for profile access, and UserProfileView for complete account management directly within your Android apps.
- Material Design compliance with automatic light and dark mode support that adapts to system preferences
- Complete authentication flows including MFA, social sign-in, and password recovery without custom implementation
- Comprehensive theming system through
ClerkThemefor customizing appearance to match your app's design
The Android SDK has been restructured into two packages:
com.clerk:clerk-apifor core authentication functionalitycom.clerk:clerk-uifor the prebuilt components
Learn more in our Android quickstart guide or explore the complete SDK documentation.
Organization Growth Charts
Clerk Dashboard now includes comprehensive organization growth tracking, bringing the same analytical depth you've had for user metrics to your B2B organization data. The new analytics provide detailed breakdowns of organization activity over time, tracking new, reactivated, retained, and churned organizations with the ability to filter by growth or churn trends.
An organization is considered active when two or more members sign in during the selected timeframe, giving you meaningful engagement metrics rather than just creation counts.
- Complete analytics parity between user and organization metrics in a single view
- Flexible time-based filtering for daily, weekly, or monthly active organization analysis
- Interactive cohort investigation with click-to-filter functionality from chart to table
The new Organization Growth Charts are available right on the summary page for your application in the Clerk Dashboard.
Client Trust: Zero-Config Credential Stuffing Protection
Clerk has launched Client Trust, a free security feature that automatically blocks credential stuffing attacks without requiring any configuration from you. The system works by automatically requiring a second authentication factor (OTP or magic link) when users sign in with valid credentials from a new device, even if they haven't enabled 2FA.
This creates an invisible security layer that activates precisely when credential stuffing attacks occur, while remaining transparent during normal user flows. Your users signing in from familiar devices experience no friction, while attackers using stolen credentials face an immediate authentication barrier they cannot bypass.
- Zero configuration required with automatic enablement for new applications and one-click updates for existing ones
- Adaptive security model that only triggers additional verification for new devices with valid credentials
- Free across all plans with no additional cost for comprehensive credential stuffing protection
- Invisible to legitimate users with no impact on normal sign-in flows from trusted devices
Learn more about Client Trust in our changelog. To take advantage of Client Trust in your existing applications, enable the feature from the Updates page in the Clerk Dashboard to protect your users from the next major credential leak.
LLM Leaderboard
Our new LLM Leaderboard is a transparent benchmark that evaluates how different large language models perform when generating Clerk-specific integration code. This addresses a real pain point: choosing the right AI assistant for authentication implementations without guesswork. The leaderboard tests LLMs using identical real-world prompts and scenarios, focusing on their ability to produce working Clerk integration code from simple requests.
We currently target Next.js integrations and plan to expand to additional frameworks in the future.
- Reduced trial-and-error when choosing between different LLMs
- Open-source eval suite available on GitHub for transparency and community contributions
- Standardized testing methodology using real-world integration scenarios
- Focuses on code accuracy and implementation quality rather than just syntax
Check out the LLM Leaderboard to see how well your favorite models integrate Clerk, or read more about this new resource in our changelog.
Other features, fixes, and improvements
- New Organization Reports in the Dashboard for tracking organization creation patterns
- AI-powered command menu for unified dashboard navigation with natural language queries
- Vercel SSO provider for seamless authentication in developer tools
- You can now enable Organizations directly from your own app during development
- Your users can start free trials without requiring payment methods upfront
- New Billing API version 2025-11-10 with restructured endpoints and Fee objects
- PKCE support for custom OAuth providers and social connections
- Native "Sign-in with Apple" support for Expo iOS applications
- Connect existing Stripe accounts to Clerk Billing for payment processing
- You can now update plan prices without affecting rates for current subscribers
- Debug logs for enterprise SAML and OIDC connection troubleshooting
Clerk ranked #4 fastest-growing software vendor on Ramp’s December 2025 list
We’re excited to share that Clerk was ranked #4 fastest-growing software vendor by customer count on Ramp's December 2025 list, based on real customer spend and adoption patterns across their platform. This recognition reflects the remarkable growth we've seen this year as AI-native builders, SaaS companies, and enterprises have chosen Clerk for authentication, user management, organizations, and billing.
We're deeply grateful to every team that partnered with Clerk this year. This achievement is a direct result of your trust in our platform.
Resources
- Next.js 16: Master Partial Pre-rendering & Cache by Hamed Bahram
- Add API Key support to your SaaS in minutes by Nicolas Angelo
- How do I implement passkeys in Next.js? by Brian Morrison II
- Build a full-stack social media marketplace app by GreatStack
- Create an e-learning coding platform by TubeGuruji
- Build an AI events organizer by Roadside Coder
- React Native: Create a full-stack e-commerce app by Codesistency
- Build an LMS platform with Next.js 16 by Sonny Sangha