Clerk Changelog

Improved Account Portal

Previously known as “Hosted Pages”, the Account Portal gives you an upgraded section in the Clerk Dashboard for much easier configuration for all of your application’s key screens. The Account Portal is also the fastest way to add authentication and user management to your application. We provide fully managed and hosted Sign-in, Sign-up, and User Profile views that live on your domain, so you don’t have to build it all yourself.

Head to the docs to learn about more about the Account Portal and how simple it is to get started.

Other Fixes & Improvements

• Added support in Clerk Expo for swapping your keys without needing a new build
• Improved clock skew detection in development
• Enhanced path ignoring in @clerk/clerk-react to make it more reliable
• Improved Next.js middleware static file detection
• Created new OG images for our Docs pages and Blog Posts

Satellite Domains

Introducing multi-domain support via the Clerk dashboard. Now you can configure multiple domains under your application – users will only have to sign in once but can access all your properties!

The new Domains page will display information about your instance’s development and production domains; you can even add satellite domains for your instance from the dashboard.

Verified Organization Domains

To ensure your users have email addresses that come from your company’s domain, Organization admins can now set an email domain requirement within the Organization.

To set the domain, admins can visit the Organization Settings page in the Dashboard and can also choose between two enrollment modes:

• Automatic Invitation: Users with a matching email domain receive an invitation to join the organization during sign-up.
• Automatic Suggestion: Users with a matching email domain receive a suggestion to request to join the Organization. Admins must accept the request before the user is added to the organization.

To support these changes, we have updated the <OrganizationSwitcher /> component to list invitations and suggestions, allowing users to accept them within the app. The <OrganizationProfile /> component has also been updated to enable admins to add and verify domains, and handle organization requests.

Other Fixes & Improvements

• Improved Organization Invitations: If there are pending organization invitations with a matching email address, they will be associated with the new user. Users can accept these invitations within the app using the <OrganizationSwitcher /> component, instead of relying solely on the email link.
• Hard limit of 500 Users on Dev Instances: To prevent accidental production use, we've implemented a hard limit of 500 users on dev instances. This ensures clear separation between development and production environments.

🚫 Block Email Subaddresses

To prevent users from creating multiple accounts, Clerk now offers the ability to block sign-ups that attempt to use email subaddressing aliases. By enabling this new setting, users will be prohibited from signing up with emails that append tags after the base username.

This helps prevent emails like jane@company.com and jane+extra@company.com from being treated as unique addresses, closing an easy workaround for creating multiple accounts and improving integrity across user sign-ups.

The feature can be configured under Settings → User & Authentication → Restrictions in the Clerk Dashboard.

✨ Other Fixes & Improvements

• Introduced three distinct email templates for Sign In, Sign Up, and Email Verification when sending Magic Links
• Implemented support for repo-based config with Remix
• Added support for phpass password hashing when using the CreateUser endpoint

📅 Events

The Clerk team was excited to attend React Rally this week, and it did not disappoint! We had a Waffle Truck, a 5ft Clerk Jenga, Mario Kart, and, of course, a whole bunch of SWAG 🎁

We hope that you were able to attend and connect with us, as it was not an event to be missed; if not, we can’t wait to see you next year!

📚 Resources

• React Native Authentication with Expo Router & Clerk: Discover how to enhance the security of your React Native app with Expo Router v2 and Clerk for authentication and user management. Follow the step-by-step tutorial on Galaxies.dev or watch the video tutorial on YouTube.
• AI-Town: Dive into the world of AI simulation with AI-Town, a deployable JS starter kit that allows you to customize your own AI simulation, where AI characters live, chat, and socialize. This kit is built with Convex, Pinecone, Replicate, OpenAI, Fly.io, and Clerk for authentication.
• How We Roll – Chapter 10: Roundup: In this final chapter of the "How We Roll" series, Dev Agrawal provides a summary of the topics discussed throughout the series.
• Nuxt + Clerk: Check out this example app by Robert Soriano that demonstrates how to integrate Clerk with Nuxt using the h3-clerk middleware.

🙌 Community Shoutouts

• We’re thrilled to sponsor Next.js Boilerplate, a comprehensive starter kit that comes pre-configured with Clerk for authentication, and features such as type checking, linter, code formatting, unit testing, E2E testing, Storybook, Bundler Analyzer, Sitemap, Tailwind CSS, and much more.
• Congratulations to the team at Investor Radar on their recent launch. Investor Radar is a platform for startups or individuals to get connected with the investor of their dreams, and uses Clerk for authentication.
• Shoutout to Robert Soriano for seamlessly integrating Clerk with Vue! His work showcases the power of Clerk's authentication and user management in Vue. Check out the integration at vue-clerk.vercel.app.
• A big thank you to Darren Baldwin for open sourcing clerk-rs, an unofficial Rust SDK for Clerk. The SDK just crossed 1.2k+ downloads on crates.io. Thank you for contributing to the Clerk community!

Stay tuned for future updates. If you have feedback or suggestions, leave us feedback on the docs via Docsly, tweet us at @ClerkDev, or join the Clerk Community on Discord.

⛔️ Prevent Fake Accounts with Disposable Email Blocking

Clerk now offers the ability to block disposable and temporary emails during sign-up. When this setting is enabled, emails entered during sign-up will be checked in real-time against a frequently updated database of over 160,000 known disposable email providers. If a match is found, the sign-up is blocked to prevent abuse from invalid accounts.

The setting can be enabled on the Settings page of the Clerk Dashboard →

✨ Other Fixes & Improvements

• Enabled the allowedRedirectOrigins prop in Clerk Hosted Pages to mitigate unvalidated redirect vulnerabilities in production instances. With this setting, only same-origin redirects will be allowed from Hosted Pages.
• Fixed bugs in username sorting logic for the Users and Members tables in the Clerk Dashboard.
• Added a user.hasImage boolean to Clerk's Frontend API and ClerkJS package. This field indicates whether the user has a profile image and, if they do, whether their profile image was uploaded by the user or was sourced from their connected social provider.
  • This field can, for example, be used to ensure users have a profile image by allowing you to leverage it to build logic and a UI to display a profile image uploader if the user has signed up without a social provider and has not yet added a profile image.
• Added a new JWT template for WunderGraph in the Integrations section of the Clerk Dashboard.

📅 Events

We're excited to announce that Clerk is sponsoring React Rally in Salt Lake City on August 17th and 18th. If you're planning on attending, let us know – we'd love to meet you! We'll have cookies, swag, and a surprise or two. And if you're not sure, there's still time 😉

Grab your ticket here →

📚 Resources

• Implementing Role-Based Access Control in the Next.js App Router: In this tutorial written by Eugene Musebe, you will learn how to integrate RBAC in your Next.js app using organizations powered by Clerk.
• How to Build an AI Companion: In this 6-hour tutorial on the Code with Antonio YouTube channel, you’ll learn how to build an AI Companion app using Pinecone, Replicate, Planetscale, Shadcn UI, and more!
• How We Roll – Chapter 9: Infrastructure: In this chapter of How We Roll, Dev Agrawal provides an in-depth look at the infrastructure that powers Clerk’s authentication capabilities.
• A Comprehensive Guide to GDPR-Compliant Auth Solutions: If you’re interested in learning about GDPR compliant auth solutions, you’ll enjoy this in-depth article by MadaShindeInai.
• Build and Deploy a Threads App: Learn how to build a full stack Threads App in this YouTube tutorial from JavaScript Mastery using Next.js, Clerk, MongoDB, UploadThing, Zod, and more!

🙌 Community Shoutouts

• Kudos to Subham Bharadwaj on launching Scribbly, a digital journal app built with Next.js, Shadcn UI, Tinybird and auth powered by Clerk. Nice work!
• Big thank you to Thibault Le Ouay for open sourcing openstatus.dev, a Statuspage alternative built with Clerk! The project is available on GitHub for anyone to check out and contribute. Appreciate you contributing to open source software and giving back to the developer community!
• Shout out to Ahmed El Aksaan, the founder of Noodle.run, an open-source platform to help students manage and help super-power their productivity. They have already hit 10,000 GitHub stars, and growing, in record time! Join their waitlist now to get notified when it launches!

Stay tuned for future updates. If you have feedback or suggestions, leave us feedback on the docs via Docsly, tweet us at @ClerkDev, or join the Clerk Community on Discord.

🧵 JWT Shortcode String Interpolation

We're excited to announce that JWT Templates now support shortcode string interpolation! You can now interpolate shortcodes directly inside strings in your JWT claims, like this:

Shortcode interpolation unlocks many new use cases by enabling developers to dynamically inject user data into JWTs. To learn more about this new capability, check out the JWT Templates docs.

🔍 Filtering and Sorting for Users, Organizations & Members

Introducing enhancements to Clerk’s user management features; in addition to the ability to search for users, the dashboard now supports sorting across all tables!

For the Users table, you can sort based on user identification information or when a user was created or last signed in. For the Organizations table, you can sort based on member count to see your largest organizations. You can also now distinguish between admins and members in the Organizations table with the new filtering option.

Note: These capabilities are also available directly via our Backend API.

🇬🇧 SMS OTP Now Uses UK Numbers for UK Users

SMS OTP delivery now uses a UK (+44) phone number to send verification messages to UK phone numbers. This fixes issues with international messages sometimes being blocked.

✨ Other Fixes & Improvements

• Clerk now supports Remix V2 – check out the updated quickstart guide for more details.
• We released updated support for Expo 49, and updated the starter project on GitHub to use Expo 49 and the latest Clerk SDK.
• A new auth decoder was implemented in the v5.3.2 release for @redwoodjs/auth-clerk-api to improve efficiency and reduce API rate limit issues.
• Completed UI fixes in the <OrganizationSwitcher/> component to properly align the organizations list and hide unnecessary icons and logos. (PR #1416 & PR #1462)
• When members create a new organization through the <CreateOrganization/> flow, for single-membership orgs we will automatically skip the invite members screen. (PR #1501, PR #1471)
• For customers using TikTok as a social connection, Clerk now supports TikTok's newly announced OAuth V2 endpoints by default. Support for V1 OAuth will be deprecated on September 12, 2023. If you have an existing application using V1 OAuth, we have already reached out to you with next steps. Read the TikTok Announcement →

📅 Events

We're excited to announce that Clerk is sponsoring React Rally in Salt Lake City on August 17th and 18th. If you're planning on attending, let us know – we'd love to meet you! We'll have cookies, swag, and a surprise or two. And if you're not sure, there's still time 😉

Grab your ticket here →

📚 Resources

• Build a SaaS AI Platform with Next.js 13, Clerk, Prisma & Stripe: In this video, which provides a deep dive into crafting a state-of-the-art AI SaaS platform using 5 different AI tools, you will learn how to build a full stack AI platform.
• How We Roll – Chapter 7: JWT Single Sign-On: In the 7th chapter of "How We Roll," Dev Agrawal covers how Clerk integrates with BaaS providers using JWT SSO.
• Integrating passwordless authentication in a Next.js application using Clerk: In this post by Aaron Damilola, Discover the hassle-free and secure approach of passwordless authentication with Clerk in Next.js 13 applications.
• How We Roll – Chapter 8: Sessions: In Chapter 8, Dev Agrawal dives into Clerk's implementation of sessions, explaining how they enable security capabilities like multi-device sign-in, inactivity timeouts, and remote sign-outs.

🙌 Community Shoutouts

• Thank you to Anthony Campolo and Scott Steinlage for hosting Dev Agrawal, Jeff Escalante, and Colin Sidoti on the Javascript Jam podcast to discuss why you shouldn't roll your own authentication. Listen to episode 54 on transistor.fm.
• Shoutout to the Magnet team on launching their new web version! We're excited to see Clerk being used for authentication in their AI coding assistant tool. Congrats on shipping and we look forward to seeing where you take Magnet next!
• Congratulations to the Everfund team on launching this week on Product Hunt! Everfund makes it easy for nonprofits to integrate donation experiences using a composable SDK and modern web components. They are shaping the future of nonprofit donations without requiring building from scratch.

🤖 Enhanced Bot Detection for UI Components

In our last update, we announced enhanced bot protection for Hosted Pages that would prompt users with a verification challenge if bot activity was detected; we have now extended this capability to support developers using Clerk’s <SignUp /> component! If you’re using Custom Flows, please reach out to the team and we’d be happy to help you get up and running.

With this new capability, any time suspicious bot activity is detected during sign-up, the user will be prompted with a CAPTCHA-like verification process, powered by Cloudflare Turnstile, to ensure no malicious activity occurs. New instances will have this protection enabled by default, and existing accounts can leverage this new bot protection by turning it on in the General section of the Clerk Dashboard.

✨ Other Fixes & Improvements

• Improved user search query performance by 80% on Clerk’s Backend API route GET /v1/users. This also means that User Search in the Dashboard is significantly faster!
• Improved OAuth 2 Sign-in and Sign-up response time, making your end-user experience even quicker than it already was.
• Added localization support for Polish (pl-PL).
• Added experimental support for Remix V2's new v2_errorBoundary flag.

📅 Events

We're excited to announce that Clerk is sponsoring React Rally in Salt Lake City on August 17th and 18th. If you're planning on attending, let us know – we'd love to meet you! We'll have cookies, swag, and a surprise or two. And if you're not sure, there's still time 😉

Grab your ticket here →

📚 Resources

• Migrating from the Pages Router to App Router with Next.js: A step-by-step guide by Colin Sidoti outlining how to incrementally migrate from the Pages router to App router with Next.js.
• Easy Google & GitHub Authentication with Next.js: A step-by-step guide, for developers of all experience levels, by Daniel Ukaji that simplifies adding Google and GitHub authentication to Next.js apps using Clerk.
• Skateshop E-Commerce App in Next.js 13: An open source e-commerce skateshop app written by Sadman Sakib and built with Next.js 13 showcasing its latest features like App Routing, Image Optimization, and more.
• Full Stack Next.js Notion Clone: A complete tutorial written by Lukas Wimhofer for building a full stack Next.js clone of Notion using Clerk, Prisma, Planetscale, TipTap WYSIWYG editor, and shadcn/ui components.

🙌 Community Shoutouts

Shoutout to Antonio Erdeljac for creating an amazing YouTube tutorial on building a full-stack e-commerce app with Next.js 13, React, Tailwind, Prisma, MySQL and Clerk!

Watch the full tutorial →

Stay tuned for future updates. If you have feedback or suggestions, leave us feedback on the docs via Docsly, tweet us at @ClerkDev, or join the Clerk Community on Discord.