Clerk BlogThe official source for news, thoughts, and announcements from Clerk

Company

Changelog June 17, 2022

Updated pricing, Organizations hooks, AppSync support

Company

Changelog June 10, 2022

Side-by-side Web2 & Web3 auth, strict sign up requirements, brand new documentation, use-stripe-subscription, inaugural weekly office hours

Engineering

Refactoring Stripe's API for frontend access

We built `use-stripe-subscription` to make it easier for React developers to implement Stripe Billing

Company

Changelog June 3, 2022

Embeddable Magic Links, E2E Testing, The New Wave Remix Stack. Updated pricing coming soon.

Insights

The New Wave Stack

A custom Remix stack with Clerk, Fauna, and Netlify.

Company

Changelog May 27, 2022

Announcing our roadmap as a Customer Identity Platform, managing over 250,000 users. Plus, a new homepage and improved documentation.

Company

Changelog May 20, 2022

Announcing our roadmap as a Customer Identity Platform, managing over 250,000 users. Plus, a new homepage and improved documentation.

Engineering

Three best practices for building React REST SDKs

For optimal developer experience, React SDKs require completely different patterns than Node

Company

Changelog May 13, 2022

Continued organization management improvements, update domain in production, and a community spotlight on the Chop Suey Remix stack

Company

Changelog May 6, 2022

SOC2 and HIPAA certifications, Organizations updates, Email deliverability, and test mode.

Engineering

Next.js SSR authentication with Clerk

Next.js SSR authentication is easy with Clerk - just a few lines of code to get started.

Company

Changelog Apr 29, 2022

React 18 support, Remix & Fauna tutorial, email deliverability updates, organization deletion, and a community spotlight on Cypress testing!

Engineering

How to skip CORS preflights and speed up your API with polyfills

CORS preflights add unnecessary latency to requests. Learn to use "simple" requests to skip the preflight entirely.

Insights

The future of authentication is both stateful and stateless

Stateful authentication is more secure. Stateless authentication is faster. A hybrid approach delivers the best of both worlds.

Company

Changelog Apr 22, 2022

Expo / React Native support, "slug" field for organizations, usernames in JWT templates, and a bucket o' Remix updates

Engineering

It's the little things: Three developer experience delights of our Remix authentication package

We integrate with a lot of React frameworks - here's what we love most about our Remix authentication package

Engineering

Three ways Clerk is more secure than Stytch for session management

Though each service performs the same function, there are important differences between how Clerk and Stytch manage sessions.

Company

Changelog Apr 15, 2022

This week we launched alpha support for authenticating Gatsby SSR, webhooks and metadata for Clerk-managed organizations, and improved observability.

Engineering

Unicorn or Chameleon? Two strategies for exporting customizable React components

React Components are the future of APIs – but how can developer tools companies enable robust customization? We explore two strategies.

Company

Changelog Apr 8, 2022

OAuth after Sign Up, mergeable custom metadata, improved observability, and optional usernames - plus, try our Clerk x RedwoodJS authentication integration!

Insights

Just-in-time API requests are replacing webhooks

Only 30% of Clerk customers use webhooks to sync user data into their own database. Instead, most skip syncing and use our APIs to retrieve data in real-time.

Company

Changelog Apr 1, 2022

Instant Component previews, in-house docs, email deliverability improvements, plus Supabase Launch Week!

Company

Changelog Mar 25, 2022

Bring-your-own IdP with Sign in Tokens, new allowlist for sign ups, Sign in with Apple, and a `user.organizations` shortcode for custom JWT templates.

Company

Changelog Mar 18, 2022

Server-side JWTs for Supabase and custom integrations, Firebase Authentication password migrations, toggleable hosted components, and a community spotlight!

Company

Changelog Mar 11, 2022

Try our new and improved Remix integration! Plus, we refactored our authentication settings, and moved JWT templates into general availability.

Company

Changelog Mar 4, 2022

Organization management API, custom OAuth scopes, application/json support, Microsoft and Notion Social Login, FaunaDB JWT template, and more!

Company

Changelog Feb 25, 2022

A new Redwood guide and Remix SDK. Plus, our Organization management features are coming *very* soon!

Company

Changelog Feb 18, 2022

We launched our Remix SDK, a new Fauna integration, instant development instances, and quick links for customization!

Company

Changelog Feb 11, 2022

Usernames from social logins, a suite of frontend-accessible database integrations, Dropbox and Bitbucket social logins, BCrypt and Django password migrations

Company

Changelog Feb 4, 2022

Open source javascript, an improved Supabase integration, LinkedIn social login, metadata for invitations, and credit where credit is due!

Company

Changelog Jan 28, 2022

SSR for Next.js, improved Hasura integration, custom JWT signing keys + a community-built Web3 guide

Company

Changelog Jan 21, 2022

Open-source Javascript, Web3 authentication, easier onboarding, cross-origin auth docs, and the ultimate guide to Next.js auth - what a week!

Engineering

Introducing Web3 Authentication

Clerk is saving Web3 developers from the greatest evils of the Web2 platform: cookies, multifactor authentication, and profile enrichment

Company

Changelog Jan 14, 2022

Chore week! Email deliverability, NPM sourcemaps, and a new product page on one-time passcodes.

Insights

How to compete and WIN in a software economy [Part 2]

In this next part, we'll discuss how to identify 'core' vs. 'non-core' development & how thoughtful outsourcing can be used to develop process power.

Insights

How to compete and WIN in a software economy [Part 1]

Software has eaten the world and almost every business is a software business. How do you develop a competitive advantage and win in today's software economy?

Company

Changelog Jan 7, 2022

Beta for our Supabase integration (our most requested integration of Q4!), more about our security practices, and a new community contribution

Insights

The Ultimate Guide To JSON Web Tokens (JWTs) and Token-Based Authentication

JSON Web Tokens, more commonly known as JWTs, are encoded and cryptographically signed data that allows for the secure transfer of information.

Insights

2021: The Year Authentication Saw a Resurgence (and Why)

Authentication saw a resurgence as developers demanded better tools for Modern Web frameworks like Next.js, and users demanded easier sign-in options

Guide

NextJS + Supabase + Clerk: Build a simple todo app with multifactor authentication

Learn how to build a todo app with Next.js, Clerk, and Supabase. This app will add todos, sign in, sign up, user profile and multifactor authentication.

Company

Very Merry Changelog, Dec 24, 2021

We've launched custom JWTs for authentication, improved security for magic links, easier onboarding and productionizing, and a new homepage! Happy holidays!

Company

Changelog Dec 17, 2021

Happy holidays, we're launching customizable email and SMS templates!

Company

Changelog Dec 10, 2021

Our new dashboard has launched! Plus new <SignInButton> and <SignUpButton> utilities

Company

Changelog Dec 3, 2021

Clerk supports Expo, React Native, Invitations, new Allowlist options, and much more. Authentication for the modern Web, now natively supporting mobile.

Insights

Consider dropping your users table

The same way we would rather let Stripe handle your credit card, we'll let Clerk handle your phone numbers, emails and sessions.

Company

Changelog Nov 26, 2021

Rolling sessions, beta for our new dashboard, and a simple CNAME change for new production applications

Insights

Trading Experts | Case Study

A case study of how Trading Experts used Clerk to quickly implement the authentication and user management features they needed.

Company

Changelog Nov 19, 2021

New magic link API and docs, DIY session token validation docs, Twitch SSO support, and a new information page on OAuth SSO

Company

Clerk is hiring a senior frontend team to expand our full-stack component library

Seeking experts in CSS, browser APIs, JS bundling, React, react-native, Swift, Kotlin and Developer Experience

Company

Changelog Nov 12, 2021

Magic links have launched! Plus Twitter social sign-in, a new guide on passwordless authentication, and a new starter with Fastify, React, and Prisma

Company

Changelog Nov 5, 2021

Session management as-a-service, a more extensible <UserProfile/>, Discord and GitLab sign in, and a new guide on data-syncing

Insights

The Ultimate Guide to BCrypt and Authentication Protocols

Learn why bcrypt is the industry standard hashing algorithm for authentication - including its history and how it compares to other protocols.

Company

Changelog Oct 29, 2021

Next.js authentication at the edge and bug fixes for our upcoming magic link launch

Company

Changelog Oct 22, 2021

Faster, faster, faster! Sub-millisecond auth in your backend, faster sign-in, and faster loading. Plus, community Ember.js and Next.js support.

Company

Changelog Oct 15, 2021

Announcing Authentication v2 - from our first company retreat in Greece

Company

Changelog Oct 8, 2021

Style with the `theme` prop, set a custom session duration, startup pricing, and beta for "magic links"

Company

Changelog Oct 1, 2021

Price drop to 2¢ per MAU, a new guide to customization, a new Google Analytics integration, and a complete API reference.

Insights

Passwordless 101

Learn about passwordless authentication and the most common methods used today.

Insights

History and Rise of "Passwordless"

Learn the history of passwordless, and how it became popularized. From OTPs to MFA to mobile.

Insights

Session management: What it is and why your security depends on it

Learn about session management, its components, and security concerns.

Insights

Don’t underestimate the value of a secure, seamless ‘forgot password’ flow

Learn about “forgot password” flows, how they work, and the best practices to keep in mind.

Guide

Add authentication to your Gatsby app

Learn how to add authentication and user management to your Gatsby app with Clerk.

Guide

Authenticated data access using Clerk, Prisma, and MongoDB - A post-making fullstack app

Add a complete authentication workflow with authenticated access to your Prisma API layer to your web application.

Engineering

Generating sortable Stripe-like IDs with Segment's KSUIDs

Learn how Clerk generates resource IDs with inspiration from Stripe and Segment.

Guide

Serverless authentication with Clerk and Firebase

Protect your Firebase Cloud Functions with user authentication using Clerk.

Guide

Row-level access for your Airtable-powered application with Clerk

Learn how to add complete user authenticated access to your Airtable data API using Clerk.

Guide

Build a premium recipes app with Clerk and Firebase

Learn how to connect Clerk as an authentication and user management solution together with your Firebase as your backend.

Company

Clerk raises $4 million to build the next-gen authentication and user management platform for developers

Clerk raised a $4 million seed round led by S28 capital with Andrew Miklas (cofounder, PagerDuty) joining our board.

Insights

Designing fast sign in forms— diving into the data

Key insights on building fast sign in forms with Social Sign In, password-based, and passwordless authentication.

Engineering

How we use End To End tests to bulletproof our authentication flows across browsers

In recent years, End To End testing has become a regular topic of discussion in small team environments. The main reasons for this are the evolution of tooling and the need to shift towards high velocity product development.

Guide

Build a to-do app with Clerk and Hasura— and no backend code

Learn to build a to-do app using Clerk for authentication, Hasura for data storage and access, and Next.js for the frontend.

Engineering

How HttpOnly cookies help mitigate XSS attacks

HttpOnly cookies do not prevent cross-site scripting (XSS) attacks, but they do lessen the impact and prevent the need to sign out users after the XSS is patched. HttpOnly cookies are not a substitute for XSS prevention measures.

Guide

How to deploy Clerk using Vercel with one click

If you are looking to implement Auth in the easiest way possible, this is the tutorial for you. Deploy in 5 minutes.

Company

Introducing Clerk: All of user management, not just authentication

The task came with a sense of helplessness. We knew what "great" looked like, but it was impractical to build all of that functionality.