/Integrations
v1.2Clerk
Validate Clerk Backend API auth, JWKS reachability, and optional JWT signatures.
Integration
Clerk
Confirms Clerk auth keys, JWKS reachability, and optional JWT verification.
Clerk failures at launch usually surface as "works in dev, broken in prod"—mismatched keys, stale JWKS URLs, or JWT verification that never ran against a real session token. PreFlight validates Backend API auth, signing key fetch, and optional sample JWT verification before users hit sign-in.
Requirements
- Publishable key from the Clerk dashboard
- Secret key for Backend API access
- JWKS URL for your Clerk instance
- Optional short-lived sample session JWT from the deployed app
What PreFlight checks
| Probe | What it proves |
|---|---|
| Backend API auth | The secret key authenticates against Clerk's Backend API. |
| JWKS reachability | The JWKS endpoint is reachable and returns signing keys. |
| JWT signature | A sample session token verifies against the fetched JWKS when supplied. |
| Key alignment | Publishable and secret keys belong to the same Clerk instance. |
Failure guidance
| Symptom | Fix |
|---|---|
| Backend API rejected | Confirm the secret key matches the environment (development vs production). |
| JWKS fetch failed | Copy the JWKS URL from Clerk → API Keys and confirm it is publicly reachable. |
| JWT verification failed | Generate a fresh session token from the deployed app—not a stale dev token. |
| Instance mismatch | Ensure publishable key, secret key, and JWKS URL all reference the same Clerk application. |
Dashboard setup
- Go to Integrations → Clerk in your PreFlight project.
- Paste the publishable key, secret key, and JWKS URL from Clerk → API Keys.
- Optionally paste a fresh sample JWT from a signed-in session on your staging URL.
- Run Pre-Flight Check and confirm API auth and JWKS probes pass.
