getting user currently active organization and metadata with clerk auth?
Hello all ๐ , I tried to follow the documentations to setup clerk with convex and got it working, however, the token data doesn't not include currently active organization nor the user metadata. is there is a working example on how to do that?
9 Replies
hey @fawwaz . a few others have run into this before, and have solved this using clerk webhooks to get richer data syncing between clerk and convex. @Michal Srb has done a ton of great work on the convex <-> clerk bridge. he might remember more about this or remember a link to some sample somewhere
I can't seem to find it right now
I know some of our customers have done this
https://www.convex.dev/templates/clerk might be what you're thinking of?
Templates
The backend application platform with everything you need to build your product.
yep, thanks @sshader . @fawwaz see here: https://github.com/thomasballinger/convex-clerk-users-table/blob/main/convex/http.ts
GitHub
convex-clerk-users-table/convex/http.ts at main ยท thomasballinger/c...
Contribute to thomasballinger/convex-clerk-users-table development by creating an account on GitHub.
Thanks guys will check it out ๐
hey @jamwt so the enriching our convex db through a web-hooks went a long way, but there is still one issue that I'm not sure about. a Single user could belong to multiple organizations but when a user where make a request we need to know what organization is currently active for that user. According to clerk the easiest way to handle this is to customize the session toke to include the
orgId
claim. However, doing doesn't seem to change the return shape from ctx.auth.getUserIdentity()
, WDYT?Hey @fawwaz , you'll need to stick the org id in one of the valid OpenID Connect claims, which are listed here:
https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
I think some folks used the "gender" claim, for example.
Final: OpenID Connect Core 1.0 incorporating errata set 1
OpenID Connect Core 1.0 incorporating errata set 1
but I think I did that already through the clerk dashboard, but the return value from
ctx.auth.getUserIdentity()
doesn't reflect that, am I doing it wrong?
You want
The left side is the Claim name, and that one needs to be one of the ones I linked (this is a current Convex limitation).
You also probably want to leave the other claims in the template, and make sure to hit SAVE on the Clerk dashboard, otherwise the template doesn't update.
ohhh, I see what you mean, thanks @Michal Srb , but I think for now I'll require the frontend to send the orgId and verify on the backend,
Custom claims are now supported with
convex@1.14.0