Persistent Clerk Auth Issue: Convex ctx.auth.getUserIdentity() always null (Error: "No auth provider
Hey @everyone or @support,
I'm facing a very stubborn issue with Clerk authentication in my Convex backend, and I've exhausted all standard troubleshooting. ctx.auth.getUserIdentity() consistently returns null in my Convex functions, leading to "You must be logged in" errors.
The specific error in Convex logs is: "Failed to authenticate: "No auth provider found matching the given token", check your server auth config"
Here's a quick summary of what I've confirmed:
Clerk JWT Template ("convex"):
Issuer: https://exciting-hedgehog-57.clerk.accounts.dev (Verified in Clerk dashboard).
Claims: Confirmed aud: "convex" is present and correctly spelled in the template's custom claims (verified via jwt.io on the actual token).
convex/auth.config.ts:
TypeScript
export default {
providers: [{
domain: "https://exciting-hedgehog-57.clerk.accounts.dev",
applicationID: "convex",
}],
};
This configuration perfectly matches the JWT's iss and aud.
Convex Dashboard Environment Variables:
CLERK_JWT_ISSUER_DOMAIN is set to https://exciting-hedgehog-57.clerk.accounts.dev.
CLERK_FRONTEND_API_URL is set to https://moved-glowworm-14.clerk.accounts.dev.
These match my Clerk domains.
JWT Verification (Crucial):
I've captured the actual JWT sent from my browser to Convex (via getToken({ template: "convex" })).
Pasting this token into jwt.io successfully decodes it, and it clearly shows iss: "https://exciting-hedgehog-57.clerk.accounts.dev" and aud: "convex". This confirms the token itself is correctly formed.
What I've tried (repeatedly):
Hard refreshing browser, clearing cache.
Deleting .next and .convex directories locally.
Stopping/restarting Next.js and Convex dev servers.
Running npx convex deploy after every config change.
Despite the token being valid and all configurations matching, Convex still fails to authenticate, implying it cannot find a matching auth provider. This seems like an unusual edge case.
I'm facing a very stubborn issue with Clerk authentication in my Convex backend, and I've exhausted all standard troubleshooting. ctx.auth.getUserIdentity() consistently returns null in my Convex functions, leading to "You must be logged in" errors.
The specific error in Convex logs is: "Failed to authenticate: "No auth provider found matching the given token", check your server auth config"
Here's a quick summary of what I've confirmed:
Clerk JWT Template ("convex"):
Issuer: https://exciting-hedgehog-57.clerk.accounts.dev (Verified in Clerk dashboard).
Claims: Confirmed aud: "convex" is present and correctly spelled in the template's custom claims (verified via jwt.io on the actual token).
convex/auth.config.ts:
TypeScript
export default {
providers: [{
domain: "https://exciting-hedgehog-57.clerk.accounts.dev",
applicationID: "convex",
}],
};
This configuration perfectly matches the JWT's iss and aud.
Convex Dashboard Environment Variables:
CLERK_JWT_ISSUER_DOMAIN is set to https://exciting-hedgehog-57.clerk.accounts.dev.
CLERK_FRONTEND_API_URL is set to https://moved-glowworm-14.clerk.accounts.dev.
These match my Clerk domains.
JWT Verification (Crucial):
I've captured the actual JWT sent from my browser to Convex (via getToken({ template: "convex" })).
Pasting this token into jwt.io successfully decodes it, and it clearly shows iss: "https://exciting-hedgehog-57.clerk.accounts.dev" and aud: "convex". This confirms the token itself is correctly formed.
What I've tried (repeatedly):
Hard refreshing browser, clearing cache.
Deleting .next and .convex directories locally.
Stopping/restarting Next.js and Convex dev servers.
Running npx convex deploy after every config change.
Despite the token being valid and all configurations matching, Convex still fails to authenticate, implying it cannot find a matching auth provider. This seems like an unusual edge case.
