Sources

So let’s jump into it. This is a really cool quote: “It took weeks to integrate billing with Clerk’s auth.” That sounds horrible, right? Like, why would we be promoting this as how great Clerk Billing is? Well, that’s because that’s what customers said to us in the past. They said, “You know what, Clerk is awesome, but it’s really hard to integrate billing.” And so we said, “That’s a good idea. Why don’t we build something to solve that?” So some of the things that they said to us was that writing code to sync webhooks is difficult. If anyone’s ever built a SaaS integration before, you know that can be tough and no fun. There’s a bunch of downsides to doing this yourself. Mostly it’s just pure frustration and pain, right? So what we wanted to do is build a solution that really takes minutes and takes advantage of the whole Clerk ecosystem. No webhooks necessary. So if you’re writing code and you’re building an app, you don’t have to build in any code to sync webhooks. … ... This is how Clerk knows, “Hey, here’s how we’re going to authenticate you and know which app you are trying to run here.” ... So what we could do is something like this, where we say, “has Platinum” or “has Gold.” And this would do it, right? I would be able to save this, and I’d be able to see that I have access to that special message. But this isn’t maintainable. You don’t want to keep adding a bunch of conditionals. So what can you do? Well, it’s pretty common when you’re building an app to build in this concept of features, where you could have a basic plan that has a list of features, and the pro plan has that same but more, right? … And so this is more like what you would actually build yourself, right? You’ve got a bunch of features. And so I’m still not able to access this thing. So let’s fix that. So instead of looking for a plan, let’s look for a feature. Let’s look for Widgets because, if you remember, both the Gold plan and the Platinum have access to Widgets. So I just save that and look at that. Now I have access again. And so this is a way easier, way, more maintainable way to control access to your app using Features. … Boom, got the environment keys changed. ... So orgs are now turned on. So if I go back here, well, what’s different? Well, there’s really nothing different. I have my user profile management stuff. So how can we make this good? ... And that would work. But again, that’s not super maintainable. I have access again, but it’s not maintainable. So what can we do here, right? Well, we could use the plan features, as I showed you before, but there’s something else with orgs, right? Typically, when you do RBAC, you have a role, and then you add permissions to it. … And so you can imagine in your own apps, as you build out a much deeper integration, how simple and easy this can be to set up. ... And what we’re doing right here is we’re giving Clerk—that’s us, that’s those people—we’re giving Clerk all the drudgery, the stuff that we don’t want to deal with, to Clerk, and Clerk is making it super easy for us to do. So that’s the end of my demo.

Also, the clerk service has layered integrations, powered by an http layer. We have customers using each part of the layer for varied integration types. That being said, the SDKs for the spa frameworks are the easiest to use. ... But the main idea is that we wanted most apps to cost ~$25/mo - $100/mo, and, if you're building a B2B SaaS, you're going to have far fewer MAUs, and so we wanted the base cost to be higher at ~200/mo. ... Banning users is still currently on the $25/mo tier which feels wrong, it should be in the free tier. We're due for a pricing revamp again quite frankly to make these pricing options more attractive. The tricky thing with the MAU costs is that a lot of folks seems to think they have a monster on their hands and forecast for like 1M MAUs or something, which is so far from reality. It's tough to balance all of these competing priorities -- and if we don't have enough revenue, we can't keep building and investing in the platform for which we have pretty big ambitions.

Refer to the Backend API and Frontend API reference docs for questions about object structures, requests, and responses. Are you looking for a place to get started?

## When to Use - +Quick auth setup - +Pre-built UI needed - +B2B SaaS ## When Not to Use - -Self-hosted required - -Full customization needed - -Budget constraints … ## Weaknesses - Vendor lock-in - Pricing at scale - Limited customization … ### Quick Facts - **Category** Authentication - **License** commercial - **Pricing** freemium (free tier) - **Community** medium - **Docs Quality** excellent - **Trend** rapidly growing - **Vendor Lock-in** high - **Data Portability** moderate

After that, it gets {ts:135} noticeably more expensive, costing multiple times more per user versus Superbase. So, if you plan to have many {ts:143} users and earn little per user, then personally, I wouldn't use Clerk since the pricing is quite high once you go {ts:150} above that free tier. Now in terms of the developer experience and real world feedback, Superbase has an integrated {ts:157} back end and is powerful and flexible, especially with the rowle security, but you may need to build your own UI {ts:164} components and handle authentication workflows manually. Clerk on the other hand offers plug and play components for {ts:171} login, sign up, profiles, and sessions. It's smooth and quick to set up. One review mentions that it is practically {ts:179} the only solution that took less than a few minutes to integrate. Now, downsides include less control over authentication {ts:187} logic, being tied to a third party, and limited customization unless you are on a pay tier, which again is quite

Poor user management can stand between users and products. From forgotten passwords and failed account de-duplication, to broken and out-of-sync vendor integrations — there's a lot that can go wrong. Clerk is a software solution that aims to solve user…Read more

I have not faced any stability issues with the product. Read full review ... I am not sure if there could be the use of other languages, like Python, Django, and Slack.

### Transcript {ts:0} Why you should stop using Clerk right now. I'm pretty bullish about Clerk {ts:6} since it's been released and I really think it's a big mistake to use this tool right now, especially since the IIA {ts:15} area arrived, especially since the AI area arrived. So let's deep why you should not use clerk together. So I make {ts:26} main five six points as we have just here. So what is the first point? Authentification is the core of your {ts:36} application. O defines your apps architecture. Why you should delegate the most important part of your app to a {ts:46} company that you don't control? Because what you actually delegating first user data credential session metadata all on {ts:55} day server you don't own the data anymore second app architecture your middleware roots components depends now {ts:64} on clerk SDK so a migration cost a lot business continuity if cler change pricing pivot or die you're stuck okay {ts:74} because all your app depends on this tool so now you to continue to use clerk because all of this view all of these {ts:82} components use clerk security model. So this is one good argument for clerk for big company that doesn't want to look {ts:92} like they handle everything on their own. Clerk have a really good security. So this is one good argument and you {ts:100} have the user experience pre-built components. What happened? You get the great lock in again password are not {ts:107} exportable in plain text all user sation terminate everyone must relog if you migrate use o cler provider middle {ts:114} weight you need to rewrite everything so here it's a bit [ __ ] but the main point is do you want to delegate {ts:122} authentification because few months ago there is a sense to {ts:128} delegate this because it was boring to rebuild the UI again and again and again but Now in this area is this worse to do … {ts:372} why why you need to pay for user? What is the reason you would pay for any user in your app? It's no sense. Like I just {ts:384} don't understand why anyone would use this tool. So {ts:390} what you have here when you pay is then you have a lot of upsell. … {ts:522} Okay, I don't understand. Uh so here we have the bing. ... Like basically it's stripe and they are like {ts:531} okay stripe is already a good software. Let's add the fees on top of it. All of this to add you shitty feature that code {ts:539} can vibe code in less than three second, right? Like clo vood this billing software in less than 3 seconds. But {ts:546} they will charge each of your user 0.7%. 0.7%. Is this insane? Yes, it's insane. Okay, … So we add more feature and we {ts:600} pay wall some of our previously free feature or we add re feature that our user require request {ts:609} and we basically put a price on it. phase three extract pred predatory pricing vendor locking assume so they {ts:617} will print money cla is a company that lose money for sure I don't know actually verify this information I think {ts:624} so for example o zero raised massive here is what happened cla is the same trajectory so we have just here {ts:633} then technical problem clarness gs is not optimized 50% of your app bundle it's a lot of [ __ ] so clerk creates {ts:642} some latency. I I have no I I didn't try it. Okay, so take this with a some salt. Okay, it's okay. Community Exod Why do {ts:652} you think CL pricing is predatory though? So they asked this directly to Cler founder. The typical CL developer {ts:660} journey months one to six cler is amazing. Months 12 the pricing month they send months 18 locked in or {ts:668} switched. So uh when we eat 50k user cler quest 5,000 a month switch to better o in two weeks save 50,000 a year {ts:678} sation terminate randomly user locked out for no reason super say noun issue $100 a month surprise at an image me

Poor user management can stand between users and products. From forgotten passwords and failed account de-duplication, to broken and out-of-sync vendor integrations — there's a lot that can go wrong. Clerk is a software solution that aims to solve user…Read more

One of the biggest reasons for its popularity is the **generous free tier**, which now includes **50,000 Monthly Retained Users (MRUs)** per application. This is significantly higher than most competing identity providers. However, like most authentication platforms, costs can increase quickly as applications scale. This guide explains: - Clerk’s latest pricing structure ... # Hidden Costs to Watch While Clerk’s pricing page looks straightforward, teams often discover additional costs as their applications grow. … # When Clerk Makes Sense ... # When Costs Can Become a Problem Costs may grow faster when: - Applications exceed **50K users** - B2B SaaS products create many organizations - Multiple enterprise SSO connections are required In these scenarios, teams often evaluate alternatives with more predictable pricing models. # Final Thoughts Clerk offers one of the best developer experiences in the authentication ecosystem. Its generous free tier and modern SDKs make it a compelling choice for startups. However, the pricing model introduces several cost drivers: - per-user billing - per-organization fees - enterprise connection pricing Before adopting Clerk, teams should model long-term growth and compare alternatives.

1. **Configure Clerk for Supabase:** In your Clerk dashboard, navigate to API Keys and enable Supabase compatibility. 2. **Add Clerk as a Third-Party Auth Provider in Supabase:** In Supabase, go to**Authentication > Providers > External OAuth** and select**Clerk**. You’ll need to input the**Issuer URL** and**JWKS endpoint** from Clerk (Clerk’s docs or connect page will show you what values to use). … ... ``` ### Challenges and Solutions - **Session Management**:*Challenge:* Ensure Clerk’s session is available before initializing Supabase.*Solution:* Use useEffect to wait for the session before creating the Supabase client. - **Error Handling**:*Challenge:* Errors when saving or fetching data can disrupt the UX.*Solution:* Implement error checks and show clear feedback to the user. ## What About Session Security? (The Hidden Risk No One Talks About) So far, Clerk + Supabase covers authentication (who the user is) and data access rules. But one aspect often overlooked is **session security**. Common risks include: - **Stolen Tokens:** If an attacker somehow obtains a user’s refresh token or access token (via XSS, device theft, etc.), they can impersonate that user until the token expires. - **Replay Attacks:** Without proper handling, someone could reuse an old valid refresh token to continue a session indefinitely. - **Session Hijacking:** If your system only allows a single session per user, an attacker who logs in on one device can knock out other sessions, and vice versa. Clerk and Supabase handle basic sessions well (Clerk rotates refresh tokens, etc.), but these advanced threats can still be concerns. This is where SuperTokens shines. It’s designed with **advanced session security** features. ## How SuperTokens Fixes This Problem **SuperTokens** puts session security at the forefront. Compared to Clerk or vanilla Supabase Auth, SuperTokens offers: ... Each time a refresh token is used, a new one is issued and the old one is invalidated. This one-time-use refresh scheme means a stolen refresh token is useless after first use. - **Token theft detection & rotation:** SuperTokens can detect if a refresh token is being reused (an anomaly indicating theft) and revoke all sessions for that user immediately. - **Granular session revocation:** You can revoke individual device sessions. For instance, SuperTokens provides backend functions like ```

## Strengths ... - Easy setup - Modern DX - Pre-built components ## Weaknesses - JavaScript focused - Managed only … ### Quick Facts - **Category** ... medium - **Data Portability** moderate