feat(backend): Add Frontend API proxy helpers #7602

brkalow · 2026-01-15T04:38:37Z

Description

Adds Frontend API proxy support to clerkMiddleware for both Next.js and Express. This enables scenarios where direct communication with Clerk's API is blocked or needs to go through the application server.

API

Next.js

import { clerkMiddleware } from '@clerk/nextjs/server';

export default clerkMiddleware({
  // Enable proxy with defaults (path: '/__clerk')
  frontendApiProxy: {
    enabled: true,
  },
});

// Or with multi-domain support using a function
export default clerkMiddleware({
  frontendApiProxy: {
    enabled: (url) => url.hostname === 'app.example.com',
  },
});

// Custom proxy path
export default clerkMiddleware({
  frontendApiProxy: {
    enabled: true,
    path: '/custom-clerk-proxy',
  },
});

Express

import express from 'express';
import { clerkMiddleware } from '@clerk/express';

const app = express();

// Enable proxy with defaults (path: '/__clerk')
app.use(clerkMiddleware({ frontendApiProxy: { enabled: true } }));

// Custom proxy path
app.use(clerkMiddleware({ frontendApiProxy: { enabled: true, path: '/my-proxy' } }));

// Disable proxy
app.use(clerkMiddleware({ frontendApiProxy: { enabled: false } }));

Key Features

Embedded in clerkMiddleware: No separate middleware needed - proxy handling is built into clerkMiddleware
Auto-derived proxyUrl: The proxyUrl for handshake redirects is automatically derived from the frontendApiProxy config
Multi-domain support (Next.js): Use a function for enabled to conditionally enable proxy based on request URL
Streaming body support: Request and response bodies are streamed for efficient handling
Header rewriting: Redirect responses are automatically rewritten to use the proxy URL

Type of change

🌟 New feature

Testing

Unit tests added for proxy functionality in both Next.js and Express
Tests cover: proxy path matching, proxyUrl derivation, multi-domain support, header handling

…s, and @clerk/express Implement clerkProxy helper that abstracts away the complexity of proxying Clerk's Frontend API (FAPI) requests. This enables scenarios where direct communication with Clerk's API is blocked or needs to go through the application server. - Core proxy implementation in @clerk/backend/src/proxy.ts with environment-aware URL derivation - Next.js integration via clerkMiddleware frontendApiProxy option and route handlers - Express middleware for handling proxy requests with body streaming support - FAPI URL constants added to @clerk/shared for environment detection Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

changeset-bot · 2026-01-15T04:38:41Z

⚠️ No Changeset found

Latest commit: 1c941f8

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

vercel · 2026-01-15T04:38:42Z

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
clerk-js-sandbox	Skipped		Jan 22, 2026 7:43pm

- Add comprehensive tests for @clerk/backend/proxy including FAPI URL derivation, path matching, and request forwarding - Add tests for @clerk/nextjs/proxy route handlers and exports - Add tests for @clerk/express/proxy middleware and request conversion Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

The Next.js proxy tests mocked the underlying @clerk/backend/proxy, making them essentially test that wrapper A calls function B - no real behavior was verified. The backend proxy tests provide actual coverage. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Allow the `enabled` option in `frontendApiProxy` to accept a function `(url: URL) => boolean` for conditional proxy based on the request URL. This enables scenarios where an application has multiple domains and only some require proxying (e.g., `foo.replit.app` proxied while `foo.com` uses direct FAPI access). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

- Add X-Forwarded-Host and X-Forwarded-Proto headers for proxy awareness - Preserve existing X-Forwarded-* headers from upstream proxies - Rewrite Location headers for FAPI redirects to go through the proxy - Add tests for new header handling and redirect rewriting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

…t.js - Remove separate @clerk/express/proxy entry point and middleware - Embed proxy handling directly in Express clerkMiddleware - Auto-derive proxyUrl from frontendApiProxy config for handshake redirects - Add FrontendApiProxyOptions type with enabled and path options - Align API structure between Express and Next.js SDKs - Remove low-value constant tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

- Change from defaulting enabled to true, to requiring explicit enabled: true - Update tests to use enabled: true - Update JSDoc to remove default annotation Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

github-actions bot added nextjs backend express core-3 labels Jan 15, 2026

vercel bot deployed to Preview January 15, 2026 04:39 View deployment

vercel bot deployed to Preview January 15, 2026 04:45 View deployment

vercel bot temporarily deployed to Preview January 15, 2026 04:50 Inactive

brkalow changed the title ~~feat: Add Frontend API proxy helpers~~ feat(backend): Add Frontend API proxy helpers Jan 15, 2026

vercel bot deployed to Preview January 16, 2026 20:23 View deployment

vercel bot deployed to Preview January 21, 2026 20:10 View deployment

vercel bot deployed to Preview January 22, 2026 16:01 View deployment

docs: Update Express frontendApiProxy examples to use enabled: true

77f9869

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

vercel bot temporarily deployed to Preview January 22, 2026 19:40 Inactive

fix: Require explicit enabled: true for Express frontendApiProxy

1c941f8

- Change from defaulting enabled to true, to requiring explicit enabled: true - Update tests to use enabled: true - Update JSDoc to remove default annotation Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

vercel bot temporarily deployed to Preview January 22, 2026 19:43 Inactive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(backend): Add Frontend API proxy helpers #7602

feat(backend): Add Frontend API proxy helpers #7602

Uh oh!

brkalow commented Jan 15, 2026 •

edited

Loading

Uh oh!

changeset-bot bot commented Jan 15, 2026 •

edited

Loading

Uh oh!

vercel bot commented Jan 15, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

feat(backend): Add Frontend API proxy helpers #7602

Are you sure you want to change the base?

feat(backend): Add Frontend API proxy helpers #7602

Uh oh!

Conversation

brkalow commented Jan 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

API

Next.js

Express

Key Features

Type of change

Testing

Uh oh!

changeset-bot bot commented Jan 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ No Changeset found

Uh oh!

vercel bot commented Jan 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

brkalow commented Jan 15, 2026 •

edited

Loading

changeset-bot bot commented Jan 15, 2026 •

edited

Loading

vercel bot commented Jan 15, 2026 •

edited

Loading