clerk · wobsoriano · Oct 17, 2025 · Oct 9, 2025 · Oct 9, 2025 · Oct 9, 2025
@@ -10,5 +10,5 @@ The `Auth` object is available on the `request` object in server contexts. Some
 | Express | [`req.auth`](/docs/reference/express/overview) |
 | React Router | [`getAuth()`](/docs/reference/react-router/get-auth) |
 | Remix | [`getAuth()`](/docs/reference/remix/overview#get-auth) |
-| Tanstack React Start | [`getAuth()`](/docs/reference/tanstack-react-start/get-auth) |
+| Tanstack React Start | [`auth()`](/docs/reference/tanstack-react-start/auth) |
 | Other | `request.auth` |
@@ -68,32 +68,20 @@ sdk: tanstack-react-start
   CLERK_SECRET_KEY={{secret}}
   ```
 
-  ## Add `createClerkHandler()`
+  ## Add `clerkMiddleware()` to your app
 
-  TanStack's [`createStartHandler()`](https://tanstack.com/router/latest/docs/framework/react/start/getting-started#the-server-entry-point) creates a server-side handler that determines which routes and loaders need to be executed when the user hits a given route.
+  [`clerkMiddleware()`](/docs/reference/tanstack-react-start/clerk-middleware) grants you access to user authentication state throughout your app, on any server function or route.
 
-  Clerk's [`createClerkHandler()`](/docs/reference/tanstack-react-start/create-clerk-handler) configures Clerk to handle authentication state for TanStack routes, allowing you to easily access user session information within your app.
+  Create a `src/start.ts` file and add `clerkMiddleware()` to the `requestMiddleware` array.
 
-  Create a custom handler and wrap it with `createClerkHandler()`, as shown in the following example:
+  ```tsx {{ filename: 'src/start.ts' }}
+  import { clerkMiddleware } from '@clerk/tanstack-react-start/server'
+  import { createStart } from '@tanstack/react-start'
 
-  ```tsx {{ filename: 'src/server.ts' }}
-  import {
-    createStartHandler,
-    defaultStreamHandler,
-    defineHandlerCallback,
-  } from '@tanstack/react-start/server'
-  import { createRouter } from './router'
-  import { createClerkHandler } from '@clerk/tanstack-react-start/server'
-
-  const handlerFactory = createClerkHandler(
-    createStartHandler({
-      createRouter,
-    }),
-  )
-
-  export default defineHandlerCallback(async (event) => {
-    const startHandler = await handlerFactory(defaultStreamHandler)
-    return startHandler(event)
+  export const startInstance = createStart(() => {
+    return {
+      requestMiddleware: [clerkMiddleware()],
+    }
   })
   ```
 
@@ -175,21 +163,18 @@ sdk: tanstack-react-start
 
   ### Server-side
 
-  To protect your routes, create a [server function](https://tanstack.com/router/latest/docs/framework/react/start/server-functions) that checks the user's authentication state via the [`getAuth()`](/docs/reference/tanstack-react-start/get-auth) method. If the user is not authenticated, they are redirected to a sign-in page. If authenticated, the user's `userId` is passed to the route, allowing access to the `<Home />` component, which welcomes the user and displays their `userId`. The [`beforeLoad()`](https://tanstack.com/router/latest/docs/framework/react/api/router/RouteOptionsType#beforeload-method) method ensures authentication is checked before loading the page, and the [`loader()`](https://tanstack.com/router/latest/docs/framework/react/api/router/RouteOptionsType#loader-method) method returns the user data for use in the component.
+  To protect your routes, create a [server function](https://tanstack.com/router/latest/docs/framework/react/start/server-functions) that checks the user's authentication state via the [`auth()`](/docs/reference/tanstack-react-start/auth) method. If the user is not authenticated, they are redirected to a sign-in page. If authenticated, the user's `userId` is passed to the route, allowing access to the `<Home />` component, which welcomes the user and displays their `userId`. The [`beforeLoad()`](https://tanstack.com/router/latest/docs/framework/react/api/router/RouteOptionsType#beforeload-method) method ensures authentication is checked before loading the page, and the [`loader()`](https://tanstack.com/router/latest/docs/framework/react/api/router/RouteOptionsType#loader-method) method returns the user data for use in the component.
 
   > [!TIP]
   > Ensure that your app has the [TanStack Start server handler](https://tanstack.com/start/latest/docs/framework/react/server-routes#handling-server-route-requests) configured in order for your server routes to work.
 
   ```tsx {{ filename: 'src/routes/index.tsx' }}
   import { createFileRoute, redirect } from '@tanstack/react-router'
   import { createServerFn } from '@tanstack/react-start'
-  import { getAuth } from '@clerk/tanstack-react-start/server'
-  import { getWebRequest } from '@tanstack/react-start/server'
+  import { auth } from '@clerk/tanstack-react-start/server'
 
   const authStateFn = createServerFn({ method: 'GET' }).handler(async () => {
-    const request = getWebRequest()
-    if (!request) throw new Error('No request found')
-    const { isAuthenticated, userId } = await getAuth(request)
+    const { isAuthenticated, userId } = await auth()
 
     if (!isAuthenticated) {
       // This will error because you're redirecting to a path that doesn't exist yet

@@ -8,9 +8,9 @@ When building a resource server that needs to accept and verify OAuth access tok
 
 <Include src="_partials/machine-token-pricing-callout" />
 
-Clerk provides a built-in [`getAuth()`](/docs/reference/tanstack-react-start/get-auth) function that supports token validation via the `acceptsToken` parameter. This lets you specify which type(s) of token your API route should accept in your TanStack React Start application.
+Clerk provides a built-in [`auth()`](/docs/reference/tanstack-react-start/auth) function that supports token validation via the `acceptsToken` parameter. This lets you specify which type(s) of token your API route should accept in your TanStack React Start application.
 
-By default, `acceptsToken` is set to `session_token`, which means OAuth tokens will **not** be accepted unless explicitly configured. You can pass either a **single token type** or an **array of token types** to `acceptsToken`. To learn more about the supported token types, see the [`getAuth()` parameters documentation](/docs/reference/tanstack-react-start/get-auth#parameters).
+By default, `acceptsToken` is set to `session_token`, which means OAuth tokens will **not** be accepted unless explicitly configured. You can pass either a **single token type** or an **array of token types** to `acceptsToken`. To learn more about the supported token types, see the [`auth()` parameters documentation](/docs/reference/tanstack-react-start/auth#parameters).
 
 ## Example 1: Accepting a single token type
 

@@ -12,7 +12,7 @@ To access active session and user data on the server-side, use the [`getAuth()`]
 
 ### Server data loading
 
-The [`getAuth()`](/docs/reference/tanstack-react-start/get-auth) helper returns the [`Auth`](/docs/reference/backend/types/auth-object) object of the currently active user, which contains important information like the current user's session ID, user ID, and organization ID, and the `isAuthenticated` property, which can be used to protect your API routes.
+The [`getAuth()`](/docs/reference/react-router/get-auth) helper returns the [`Auth`](/docs/reference/backend/types/auth-object) object of the currently active user, which contains important information like the current user's session ID, user ID, and organization ID, and the `isAuthenticated` property, which can be used to protect your API routes.
 
 In some cases, you may need the full [`Backend User`](/docs/reference/backend/types/backend-user) object of the currently active user. This is helpful if you want to render information, like their first and last name, directly from the server. The `clerkClient()` helper returns an instance of the [JS Backend SDK](/docs/js-backend/getting-started/quickstart), which exposes Clerk's Backend API resources through methods such as the [`getUser()`](/docs/reference/backend/user/get-user){{ target: '_blank' }} method. This method returns the full `Backend User` object.
 

@@ -8,7 +8,7 @@ Clerk provides a set of [hooks and helpers](/docs/reference/tanstack-react-start
 
 ## Server-side
 
-The [`getAuth()`](/docs/reference/tanstack-react-start/get-auth) helper returns the [`Auth`](/docs/reference/backend/types/auth-object) object of the currently active user, which contains important information like the current user's session ID, user ID, and organization ID, and the `isAuthenticated` property, which can be used to protect your API routes.
+The [`auth()`](/docs/reference/tanstack-react-start/auth) helper returns the [`Auth`](/docs/reference/backend/types/auth-object) object of the currently active user, which contains important information like the current user's session ID, user ID, and organization ID, and the `isAuthenticated` property, which can be used to protect your API routes.
 
 In some cases, you may need the full [`Backend User`](/docs/reference/backend/types/backend-user) object of the currently active user. This is helpful if you want to render information, like their first and last name, directly from the server. The `clerkClient()` helper returns an instance of the [JS Backend SDK](/docs/js-backend/getting-started/quickstart), which exposes Clerk's Backend API resources through methods such as the [`getUser()`](/docs/reference/backend/user/get-user){{ target: '_blank' }} method. This method returns the full `Backend User` object.
 
@@ -19,13 +19,12 @@ In the following example, the `userId` is passed to the JS Backend SDK's `getUse
     ```tsx {{ filename: 'src/routes/index.tsx' }}
     import { createFileRoute, redirect } from '@tanstack/react-router'
     import { createServerFn } from '@tanstack/react-start'
-    import { clerkClient, getAuth } from '@clerk/tanstack-react-start/server'
-    import { getWebRequest } from '@tanstack/react-start/server'
+    import { auth, clerkClient } from '@clerk/tanstack-react-start/server'
     import { UserButton } from '@clerk/tanstack-react-start'
 
     const authStateFn = createServerFn({ method: 'GET' }).handler(async () => {
-      // Use `getAuth()` to access `isAuthenticated` and the user's ID
-      const { isAuthenticated, userId } = await getAuth(getWebRequest())
+      // Use `auth()` to access `isAuthenticated` and the user's ID
+      const { isAuthenticated, userId } = await auth()
 
       // Protect the server function by checking if the user is signed in
       if (!isAuthenticated) {
@@ -67,14 +66,14 @@ In the following example, the `userId` is passed to the JS Backend SDK's `getUse
 
   <Tab>
     ```ts {{ filename: 'src/routes/api/example.ts' }}
-    import { clerkClient, getAuth } from '@clerk/tanstack-react-start/server'
+    import { auth, clerkClient } from '@clerk/tanstack-react-start/server'
     import { json } from '@tanstack/react-start'
     import { createServerFileRoute } from '@tanstack/react-start/server'
 
     export const ServerRoute = createServerFileRoute('/api/example').methods({
       GET: async ({ request, params }) => {
-        // Use `getAuth()` to access `isAuthenticated` and the user's ID
-        const { isAuthenticated, userId } = await getAuth(request)
+        // Use `auth()` to access `isAuthenticated` and the user's ID
+        const { isAuthenticated, userId } = await auth()
 
         // Protect the API route by checking if the user is signed in
         if (!isAuthenticated) {

@@ -2131,12 +2131,12 @@
                           "href": "/docs/reference/tanstack-react-start/overview"
                         },
                         {
-                          "title": "`getAuth()`",
-                          "href": "/docs/reference/tanstack-react-start/get-auth"
+                          "title": "`auth()`",
+                          "href": "/docs/reference/tanstack-react-start/auth"
                         },
                         {
-                          "title": "`createClerkHandler()`",
-                          "href": "/docs/reference/tanstack-react-start/create-clerk-handler"
+                          "title": "`clerkMiddleware()`",
+                          "href": "/docs/reference/tanstack-react-start/clerk-middleware"
                         }
                       ]
                     ]

@@ -1,24 +1,18 @@
 ---
-title: '`getAuth()`'
-description: The getAuth() helper retrieves the authentication state allowing you to protect your API routes or gather relevant data.
+title: '`auth()`'
+description: The auth() helper retrieves the authentication state allowing you to protect your API routes or gather relevant data.
 sdk: tanstack-react-start
 ---
 
-The `getAuth()` helper retrieves authentication state from the request object.
+The `auth()` helper returns the [`Auth`](/docs/reference/backend/types/auth-object){{ target: '_blank' }} object of the currently active user.
 
 ## Parameters
 
 <Properties>
-  - `request`
-
-  The request object.
-
-  ---
-
   - `opts?`
   - `{acceptsToken: TokenType, treatPendingAsSignedOut: boolean }`
 
-  An optional object that can be used to configure the behavior of the `getAuth()` function. It accepts the following properties:
+  An optional object that can be used to configure the behavior of the `auth()` function. It accepts the following properties:
 
   <Include src="_partials/machine-auth/accepts-token-explanation" />
 
@@ -27,7 +21,7 @@ The `getAuth()` helper retrieves authentication state from the request object.
 
 ## Returns
 
-`getAuth()` returns the [`Auth`](/docs/reference/backend/types/auth-object){{ target: '_blank' }} object.
+`auth()` returns the [`Auth`](/docs/reference/backend/types/auth-object){{ target: '_blank' }} object.
 
 ## Usage
 

@@ -0,0 +1,26 @@
+---
+title: '`clerkMiddleware()`'
+description: The `clerkMiddleware()` helper integrates Clerk authentication into your TanStack Start application through middleware.
+sdk: tanstack-react-start
+---
+
+The `clerkMiddleware()` helper integrates Clerk authentication into your TanStack Start application through middleware.
+
+## Configure `clerkMiddleware()`
+
+Create a `src/start.ts` file and add `clerkMiddleware()` to the `requestMiddleware` array.
+
+```tsx {{ filename: 'src/start.ts' }}
+import { clerkMiddleware } from '@clerk/tanstack-react-start/server'
+import { createStart } from '@tanstack/react-start'
+
+export const startInstance = createStart(() => {
+  return {
+    requestMiddleware: [clerkMiddleware()],
+  }
+})
+```
+
+## `clerkMiddleware()` options
+
+<Include src="_partials/clerk-middleware-options" />
@@ -16,8 +16,8 @@ Because the Tanstack React Start SDK is built on top of the React SDK, you can u
 
 The following references show how to integrate Clerk features into applications using TanStack React Start server functions and API routes.
 
-- [`getAuth()`](/docs/reference/tanstack-react-start/get-auth)
+- [`auth()`](/docs/reference/tanstack-react-start/auth)
 
 ### `Auth` object
 
-The `getAuth()` returns an `Auth` object. This JavaScript object contains important information like session data, your user's ID, as well as their organization ID. Learn more about the `Auth` object [here](/docs/reference/backend/types/auth-object).
+The `auth()` returns an `Auth` object. This JavaScript object contains important information like session data, your user's ID, as well as their organization ID. Learn more about the `Auth` object [here](/docs/reference/backend/types/auth-object).
@@ -3769,6 +3769,16 @@
     "destination": "/docs/guides/development/verifying-oauth-access-tokens",
     "permanent": true
   },
+  {
+    "source": "/docs/reference/tanstack-react-start/getAuth",
+    "destination": "/docs/reference/tanstack-react-start/auth",
+    "permanent": true
+  },
+  {
+    "source": "/docs/reference/tanstack-react-start/create-clerk-handler",
+    "destination": "/docs/reference/tanstack-react-start/clerk-middleware",
+    "permanent": true
+  },
   {
     "source": "/docs/reference/vue/migrating-from-vue-community-sdk",
     "destination": "/docs/guides/development/migrating/vue-community-sdk",