Clerk Backend API: The Clerk REST Backend API, meant to be accessed by backend servers.
When the API changes in a way that isn't compatible with older versions, a new version is released.
Each version is identified by its release date, e.g. 2021-02-05
. For more information, please see Clerk API Versions.
Please see https://clerk.com/docs for more information.
More information about the API can be found at https://clerk.com/docs
- SDK Installation
- SDK Example Usage
- Authentication
- Request Authentication
- Available Resources and Operations
- Error Handling
- Server Selection
- Development
To add the NuGet package to a .NET project:
dotnet add package Clerk.BackendAPI
To add a reference to a local instance of the SDK in a .NET project:
dotnet add reference src/Clerk/BackendAPI/Clerk.BackendAPI.csproj
using Clerk.BackendAPI;
using Clerk.BackendAPI.Models.Operations;
using Clerk.BackendAPI.Models.Components;
var sdk = new ClerkBackendApi(bearerAuth: "<YOUR_BEARER_TOKEN_HERE>");
var res = await sdk.EmailAddresses.GetAsync(emailAddressId: "email_address_id_example");
// handle response
This SDK supports the following security scheme globally:
Name | Type | Scheme |
---|---|---|
BearerAuth |
http | HTTP Bearer |
To authenticate with the API the BearerAuth
parameter must be set when initializing the SDK client instance. For example:
using Clerk.BackendAPI;
using Clerk.BackendAPI.Models.Operations;
using Clerk.BackendAPI.Models.Components;
var sdk = new ClerkBackendApi(bearerAuth: "<YOUR_BEARER_TOKEN_HERE>");
var res = await sdk.Miscellaneous.GetPublicInterstitialAsync(
frontendApi: "frontend-api_1a2b3c4d",
publishableKey: "pub_1a2b3c4d"
);
// handle response
Use the AuthenticateRequestAsync method to authenticate a request from your app's frontend (when using a Clerk frontend SDK) to Clerk's Backend API. For example the following utility function checks if the user is effectively signed in:
using Clerk.BackendAPI.Helpers.Jwks;
using System;
using System.Net.Http;
using System.Threading.Tasks;
public class UserAuthentication
{
public static async Task<bool> IsSignedInAsync(HttpRequestMessage request)
{
var options = new AuthenticateRequestOptions(
secretKey: Environment.GetEnvironmentVariable("CLERK_SECRET_KEY"),
authorizedParties: new string[] { "https://example.com" }
);
var requestState = await AuthenticateRequest.AuthenticateRequestAsync(request, options);
return requestState.isSignedIn();
}
}
If the request is correctly authenticated, the token's claims are made available in requestState.Claims
. Otherwise the reason for the token verification failure is given by requestState.ErrorReason
.
Available methods
- DeleteIdentifier - Delete identifier from block-list
- ListBlocklistIdentifiers - List all identifiers on the block-list
- List - List all identifiers on the allow-list
- Create - Add identifier to the allow-list
- Delete - Delete identifier from allow-list
- UpdateInstanceSettings - Update instance settings
UpdateDomain- Update production instance domain⚠️ Deprecated- ChangeProductionInstanceDomain - Update production instance domain
- Create - Add identifier to the block-list
- List - List all instance domains
- Add - Add a domain
- Delete - Delete a satellite domain
- Update - Update a domain
- Create - Create an email address
- Get - Retrieve an email address
- Delete - Delete an email address
- Update - Update an email address
Upsert- Update a template for a given type and slug⚠️ DeprecatedRevert- Revert a template⚠️ DeprecatedPreview- Preview changes to a template⚠️ Deprecated
List- List all templates⚠️ DeprecatedGet- Retrieve a template⚠️ DeprecatedToggleDelivery- Toggle the delivery by Clerk for a template of a given type and slug⚠️ Deprecated
- Update - Update instance settings
- UpdateRestrictions - Update instance restrictions
- UpdateOrganization - Update instance organization settings
- Get - Retrieve the JSON Web Key Set of the instance
- List - List all templates
- Create - Create a JWT template
- Get - Retrieve a template
- Update - Update a JWT template
- Delete - Delete a Template
- GetPublicInterstitial - Returns the markup for the interstitial page
- List - Get a list of OAuth applications for an instance
- Create - Create an OAuth application
- Get - Retrieve an OAuth application by ID
- Update - Update an OAuth application
- Delete - Delete an OAuth application
- RotateSecret - Rotate the client secret of the given OAuth application
- Update - Update an organization domain.
- Create - Create a new organization domain.
- List - Get a list of all domains of an organization.
- Delete - Remove a domain from an organization.
- ListForInstance - Get a list of organization invitations for the current instance
- Create - Create and send an organization invitation
- List - Get a list of organization invitations
- CreateBulk - Bulk create and send organization invitations
ListPending- Get a list of pending organization invitations⚠️ Deprecated- Get - Retrieve an organization invitation by ID
- Revoke - Revoke a pending organization invitation
- Create - Create a new organization membership
- List - Get a list of all members of an organization
- Update - Update an organization membership
- Delete - Remove a member from an organization
- UpdateMetadata - Merge and update organization membership metadata
- ListForInstance - Get a list of all organization memberships within an instance.
- List - Get a list of organizations for an instance
- Create - Create an organization
- Get - Retrieve an organization by ID or slug
- Update - Update an organization
- Delete - Delete an organization
- MergeMetadata - Merge and update metadata for an organization
- UploadLogo - Upload a logo for the organization
- DeleteLogo - Delete the organization's logo.
- Create - Create a phone number
- Get - Retrieve a phone number
- Delete - Delete a phone number
- Update - Update a phone number
- Verify - Verify the proxy configuration for your domain
- List - List all redirect URLs
- Create - Create a redirect URL
- Get - Retrieve a redirect URL
- Delete - Delete a redirect URL
- List - Get a list of SAML Connections for an instance
- Create - Create a SAML Connection
- Get - Retrieve a SAML Connection by ID
- Update - Update a SAML Connection
- Delete - Delete a SAML Connection
- List - List all sessions
- Get - Retrieve a session
- Revoke - Revoke a session
Verify- Verify a session⚠️ Deprecated- CreateToken - Create a session token from a jwt template
- Update - Update a sign-up
- Create - Retrieve a new testing token
- List - List all users
- Create - Create a new user
- Count - Count users
- Get - Retrieve a user
- Update - Update a user
- Delete - Delete a user
- Ban - Ban a user
- Unban - Unban a user
- Lock - Lock a user
- Unlock - Unlock a user
- SetProfileImage - Set user profile image
- DeleteProfileImage - Delete user profile image
- UpdateMetadata - Merge and update a user's metadata
- GetOAuthAccessToken - Retrieve the OAuth access token of a user
- GetOrganizationMemberships - Retrieve all memberships for a user
- GetOrganizationInvitations - Retrieve all invitations for a user
- VerifyPassword - Verify the password of a user
- VerifyTotp - Verify a TOTP or backup code for a user
- DisableMfa - Disable a user's MFA methods
- DeleteBackupCode - Disable all user's Backup codes
- DeletePasskey - Delete a user passkey
- CreateTotp - Create a TOTP for a user
- DeleteTOTP - Delete all the user's TOTPs
- DeleteExternalAccount - Delete External Account
- Delete - Delete a user web3 wallet
- CreateSvixApp - Create a Svix app
- DeleteSvixApp - Delete a Svix app
- GenerateSvixAuthURL - Create a Svix Dashboard URL
Handling errors in this SDK should largely match your expectations. All operations return a response object or throw an exception.
By default, an API error will raise a Clerk.BackendAPI.Models.Errors.SDKError
exception, which has the following properties:
Property | Type | Description |
---|---|---|
Message |
string | The error message |
Request |
HttpRequestMessage | The HTTP request |
Response |
HttpResponseMessage | The HTTP response |
When custom error responses are specified for an operation, the SDK may also throw their associated exceptions. You can refer to respective Errors tables in SDK docs for more details on possible exception types for each operation. For example, the VerifyAsync
method throws the following exceptions:
Error Type | Status Code | Content Type |
---|---|---|
Clerk.BackendAPI.Models.Errors.ClerkErrors | 400, 401, 404 | application/json |
Clerk.BackendAPI.Models.Errors.SDKError | 4XX, 5XX | */* |
using Clerk.BackendAPI;
using Clerk.BackendAPI.Models.Operations;
using Clerk.BackendAPI.Models.Components;
using System;
using Clerk.BackendAPI.Models.Errors;
var sdk = new ClerkBackendApi(bearerAuth: "<YOUR_BEARER_TOKEN_HERE>");
try
{
VerifyClientRequestBody req = new VerifyClientRequestBody() {
Token = "jwt_token_example",
};
var res = await sdk.Clients.VerifyAsync(req);
// handle response
}
catch (Exception ex)
{
if (ex is ClerkErrors)
{
// Handle exception data
throw;
}
else if (ex is Clerk.BackendAPI.Models.Errors.SDKError)
{
// Handle default exception
throw;
}
}
The default server can also be overridden globally by passing a URL to the serverUrl: string
optional parameter when initializing the SDK client instance. For example:
using Clerk.BackendAPI;
using Clerk.BackendAPI.Models.Operations;
using Clerk.BackendAPI.Models.Components;
var sdk = new ClerkBackendApi(serverUrl: "https://api.clerk.com/v1");
var res = await sdk.Miscellaneous.GetPublicInterstitialAsync(
frontendApi: "frontend-api_1a2b3c4d",
publishableKey: "pub_1a2b3c4d"
);
// handle response
This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.
While we value open-source contributions to this SDK, this library is generated programmatically. Any manual changes added to internal files will be overwritten on the next generation. We look forward to hearing your feedback. Feel free to open a PR or an issue with a proof of concept and we'll do our best to include it in a future release.