authenticateRequest()
Authenticates a token passed from the frontend. Networkless if the secretKey
or jwtKey
are provided. Otherwise, performs a network call to retrieve the JWKS from Clerk's Backend API.
const authStatus = await clerkClient.authenticateRequest();
AuthenticateRequestParams
Name | Type | Description |
---|---|---|
request | Request | req object |
secretKey? | string | The Clerk secret key from the API Keys(opens in a new tab) page in the Clerk Dashboard. |
publishableKey? | string | The Clerk publishable key from the API Keys(opens in a new tab) page in the Clerk Dashboard. |
domain? | string | The domain for the application. For development, you can pass the localhost your application is running on. For example: localhost:3001 |
isSatellite? | boolean | Set to true if the instance is a satellite domain in a multi-domain setup. |
proxyUrl? | string | The proxy URL from a multi-domain setup. |
signInUrl? | string | The sign-in URL from a multi-domain setup. |
jwtKey? | string | The PEM public key from the API Keys(opens in a new tab) page -> Advanced -> JWT public key section of the Clerk Dashboard. |
audience? | string | string[] | A string of list of audiences. |
frontendApi? | string | The Clerk publishable key (deprecated in favor of publishableKey ) |
apiKey? | string | The Clerk API key (deprecated in favor of secretKey ) |
Examples
authenticateRequest({ req })
Takes the token passed by the frontend as a Bearer token in the Authorization header, and performs a networkless authenication. This will verify if the user is logged into the application or not.
import { clerkClient } from '@clerk/nextjs' import { NextRequest, NextResponse } from 'next/server' export async function GET(req: NextRequest) { const { isSignedIn } = await clerkClient.authenticateRequest({ request: req }) if ( !isSignedIn ) { return NextResponse.json({ status: 401 }) } // Perform protected actions return NextResponse.json({ message: "This is a reply" }, status: { 200 })