Clerk Setup (Authentication)

NextGenKit uses Clerk v7 for authentication, organizations, and RBAC.

1. Create a Clerk Application

1. Go to dashboard.clerk.com
2. Create a new application
3. Enable the sign-in methods you want (email, Google, GitHub, etc.)
4. Copy your Publishable Key and Secret Key to .env.local

2. Enable Organizations

1. In Clerk Dashboard → Organizations → Enable
2. Configure roles (admin, member) under Organization Settings

3. Set Up Webhooks

1. Go to Webhooks in Clerk Dashboard
2. Add endpoint: https://your-domain.com/api/webhooks/clerk
3. Subscribe to events: user.created, user.updated, organization.created, organizationMembership.created
4. Copy the Signing Secret to CLERK_WEBHOOK_SIGNING_SECRET

4. Local Development

For local webhook testing, use a tunnel like ngrok:

ngrok http 3000

Then use the ngrok URL as your webhook endpoint in Clerk.

Key Conventions

• Clerk v7 uses <Show when="signed-in"> instead of <SignedIn>
• Auth guards live in lib/auth.ts — requireUser(), requireOrg(), requireRole()
• Middleware is in proxy.ts (Next.js 16 convention)