Query structured spec data via REST or MCP. Get exactly what your agent needs.
https://api.clerk.com/v1
/actor_tokens
Create an actor token that can be used to impersonate the given user.
The actor parameter needs to include at least a “sub” key whose value is the ID of the actor (impersonating) user.
application/json
ActorTokensCreateTokenRequest
| Property | Type | Required |
|---|---|---|
| actor | object | required |
| user_id | string | required |
| expires_in_seconds | integer | optional |
| session_max_duration_in_seconds | integer | optional |
Success
Request was not successful
Payment required
Invalid request parameters
POST /actor_tokens
/actor_tokens/{actor_token_id}/revoke
Revokes a pending actor token.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| actor_token_id | path | required | string | The ID of the actor token to be revoked. |
Success
Request was not successful
Resource not found
POST /actor_tokens/{actor_token_id}/revoke
/allowlist_identifiers
Get a list of all identifiers allowed to sign up to an instance
Success
Authentication invalid
Payment required
GET /allowlist_identifiers
/allowlist_identifiers
Create an identifier allowed to sign up to an instance
application/json
AllowlistBlocklistAddIdentifierToAllowListRequest
| Property | Type | Required |
|---|---|---|
| notify | boolean | optional |
| identifier | string | required |
Success
Request was not successful
Payment required
Invalid request parameters
POST /allowlist_identifiers
/allowlist_identifiers/{identifier_id}
Delete an identifier from the instance allow-list
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| identifier_id | path | required | string | The ID of the identifier to delete from the allow-list |
Deleted Object
Payment required
Resource not found
DELETE /allowlist_identifiers/{identifier_id}
/blocklist_identifiers
Get a list of all identifiers which are not allowed to access an instance
Success
Authentication invalid
Payment required
GET /blocklist_identifiers
/blocklist_identifiers
Create an identifier that is blocked from accessing an instance
application/json
AllowlistBlocklistAddIdentifierRequest
| Property | Type | Required |
|---|---|---|
| identifier | string | required |
Success
Request was not successful
Payment required
Invalid request parameters
POST /blocklist_identifiers
/blocklist_identifiers/{identifier_id}
Delete an identifier from the instance block-list
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| identifier_id | path | required | string | The ID of the identifier to delete from the block-list |
Deleted Object
Payment required
Resource not found
DELETE /blocklist_identifiers/{identifier_id}
/beta_features/instance_settings
Updates the settings of an instance
application/json
BetaFeaturesUpdateInstanceSettingsRequest
| Property | Type | Required |
|---|---|---|
| test_mode | boolean | optional |
| from_email_address | string | optional |
| progressive_sign_up | boolean | optional |
| session_token_template | string | optional |
| restricted_to_allowlist | boolean | optional |
| enhanced_email_deliverability | boolean | optional |
InstanceSettings Server API
Payment required
Invalid request parameters
PATCH /beta_features/instance_settings
/instance/change_domain
Change the domain of a production instance.
Changing the domain requires updating the DNS records accordingly, deploying new SSL certificates, updating your Social Connection’s redirect URLs and setting the new keys in your code.
WARNING: Changing your domain will invalidate all current user sessions (i.e. users will be logged out). Also, while your application is being deployed, a small downtime is expected to occur.
application/json
BetaFeaturesUpdateInstanceDomainRequest
| Property | Type | Required |
|---|---|---|
| home_url | string | optional |
Accepted
Request was not successful
Request was not successful
POST /instance/change_domain
/clients/verify
Verifies the client in the provided token
Parameters.
application/json
ClientsVerifyClientTokenRequest
| Property | Type | Required |
|---|---|---|
| token | string | optional |
Success
Request was not successful
Authentication invalid
Resource not found
POST /clients/verify
/clients/{client_id}
Returns the details of a client.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| client_id | path | required | string | Client ID. |
Success
Request was not successful
Authentication invalid
Resource not found
GET /clients/{client_id}
/domains
Use this endpoint to get a list of all domains for an instance.
The response will contain the primary domain for the instance and any satellite domains. Each domain in the response contains information about the URLs where Clerk operates and the required CNAME targets.
A list of domains
GET /domains
/domains
Add a new domain for your instance.
Useful in the case of multi-domain instances, allows adding satellite domains to an instance.
The new domain must have a name. The domain name can contain the port for development instances, like localhost:3000.
At the moment, instances can have only one primary domain, so the is_satellite parameter must be set to true.
If you’re planning to configure the new satellite domain to run behind a proxy, pass the proxy_url parameter accordingly.
application/json
DomainsAddSatelliteDomainRequest
| Property | Type | Required |
|---|---|---|
| name | string | required |
| proxy_url | string | optional |
| is_satellite | boolean | required |
A domain
Request was not successful
Request was not successful
Invalid request parameters
POST /domains
/domains/{domain_id}
Deletes a satellite domain for the instance.
It is currently not possible to delete the instance’s primary domain.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| domain_id | path | required | string | The ID of the domain that will be deleted. Must be a satellite domain. |
Deleted Object
Request was not successful
Resource not found
DELETE /domains/{domain_id}
/domains/{domain_id}
The proxy_url can be updated only for production instances.
Update one of the instance’s domains. Both primary and satellite domains can be updated.
If you choose to use Clerk via proxy, use this endpoint to specify the proxy_url.
Whenever you decide you’d rather switch to DNS setup for Clerk, simply set proxy_url
to null for the domain. When you update a production instance’s primary domain name,
you have to make sure that you’ve completed all the necessary setup steps for DNS and
emails to work. Expect downtime otherwise. Updating a primary domain’s name will also
update the instance’s home origin, affecting the default application paths.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| domain_id | path | required | string | The ID of the domain that will be updated. |
application/json
DomainsUpdateDomainRequest
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| proxy_url | string | optional |
A domain
Request was not successful
Resource not found
Invalid request parameters
PATCH /domains/{domain_id}
/templates/{template_type}
Returns a list of all templates.
The templates are returned sorted by position.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of templates to list (email or SMS) |
Success
Request was not successful
Authentication invalid
Invalid request parameters
GET /templates/{template_type}
/templates/{template_type}/{slug}
Returns the details of a template
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of templates to retrieve (email or SMS) |
| slug | path | required | string | The slug (i.e. machine-friendly name) of the template to retrieve |
Success
Request was not successful
Authentication invalid
Resource not found
GET /templates/{template_type}/{slug}
/templates/{template_type}/{slug}
Updates the existing template of the given type and slug
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of template to update |
| slug | path | required | string | The slug of the template to update |
application/json
EmailSmsTemplatesUpdateTemplateByTypeAndSlugRequest
| Property | Type | Required |
|---|---|---|
| body | string | optional |
| name | string | optional |
| markup | string | optional |
| subject | string | optional |
| from_email_name | string | optional |
| delivered_by_clerk | boolean | optional |
Success
Request was not successful
Authentication invalid
Payment required
Resource not found
Invalid request parameters
PUT /templates/{template_type}/{slug}
/templates/{template_type}/{slug}/preview
Returns a preview of a template for a given template_type, slug and body
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of template to preview |
| slug | path | required | string | The slug of the template to preview |
Required parameters
application/json
EmailSmsTemplatesPreviewTemplateRequest
| Property | Type | Required |
|---|---|---|
| body | string | optional |
| subject | string | optional |
| from_email_name | string | optional |
OK
Request was not successful
Authentication invalid
Resource not found
Invalid request parameters
POST /templates/{template_type}/{slug}/preview
/templates/{template_type}/{slug}/revert
Reverts an updated template to its default state
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of template to revert |
| slug | path | required | string | The slug of the template to revert |
Success
Request was not successful
Authentication invalid
Payment required
Resource not found
POST /templates/{template_type}/{slug}/revert
/templates/{template_type}/{slug}/toggle_delivery
Toggles the delivery by Clerk for a template of a given type and slug.
If disabled, Clerk will not deliver the resulting email or SMS.
The app developer will need to listen to the email.created or sms.created webhooks in order to handle delivery themselves.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_type | path | required | string | The type of template to toggle delivery for |
| slug | path | required | string | The slug of the template for which to toggle delivery |
application/json
EmailSmsTemplatesToggleDeliveryByTypeAndSlugRequest
| Property | Type | Required |
|---|---|---|
| delivered_by_clerk | boolean | optional |
Success
Request was not successful
Authentication invalid
Resource not found
POST /templates/{template_type}/{slug}/toggle_delivery
/email_addresses
Create a new email address
application/json
EmailAddressesCreateNewAddressRequest
| Property | Type | Required |
|---|---|---|
| primary | boolean | optional |
| user_id | string | optional |
| verified | boolean | optional |
| email_address | string | optional |
Success
Request was not successful
Authentication invalid
Authorization invalid
Resource not found
Invalid request parameters
POST /email_addresses
/email_addresses/{email_address_id}
Delete the email address with the given ID
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| email_address_id | path | required | string | The ID of the email address to delete |
Deleted Object
Request was not successful
Authentication invalid
Authorization invalid
Resource not found
DELETE /email_addresses/{email_address_id}
/email_addresses/{email_address_id}
Returns the details of an email address.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| email_address_id | path | required | string | The ID of the email address to retrieve |
Success
Request was not successful
Authentication invalid
Authorization invalid
Resource not found
GET /email_addresses/{email_address_id}
/email_addresses/{email_address_id}
Updates an email address.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| email_address_id | path | required | string | The ID of the email address to update |
application/json
EmailAddressesUpdateAddressRequest
| Property | Type | Required |
|---|---|---|
| primary | boolean | optional |
| verified | boolean | optional |
Success
Request was not successful
Authentication invalid
Authorization invalid
Resource not found
PATCH /email_addresses/{email_address_id}
/instance
Updates the settings of an instance
application/json
InstanceSettingsUpdateInstanceSettingsRequest
| Property | Type | Required |
|---|---|---|
| hibp | boolean | optional |
| test_mode | boolean | optional |
| support_email | string | optional |
| cookieless_dev | boolean | optional |
| allowed_origins | array | optional |
| clerk_js_version | string | optional |
| development_origin | string | optional |
| url_based_session_syncing | boolean | optional |
| enhanced_email_deliverability | boolean | optional |
Accepted
Invalid request parameters
PATCH /instance
/instance/organization_settings
Updates the organization settings of the instance
application/json
InstanceSettingsUpdateOrganizationSettingsRequest
| Property | Type | Required |
|---|---|---|
| enabled | boolean | optional |
| creator_role_id | string | optional |
| domains_enabled | boolean | optional |
| admin_delete_enabled | boolean | optional |
| domains_default_role_id | string | optional |
| max_allowed_memberships | integer | optional |
| domains_enrollment_modes | array | optional |
Success
Payment required
Resource not found
Invalid request parameters
PATCH /instance/organization_settings
/instance/restrictions
Updates the restriction settings of an instance
application/json
InstanceSettingsUpdateRestrictionsRequest
| Property | Type | Required |
|---|---|---|
| allowlist | boolean | optional |
| blocklist | boolean | optional |
| block_email_subaddresses | boolean | optional |
| block_disposable_email_domains | boolean | optional |
Success
Payment required
PATCH /instance/restrictions
/invitations
Returns all non-revoked invitations for your application, sorted by creation date
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| limit | query | optional | number | Applies a limit to the number of results returned. |
| offset | query | optional | number | Skip the first |
| status | query | optional | string | Filter invitations based on their status |
List of invitations
GET /invitations
/invitations
Creates a new invitation for the given email address and sends the invitation email.
Keep in mind that you cannot create an invitation if there is already one for the given email address.
Also, trying to create an invitation for an email address that already exists in your application will result to an error.
Required parameters
application/json
InvitationsCreateNewInvitationRequest
| Property | Type | Required |
|---|---|---|
| notify | boolean | optional |
| redirect_url | string | optional |
| email_address | string | required |
| ignore_existing | boolean | optional |
| public_metadata | object | optional |
Success
Request was not successful
Invalid request parameters
POST /invitations
/invitations/{invitation_id}/revoke
Revokes the given invitation.
Revoking an invitation will prevent the user from using the invitation link that was sent to them.
However, it doesn’t prevent the user from signing up if they follow the sign up flow.
Only active (i.e. non-revoked) invitations can be revoked.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| invitation_id | path | required | string | The ID of the invitation to be revoked |
Success
Request was not successful
Resource not found
POST /invitations/{invitation_id}/revoke
/jwks
Retrieve the JSON Web Key Set of the instance
The JSON Web Key Set
GET /jwks
/jwt_templates
List of JWT templates
GET /jwt_templates
/jwt_templates
Create a new JWT template
application/json
JwtTemplatesCreateTemplateRequest
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| claims | object | optional |
| lifetime | number | optional |
| signing_key | string | optional |
| signing_algorithm | string | optional |
| allowed_clock_skew | number | optional |
| custom_signing_key | boolean | optional |
Success
Request was not successful
Payment required
Invalid request parameters
POST /jwt_templates
/jwt_templates/{template_id}
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_id | path | required | string | JWT Template ID |
Deleted Object
Authorization invalid
Resource not found
DELETE /jwt_templates/{template_id}
/jwt_templates/{template_id}
Retrieve the details of a given JWT template
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_id | path | required | string | JWT Template ID |
Success
Resource not found
GET /jwt_templates/{template_id}
/jwt_templates/{template_id}
Updates an existing JWT template
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| template_id | path | required | string | The ID of the JWT template to update |
application/json
JwtTemplatesUpdateTemplateByIdRequest
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| claims | object | optional |
| lifetime | number | optional |
| signing_key | string | optional |
| signing_algorithm | string | optional |
| allowed_clock_skew | number | optional |
| custom_signing_key | boolean | optional |
Success
Request was not successful
Payment required
Invalid request parameters
PATCH /jwt_templates/{template_id}
/public/interstitial
The Clerk interstitial endpoint serves an html page that loads clerk.js in order to check the user’s authentication state.
It is used by Clerk SDKs when the user’s authentication state cannot be immediately determined.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| frontendApi | query | optional | string | The Frontend API key of your instance |
| publishable_key | query | optional | string | The publishable key of your instance |
The interstitial page markup
A required query parameter is missing
An infinite redirect loop was detected
GET /public/interstitial
/oauth_applications
This request returns the list of OAuth applications for an instance.
Results can be paginated using the optional limit and offset query parameters.
The OAuth applications are ordered by descending creation date.
Most recent OAuth applications will be returned first.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| limit | query | optional | number | Applies a limit to the number of results returned. |
| offset | query | optional | number | Skip the first |
A list of OAuth applications
Request was not successful
Authorization invalid
Invalid request parameters
GET /oauth_applications
/oauth_applications
Creates a new OAuth application with the given name and callback URL for an instance.
The callback URL must be a valid url.
All URL schemes are allowed such as http://, https://, myapp://, etc…
application/json
OAuthApplicationsCreateNewApplicationRequest
| Property | Type | Required |
|---|---|---|
| name | string | required |
| public | boolean | optional |
| scopes | string | optional |
| callback_url | string | required |
An OAuth application with client secret
Request was not successful
Authorization invalid
Invalid request parameters
POST /oauth_applications
/oauth_applications/{oauth_application_id}
Deletes the given OAuth application.
This is not reversible.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| oauth_application_id | path | required | string | The ID of the OAuth application to delete |
Deleted Object
Authorization invalid
Resource not found
DELETE /oauth_applications/{oauth_application_id}
/oauth_applications/{oauth_application_id}
Fetches the OAuth application whose ID matches the provided id in the path.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| oauth_application_id | path | required | string | The ID of the OAuth application |
An OAuth application
Authorization invalid
Resource not found
GET /oauth_applications/{oauth_application_id}
/oauth_applications/{oauth_application_id}
Updates an existing OAuth application
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| oauth_application_id | path | required | string | The ID of the OAuth application to update |
application/json
OAuthApplicationsUpdateApplicationRequest
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| scopes | string | optional |
| callback_url | string | optional |
An OAuth application
Authorization invalid
Resource not found
Invalid request parameters
PATCH /oauth_applications/{oauth_application_id}
/oauth_applications/{oauth_application_id}/rotate_secret
Rotates the OAuth application’s client secret.
When the client secret is rotated, make sure to update it in authorized OAuth clients.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| oauth_application_id | path | required | string | The ID of the OAuth application for which to rotate the client secret |
An OAuth application with client secret
Authorization invalid
Resource not found
POST /oauth_applications/{oauth_application_id}/rotate_secret
/organizations/{organization_id}/invitations
This request returns the list of organization invitations.
Results can be paginated using the optional limit and offset query parameters.
You can filter them by providing the ‘status’ query parameter, that accepts multiple values.
The organization invitations are ordered by descending creation date.
Most recent invitations will be returned first.
Any invitations created as a result of an Organization Domain are not included in the results.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| organization_id | path | required | string | The organization ID. |
| limit | query | optional | number | Applies a limit to the number of results returned. |
| offset | query | optional | number | Skip the first |
| status | query | optional | string | Filter organization invitations based on their status |
A list of organization invitations
Request was not successful
Resource not found
GET /organizations/{organization_id}/invitations
/organizations/{organization_id}/invitations
Creates a new organization invitation and sends an email to the provided email_address with a link to accept the invitation and join the organization.
You can specify the role for the invited organization member.
New organization invitations get a “pending” status until they are revoked by an organization administrator or accepted by the invitee.
The request body supports passing an optional redirect_url parameter.
When the invited user clicks the link to accept the invitation, they will be redirected to the URL provided.
Use this parameter to implement a custom invitation acceptance flow.
You must specify the ID of the user that will send the invitation with the inviter_user_id parameter.
That user must be a member with administrator privileges in the organization.
Only “admin” members can create organization invitations.
You can optionally provide public and private metadata for the organization invitation.
The public metadata are visible by both the Frontend and the Backend whereas the private ones only by the Backend.
When the organization invitation is accepted, the metadata will be transferred to the newly created organization membership.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| organization_id | path | required | string | The ID of the organization for which to send the invitation |
application/json
OrganizationInvitationsCreateAndSendRequest
| Property | Type | Required |
|---|---|---|
| role | string | required |
| redirect_url | string | optional |
| email_address | string | required |
| inviter_user_id | string | required |
| public_metadata | object | optional |
| private_metadata | object | optional |
An organization invitation
Request was not successful
Authorization invalid
Resource not found
Invalid request parameters
POST /organizations/{organization_id}/invitations
/organizations/{organization_id}/invitations/bulk
Creates new organization invitations in bulk and sends out emails to the provided email addresses with a link to accept the invitation and join the organization.
You can specify a different role for each invited organization member.
New organization invitations get a “pending” status until they are revoked by an organization administrator or accepted by the invitee.
The request body supports passing an optional redirect_url parameter for each invitation.
When the invited user clicks the link to accept the invitation, they will be redirected to the provided URL.
Use this parameter to implement a custom invitation acceptance flow.
You must specify the ID of the user that will send the invitation with the inviter_user_id parameter. Each invitation
can have a different inviter user.
Inviter users must be members with administrator privileges in the organization.
Only “admin” members can create organization invitations.
You can optionally provide public and private metadata for each organization invitation. The public metadata are visible
by both the Frontend and the Backend, whereas the private metadata are only visible by the Backend.
When the organization invitation is accepted, the metadata will be transferred to the newly created organization membership.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| organization_id | path | required | string | The organization ID. |
application/json
OrganizationInvitationsBulkCreateAndSendRequest
of object
| Property | Type | Required |
|---|---|---|
| role | string | required |
| redirect_url | string | optional |
| email_address | string | required |
| inviter_user_id | string | required |
| public_metadata | object | optional |
| private_metadata | object | optional |
A list of organization invitations
Request was not successful
Authorization invalid
Resource not found
Invalid request parameters
POST /organizations/{organization_id}/invitations/bulk
/organizations/{organization_id}/invitations/{invitation_id}
Use this request to get an existing organization invitation by ID.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| organization_id | path | required | string | The organization ID. |
| invitation_id | path | required | string | The organization invitation ID. |
An organization invitation
Request was not successful
Authorization invalid
Resource not found
GET /organizations/{organization_id}/invitations/{invitation_id}
/organizations/{organization_id}/invitations/{invitation_id}/revoke
Use this request to revoke a previously issued organization invitation.
Revoking an organization invitation makes it invalid; the invited user will no longer be able to join the organization with the revoked invitation.
Only organization invitations with “pending” status can be revoked.
The request needs the requesting_user_id parameter to specify the user which revokes the invitation.
Only users with “admin” role can revoke invitations.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| organization_id | path | required | string | The organization ID. |
| invitation_id | path | required | string | The organization invitation ID. |
application/json
OrganizationInvitationsRevokeInvitationRequest
| Property | Type | Required |
|---|---|---|
| requesting_user_id | string | required |
An organization invitation
Request was not successful
Authorization invalid
Resource not found
POST /organizations/{organization_id}/invitations/{invitation_id}/revoke
ActorToken
{
"type": "object",
"required": [
"object",
"id",
"user_id",
"actor",
"status",
"created_at",
"updated_at"
],
"properties": {
"id": {
"type": "string"
},
"url": {
"type": "string",
"nullable": true
},
"actor": {
"type": "object"
},
"token": {
"type": "string",
"nullable": true
},
"object": {
"enum": [
"actor_token"
],
"type": "string"
},
"status": {
"enum": [
"pending",
"accepted",
"revoked"
],
"type": "string"
},
"user_id": {
"type": "string"
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
}
}
}
ActorTokensCreateTokenRequest
{
"type": "object",
"required": [
"user_id",
"actor"
],
"properties": {
"actor": {
"type": "object",
"example": {
"sub": "user_2OEpKhcCN1Lat9NQ0G6puh7q5Rb"
},
"description": "The actor payload. It needs to include a sub property which should contain the ID of the actor.\nThis whole payload will be also included in the JWT session token."
},
"user_id": {
"type": "string",
"description": "The ID of the user that can use the newly created sign in token."
},
"expires_in_seconds": {
"type": "integer",
"default": 3600,
"description": "Optional parameter to specify the life duration of the actor token in seconds.\nBy default, the duration is 1 hour."
},
"session_max_duration_in_seconds": {
"type": "integer",
"default": 1800,
"description": "The maximum duration that the session which will be created by the generated actor token should last.\nBy default, the duration of a session created via an actor token, lasts 30 minutes."
}
}
}
Admin
{
"type": "object",
"required": [
"status",
"strategy"
],
"properties": {
"status": {
"enum": [
"verified"
],
"type": "string"
},
"attempts": {
"type": "integer",
"nullable": true
},
"strategy": {
"enum": [
"admin"
],
"type": "string"
},
"expire_at": {
"type": "integer",
"nullable": true
}
}
}
AllowlistBlocklistAddIdentifierRequest
{
"type": "object",
"required": [
"identifier"
],
"properties": {
"identifier": {
"type": "string",
"description": "The identifier to be added in the block-list.\nThis can be an email address, a phone number or a web3 wallet."
}
}
}
AllowlistBlocklistAddIdentifierToAllowListRequest
{
"type": "object",
"required": [
"identifier"
],
"properties": {
"notify": {
"type": "boolean",
"default": false,
"description": "This flag denotes whether the given identifier will receive an invitation to join the application.\nNote that this only works for email address and phone number identifiers."
},
"identifier": {
"type": "string",
"description": "The identifier to be added in the allow-list.\nThis can be an email address, a phone number or a web3 wallet."
}
}
}
AllowlistBlocklistListAllowedIdentifiersResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AllowlistIdentifier"
}
}
AllowlistIdentifier
{
"type": "object",
"properties": {
"id": {
"type": "string"
},
"object": {
"enum": [
"allowlist_identifier"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value.\n"
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation\n"
},
"identifier": {
"type": "string",
"description": "An email address or a phone number.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"instance_id": {
"type": "string"
},
"invitation_id": {
"type": "string"
},
"identifier_type": {
"enum": [
"email_address",
"phone_number",
"web3_wallet"
],
"type": "string"
}
}
}
BetaFeaturesUpdateInstanceDomainRequest
{
"type": "object",
"properties": {
"home_url": {
"type": "string",
"description": "The new home URL of the production instance e.g. https://www.example.com"
}
}
}
BetaFeaturesUpdateInstanceSettingsRequest
{
"type": "object",
"properties": {
"test_mode": {
"type": "boolean",
"nullable": true,
"description": "Toggles test mode for this instance, allowing the use of test email addresses and phone numbers.\nDefaults to true for development instances."
},
"from_email_address": {
"type": "string",
"nullable": true,
"description": "The local part of the email address from which authentication-related emails (e.g. OTP code, magic links) will be sent.\nOnly alphanumeric values are allowed.\nNote that this value should contain only the local part of the address (e.g. `foo` for `foo@example.com`)."
},
"progressive_sign_up": {
"type": "boolean",
"nullable": true,
"description": "Enable the Progressive Sign Up algorithm. Refer to the [docs](https://clerk.com/docs/upgrade-guides/progressive-sign-up) for more info."
},
"session_token_template": {
"type": "string",
"nullable": true,
"description": "The name of the JWT Template used to augment your session tokens. To disable this, pass an empty string."
},
"restricted_to_allowlist": {
"type": "boolean",
"default": false,
"nullable": true,
"description": "Whether sign up is restricted to email addresses, phone numbers and usernames that are on the allowlist."
},
"enhanced_email_deliverability": {
"type": "boolean",
"nullable": true,
"description": "The \"enhanced_email_deliverability\" feature will send emails from \"verifications@clerk.dev\" instead of your domain.\nThis can be helpful if you do not have a high domain reputation."
}
}
}
BetaFeaturesUpdateInstanceSettingsResponse
{
"type": "object",
"properties": {
"id": {
"type": "string"
},
"object": {
"enum": [
"instance_settings"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value."
},
"from_email_address": {
"type": "string"
},
"progressive_sign_up": {
"type": "boolean"
},
"restricted_to_allowlist": {
"type": "boolean"
},
"enhanced_email_deliverability": {
"type": "boolean"
}
}
}
BetaFeaturesUpdateProductionInstanceDomainRequest
{
"type": "object",
"properties": {
"home_url": {
"type": "string",
"description": "The new home URL of the production instance e.g. https://www.example.com"
}
}
}
BlocklistIdentifier
{
"type": "object",
"properties": {
"id": {
"type": "string"
},
"object": {
"enum": [
"blocklist_identifier"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value.\n"
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation\n"
},
"identifier": {
"type": "string",
"description": "An email address, email domain, phone number or web3 wallet.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"instance_id": {
"type": "string"
},
"identifier_type": {
"enum": [
"email_address",
"phone_number",
"web3_wallet"
],
"type": "string"
}
}
}
BlocklistIdentifiers
{
"type": "object",
"required": [
"data",
"total_count"
],
"properties": {
"data": {
"type": "array",
"items": {
"$ref": "#/components/schemas/BlocklistIdentifier"
}
},
"total_count": {
"type": "integer",
"format": "int64",
"description": "Total number of blocklist identifiers\n"
}
}
}
CNameTarget
{
"type": "object",
"required": [
"host",
"value",
"required"
],
"properties": {
"host": {
"type": "string"
},
"value": {
"type": "string"
},
"required": {
"type": "boolean",
"description": "Denotes whether this CNAME target is required to be set in order for the domain to be considered deployed.\n"
}
}
}
ClerkError
{
"type": "object",
"required": [
"message",
"long_message",
"code"
],
"properties": {
"code": {
"type": "string"
},
"meta": {
"type": "object"
},
"message": {
"type": "string"
},
"long_message": {
"type": "string"
},
"clerk_trace_id": {
"type": "string"
}
}
}
ClerkErrors
{
"type": "object",
"required": [
"errors"
],
"properties": {
"meta": {
"type": "object"
},
"errors": {
"type": "array",
"items": {
"$ref": "#/components/schemas/ClerkError"
}
}
}
}
Client
{
"type": "object",
"required": [
"object",
"id",
"session_ids",
"sessions",
"sign_in_id",
"sign_up_id",
"last_active_session_id",
"updated_at",
"created_at"
],
"properties": {
"id": {
"type": "string",
"description": "String representing the identifier of the session.\n"
},
"object": {
"enum": [
"client"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value.\n"
},
"sessions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Session"
}
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation.\n"
},
"sign_in_id": {
"type": "string",
"nullable": true
},
"sign_up_id": {
"type": "string",
"nullable": true
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"session_ids": {
"type": "array",
"items": {
"type": "string"
}
},
"last_active_session_id": {
"type": "string",
"nullable": true,
"description": "Last active session_id.\n"
}
}
}
ClientsListSortedByCreationDateResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/Client"
}
}
ClientsVerifyClientTokenRequest
{
"type": "object",
"properties": {
"token": {
"type": "string",
"description": "A JWT Token that represents the active client."
}
}
}
DeletedObject
{
"type": "object",
"required": [
"object",
"deleted"
],
"properties": {
"id": {
"type": "string"
},
"slug": {
"type": "string"
},
"object": {
"type": "string"
},
"deleted": {
"type": "boolean"
}
}
}
Domain
{
"type": "object",
"required": [
"object",
"id",
"name",
"is_satellite",
"frontend_api_url",
"development_origin"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"object": {
"enum": [
"domain"
],
"type": "string"
},
"proxy_url": {
"type": "string",
"nullable": true
},
"is_satellite": {
"type": "boolean"
},
"cname_targets": {
"type": "array",
"items": {
"$ref": "#/components/schemas/CNameTarget"
},
"nullable": true
},
"frontend_api_url": {
"type": "string"
},
"development_origin": {
"type": "string"
},
"accounts_portal_url": {
"type": "string",
"nullable": true,
"description": "Null for satellite domains.\n"
}
}
}
Domains
{
"type": "object",
"required": [
"data",
"total_count"
],
"properties": {
"data": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Domain"
}
},
"total_count": {
"type": "integer",
"format": "int64",
"description": "Total number of domains\n"
}
}
}
DomainsAddSatelliteDomainRequest
{
"type": "object",
"required": [
"name",
"is_satellite"
],
"properties": {
"name": {
"type": "string",
"description": "The new domain name. Can contain the port for development instances."
},
"proxy_url": {
"type": "string",
"description": "The full URL of the proxy which will forward requests to the Clerk Frontend API for this domain. Applicable only to production instances."
},
"is_satellite": {
"enum": [
true
],
"type": "boolean",
"description": "Marks the new domain as satellite. Only `true` is accepted at the moment."
}
}
}
DomainsUpdateDomainRequest
{
"type": "object",
"properties": {
"name": {
"type": "string",
"nullable": true,
"description": "The new domain name. For development instances, can contain the port,\ni.e `myhostname:3000`. For production instances, must be a valid FQDN,\ni.e `mysite.com`. Cannot contain protocol scheme."
},
"proxy_url": {
"type": "string",
"nullable": true,
"description": "The full URL of the proxy that will forward requests to Clerk's Frontend API.\nCan only be updated for production instances."
}
}
}
EmailAddress
{
"type": "object",
"required": [
"object",
"email_address",
"verification",
"linked_to",
"reserved",
"created_at",
"updated_at"
],
"properties": {
"id": {
"type": "string"
},
"object": {
"enum": [
"email_address"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value.\n"
},
"reserved": {
"type": "boolean"
},
"linked_to": {
"type": "array",
"items": {
"$ref": "#/components/schemas/IdentificationLink"
}
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation\n"
},
"verification": {
"type": "object",
"oneOf": [
{
"$ref": "#/components/schemas/OTP"
},
{
"$ref": "#/components/schemas/Admin"
},
{
"$ref": "#/components/schemas/Oauth"
}
],
"nullable": true
},
"email_address": {
"type": "string"
}
}
}
EmailAddressesCreateNewAddressRequest
{
"type": "object",
"properties": {
"primary": {
"type": "boolean",
"nullable": true,
"description": "Create this email address as the primary email address for the user.\nDefault: false, unless it is the first email address."
},
"user_id": {
"type": "string",
"description": "The ID representing the user"
},
"verified": {
"type": "boolean",
"nullable": true,
"description": "When created, the email address will be marked as verified."
},
"email_address": {
"type": "string",
"description": "The new email address. Must adhere to the RFC 5322 specification for email address format."
}
}
}
EmailAddressesUpdateAddressRequest
{
"type": "object",
"properties": {
"primary": {
"type": "boolean",
"nullable": true,
"description": "Set this email address as the primary email address for the user."
},
"verified": {
"type": "boolean",
"nullable": true,
"description": "The email address will be marked as verified."
}
}
}
EmailSmsTemplatesListSortedByPositionResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/Template"
}
}
EmailSmsTemplatesPreviewTemplateRequest
{
"type": "object",
"properties": {
"body": {
"type": "string",
"description": "The template body before variable interpolation"
},
"subject": {
"type": "string",
"nullable": true,
"description": "The email subject.\nApplicable only to email templates."
},
"from_email_name": {
"type": "string",
"description": "The local part of the From email address that will be used for emails.\nFor example, in the address 'hello@example.com', the local part is 'hello'.\nApplicable only to email templates."
}
}
}
EmailSmsTemplatesPreviewTemplateResponse
{
"type": "object",
"example": {},
"properties": {}
}
EmailSmsTemplatesToggleDeliveryByTypeAndSlugRequest
{
"type": "object",
"properties": {
"delivered_by_clerk": {
"type": "boolean",
"nullable": true,
"description": "Whether Clerk should deliver emails or SMS messages based on the current template"
}
}
}
EmailSmsTemplatesUpdateTemplateByTypeAndSlugRequest
{
"type": "object",
"properties": {
"body": {
"type": "string",
"description": "The template body before variable interpolation"
},
"name": {
"type": "string",
"description": "The user-friendly name of the template"
},
"markup": {
"type": "string",
"nullable": true,
"description": "The editor markup used to generate the body of the template"
},
"subject": {
"type": "string",
"nullable": true,
"description": "The email subject.\nApplicable only to email templates."
},
"from_email_name": {
"type": "string",
"description": "The local part of the From email address that will be used for emails.\nFor example, in the address 'hello@example.com', the local part is 'hello'.\nApplicable only to email templates."
},
"delivered_by_clerk": {
"type": "boolean",
"nullable": true,
"description": "Whether Clerk should deliver emails or SMS messages based on the current template"
}
}
}
IdentificationLink
{
"type": "object",
"required": [
"type",
"id"
],
"properties": {
"id": {
"type": "string"
},
"type": {
"enum": [
"oauth_google",
"oauth_mock",
"saml"
],
"type": "string"
}
}
}
InstanceRestrictions
{
"type": "object",
"properties": {
"object": {
"enum": [
"instance_restrictions"
],
"type": "string",
"description": "String representing the object's type. Objects of the same type share the same value."
},
"allowlist": {
"type": "boolean"
},
"blocklist": {
"type": "boolean"
},
"block_email_subaddresses": {
"type": "boolean"
}
}
}
InstanceSettingsUpdateInstanceSettingsRequest
{
"type": "object",
"properties": {
"hibp": {
"type": "boolean",
"nullable": true,
"description": "Whether the instance should be using the HIBP service to check passwords for breaches"
},
"test_mode": {
"type": "boolean",
"nullable": true,
"description": "Toggles test mode for this instance, allowing the use of test email addresses and phone numbers.\nDefaults to true for development instances."
},
"support_email": {
"type": "string",
"nullable": true
},
"cookieless_dev": {
"type": "boolean",
"deprecated": true,
"description": "Whether the instance should operate in cookieless development mode (i.e. without third-party cookies).\nDeprecated: Please use `url_based_session_syncing` instead."
},
"allowed_origins": {
"type": "array",
"items": {
"type": "string"
},
"description": "For browser-like stacks such as browser extensions, Electron, or Capacitor.js the instance allowed origins need to be updated with the request origin value.\nFor Chrome extensions popup, background, or service worker pages the origin is chrome-extension://extension_uiid. For Electron apps the default origin is http://localhost:3000. For Capacitor, the origin is capacitor://localhost."
},
"clerk_js_version": {
"type": "string",
"nullable": true
},
"development_origin": {
"type": "string",
"nullable": true
},
"url_based_session_syncing": {
"type": "boolean",
"description": "Whether the instance should use URL-based session syncing in development mode (i.e. without third-party cookies)."
},
"enhanced_email_deliverability": {
"type": "boolean",
"nullable": true,
"description": "The \"enhanced_email_deliverability\" feature will send emails from \"verifications@clerk.dev\" instead of your domain.\nThis can be helpful if you do not have a high domain reputation."
}
}
}
InstanceSettingsUpdateOrganizationSettingsRequest
{
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"nullable": true
},
"creator_role_id": {
"type": "string",
"description": "Specify what the default organization role is for an organization creator."
},
"domains_enabled": {
"type": "boolean",
"nullable": true
},
"admin_delete_enabled": {
"type": "boolean",
"nullable": true
},
"domains_default_role_id": {
"type": "string",
"description": "Specify what the default organization role is for the organization domains."
},
"max_allowed_memberships": {
"type": "integer",
"nullable": true
},
"domains_enrollment_modes": {
"type": "array",
"items": {
"type": "string"
},
"description": "Specify which enrollment modes to enable for your Organization Domains.\nSupported modes are 'automatic_invitation' & 'automatic_suggestion'."
}
}
}
InstanceSettingsUpdateRestrictionsRequest
{
"type": "object",
"properties": {
"allowlist": {
"type": "boolean",
"nullable": true
},
"blocklist": {
"type": "boolean",
"nullable": true
},
"block_email_subaddresses": {
"type": "boolean",
"nullable": true
},
"block_disposable_email_domains": {
"type": "boolean",
"nullable": true
}
}
}
Invitation
{
"type": "object",
"required": [
"object",
"id",
"email_address",
"status",
"created_at",
"updated_at"
],
"properties": {
"id": {
"type": "string"
},
"url": {
"type": "string",
"nullable": true
},
"object": {
"enum": [
"invitation"
],
"type": "string"
},
"status": {
"enum": [
"pending",
"accepted",
"revoked"
],
"type": "string",
"example": "pending"
},
"revoked": {
"type": "boolean",
"example": false
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"email_address": {
"type": "string",
"format": "email"
},
"public_metadata": {
"type": "object"
}
}
}
InvitationsCreateNewInvitationRequest
{
"type": "object",
"required": [
"email_address"
],
"properties": {
"notify": {
"type": "boolean",
"default": true,
"nullable": true,
"description": "Optional flag which denotes whether an email invitation should be sent to the given email address.\nDefaults to true."
},
"redirect_url": {
"type": "string",
"description": "Optional URL which specifies where to redirect the user once they click the invitation link.\nThis is only required if you have implemented a [custom flow](https://clerk.com/docs/authentication/invitations#custom-flow) and you're not using Clerk Hosted Pages or Clerk Components."
},
"email_address": {
"type": "string",
"description": "The email address the invitation will be sent to"
},
"ignore_existing": {
"type": "boolean",
"default": false,
"nullable": true,
"description": "Whether an invitation should be created if there is already an existing invitation for this email address, or it's claimed by another user."
},
"public_metadata": {
"type": "object",
"description": "Metadata that will be attached to the newly created invitation.\nThe value of this property should be a well-formed JSON object.\nOnce the user accepts the invitation and signs up, these metadata will end up in the user's public metadata."
}
}
}
InvitationsListAllNonRevokedResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/Invitation"
}
}
InvitationsRevokeInvitationResponse
{
"allOf": [
{
"$ref": "#/components/schemas/Invitation"
},
{
"type": "object",
"properties": {
"status": {
"enum": [
"revoked"
],
"type": "string",
"example": "revoked"
},
"revoked": {
"enum": [
true
],
"type": "boolean",
"example": true
}
}
}
]
}
JWTTemplate
{
"type": "object",
"required": [
"object",
"id",
"name",
"claims",
"lifetime",
"allowed_clock_skew",
"created_at",
"updated_at"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"claims": {
"type": "object"
},
"object": {
"enum": [
"jwt_template"
],
"type": "string"
},
"lifetime": {
"type": "integer"
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"signing_algorithm": {
"type": "string"
},
"allowed_clock_skew": {
"type": "integer"
},
"custom_signing_key": {
"type": "boolean"
}
}
}
JwtTemplatesCreateTemplateRequest
{
"type": "object",
"properties": {
"name": {
"type": "string",
"nullable": false,
"description": "JWT template name"
},
"claims": {
"type": "object",
"nullable": false,
"description": "JWT template claims in JSON format"
},
"lifetime": {
"type": "number",
"maximum": 315360000,
"minimum": 30,
"nullable": true,
"description": "JWT token lifetime"
},
"signing_key": {
"type": "string",
"nullable": true,
"description": "The custom signing private key to use when minting JWTs"
},
"signing_algorithm": {
"type": "string",
"nullable": true,
"description": "The custom signing algorithm to use when minting JWTs"
},
"allowed_clock_skew": {
"type": "number",
"maximum": 300,
"minimum": 0,
"nullable": true,
"description": "JWT token allowed clock skew"
},
"custom_signing_key": {
"type": "boolean",
"nullable": false,
"description": "Whether a custom signing key/algorithm is also provided for this template"
}
}
}
JwtTemplatesListAllTemplatesResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/JWTTemplate"
}
}
JwtTemplatesUpdateTemplateByIdRequest
{
"type": "object",
"properties": {
"name": {
"type": "string",
"nullable": false,
"description": "JWT template name"
},
"claims": {
"type": "object",
"nullable": false,
"description": "JWT template claims in JSON format"
},
"lifetime": {
"type": "number",
"maximum": 315360000,
"minimum": 30,
"nullable": true,
"description": "JWT token lifetime"
},
"signing_key": {
"type": "string",
"nullable": true,
"description": "The custom signing private key to use when minting JWTs"
},
"signing_algorithm": {
"type": "string",
"nullable": true,
"description": "The custom signing algorithm to use when minting JWTs"
},
"allowed_clock_skew": {
"type": "number",
"maximum": 300,
"minimum": 0,
"nullable": true,
"description": "JWT token allowed clock skew"
},
"custom_signing_key": {
"type": "boolean",
"nullable": false,
"description": "Whether a custom signing key/algorithm is also provided for this template"
}
}
}
OAuthApplication
{
"type": "object",
"required": [
"object",
"id",
"instance_id",
"name",
"public",
"client_id",
"scopes",
"callback_url",
"authorize_url",
"token_fetch_url",
"user_info_url",
"created_at",
"updated_at"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"object": {
"enum": [
"oauth_application"
],
"type": "string"
},
"public": {
"type": "boolean"
},
"scopes": {
"type": "string"
},
"client_id": {
"type": "string"
},
"created_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of creation.\n"
},
"updated_at": {
"type": "integer",
"format": "int64",
"description": "Unix timestamp of last update.\n"
},
"instance_id": {
"type": "string"
},
"callback_url": {
"type": "string"
},
"authorize_url": {
"type": "string"
},
"user_info_url": {
"type": "string"
},
"token_fetch_url": {
"type": "string"
}
}
}
OAuthApplicationWithSecret
{
"allOf": [
{
"$ref": "#/components/schemas/OAuthApplication"
},
{
"type": "object",
"properties": {
"client_secret": {
"type": "string",
"description": "Empty if public client.\n"
}
}
}
]
}
OAuthApplications
{
"type": "object",
"required": [
"data",
"total_count"
],
"properties": {
"data": {
"type": "array",
"items": {
"$ref": "#/components/schemas/OAuthApplication"
}
},
"total_count": {
"type": "integer",
"format": "int64",
"description": "Total number of OAuth applications\n"
}
}
}
OAuthApplicationsCreateNewApplicationRequest
{
"type": "object",
"required": [
"name",
"callback_url"
],
"properties": {
"name": {
"type": "string",
"description": "The name of the new OAuth application"
},
"public": {
"type": "boolean",
"description": "If true, this client is public and cannot securely store a client secret.\nOnly the authorization code flow with proof key for code exchange (PKCE) may be used.\nPublic clients cannot be updated to be confidential clients, and vice versa."
},
"scopes": {
"type": "string",
"default": "profile email",
"example": "profile email public_metadata",
"description": "Define the allowed scopes for the new OAuth applications that dictate the user payload of the OAuth user info endpoint. Available scopes are `profile`, `email`, `public_metadata`, `private_metadata`. Provide the requested scopes as a string, separated by spaces."
},
"callback_url": {
"type": "string",
"description": "The callback URL of the new OAuth application"
}
}
}
OAuthApplicationsUpdateApplicationRequest
{
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "The new name of the OAuth application"
},
"scopes": {
"type": "string",
"default": "profile email",
"example": "profile email public_metadata private_metadata",
"description": "Define the allowed scopes for the new OAuth applications that dictate the user payload of the OAuth user info endpoint. Available scopes are `profile`, `email`, `public_metadata`, `private_metadata`. Provide the requested scopes as a string, separated by spaces."
},
"callback_url": {
"type": "string",
"description": "The new callback URL of the OAuth application"
}
}
}
| Version | Endpoints | Schemas | Ingested | Status |
|---|---|---|---|---|
| v1 | 109 | 112 | 2026-05-11 | current |
| v1 | 109 | 112 | 2026-04-16 |