releases.shpreview

User metadata updates; SSO provider selection and email verification added

@clerk/clerk-js@6.11.0

From the original release noteView original ↗

Minor Changes

  • Add user.updateMetadata() for updating current user's metadata attributes by merging existing values with the provided parameters. (#8537) by @brunol95

Patch Changes

  • Fix dev browser recovery by clearing stale partitioned and non-partitioned dev browser cookie variants before minting a new dev browser. (#8538) by @brkalow

  • Implement the provider selection step of <__experimental_ConfigureSSO />. Renders the two SAML provider tiles (Okta Workforce and Custom SAML Provider) with real icons sourced from img.clerk.com, tracks the picked provider in local state, and gates Step.Footer.Continue on a selection. Includes a warning callout about provider lock-in and a minor Step.Header alignment tweak. All user-visible strings are wired through @clerk/localizations, with translations for every supported locale. (#8503) by @iagodahlem

    Also extends the flow context with provider and setProvider, adds the deriveInitialStep helper, and wires the wizard's initialStepId so the configure flow remounts on the right step after a reload. Continue on Select Provider stages the chosen provider and advances to the next step; the enterprise connection is created on Verify Domain once the user's email is verified and primary.

  • Fix toMeEnterpriseConnectionBody to produce the flat snake_case body shape the backend expects for user.createEnterpriseConnection and user.updateEnterpriseConnection. SAML and OIDC fields are now top-level prefixed (e.g., saml_idp_metadata_url) rather than nested under saml / oidc objects. Without this fix, IdP metadata submission in <__experimental_ConfigureSSO /> silently fails on the backend. (#8535) by @iagodahlem

  • Update <ConfigureSSO /> in the context of organizations to only allow managing enterprise connections based on system permission (#8515) by @LauraBeatris

  • Add monotonic token replacement based on oiat to prevent edge-minted tokens with stale claims from overwriting fresher DB-minted tokens in multi-tab scenarios. (#8097) by @nikosdouvlis

  • Add verify/add email address step to <__experimental_ConfigureSSO /> (#8520) by @LauraBeatris

  • Updated dependencies [1a4d7d1, a6916b1, 1084180, 39099b6, 18e0a1a]:

    • @clerk/shared@4.11.0

Fetched May 14, 2026

User metadata updates; SSO provider selection and email… — releases.sh