-
Notifications
You must be signed in to change notification settings - Fork 487
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add "How Clerk works" and "Client handshake" to initial concepts section #577
base: main
Are you sure you want to change the base?
Conversation
Hey @alexisintech, your docs preview is available.
|
I'll provide my review once the information is reviewed by an engineer more familiar with this information and is deemed technically correct :) |
Co-authored-by: Kyle MacDonald <[email protected]>
Updated based on @SokratisVidros's feedback in the deploy preview. @alexisintech please do an editorial sweep and merge. |
Co-authored-by: Sokratis Vidros <[email protected]>
Co-authored-by: Sokratis Vidros <[email protected]>
### Handshake payload | ||
|
||
The handshake payload is a signed JWT that contains an array of `set-cookie` header directives. This allows us to transfer cookies from the FAPI domain to the application’s domain across environments without additional cookie setting logic embedded into our SDKs. In development, the payload is transported in the URL in a `__clerk_handshake` query parameter. In production, the payload is transported in a `__clerk_handshake` cookie. On returning from the handshake endpoint, the handshake payload is parsed and the cookie directives are set on the final response. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@BRKalow Please add an example of a Handshake payload.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexisintech Please add the following example of the handshake payload:
"handshake": [
"__client_uat=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT",
"__clerk_handshake=; Path=/; Domain=example.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT",
"__client_uat=1706822359; Path=/; Domain=example.com; Max-Age=315360000; Secure; SameSite=Lax",
"__session=<...CLERK_SESSION_JWT...>; Path=/; Expires=Wed, 05 Feb 2025 09:08:53 GMT; Secure"
]
}```
### Handshake payload | ||
|
||
The handshake payload is a signed JWT that contains an array of `set-cookie` header directives. This allows us to transfer cookies from the FAPI domain to the application’s domain across environments without additional cookie setting logic embedded into our SDKs. In development, the payload is transported in the URL in a `__clerk_handshake` query parameter. In production, the payload is transported in a `__clerk_handshake` cookie. On returning from the handshake endpoint, the handshake payload is parsed and the cookie directives are set on the final response. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexisintech Please add the following example of the handshake payload:
"handshake": [
"__client_uat=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT",
"__clerk_handshake=; Path=/; Domain=example.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT",
"__client_uat=1706822359; Path=/; Domain=example.com; Max-Age=315360000; Secure; SameSite=Lax",
"__session=<...CLERK_SESSION_JWT...>; Path=/; Expires=Wed, 05 Feb 2025 09:08:53 GMT; Secure"
]
}```
this PR is waiting on @kylemac and the decisions surrounding the new docs IA - converting back to draft for now. |
We have an internal copy of this document we have talked about moving externally for some time. This is how that could look:
https://docs-preview-577.clerkpreview.com/docs/concepts/how-clerk-works
https://docs-preview-577.clerkpreview.com/docs/concepts/client-handshake
Related to PR-867 in the marketing repo which adds a lightbulb icon for the "Concepts" section in the sidenav.