Skip to content

feat(nextjs,react): Add HandleSSOCallback component #7678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dstaley merged 16 commits into from
Feb 6, 2026
Merged

feat(nextjs,react): Add HandleSSOCallback component #7678

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
801a764
feat(nextjs,react): Add HandleSSOCallback component
dstaley Jan 26, 2026
9cf0701
fix(react): Import React
dstaley Jan 26, 2026
23104dc
fix(react): sort imports
dstaley Jan 26, 2026
f04428f
fix(tanstack-react-start): update snapshot
dstaley Jan 26, 2026
f056631
tests(chrome-extension,react-router): update snapshots
dstaley Jan 26, 2026
146a6c8
fix(chrome-extension): Re-export HandleSSOCallback
dstaley Jan 26, 2026
433b4fe
docs(clerk-js): Fix missing comment
dstaley Jan 27, 2026
b06d2e5
tests(react): Add unit tests for HandleSSOCallback component
dstaley Jan 27, 2026
662422f
Merge branch 'main' into ds.feat/hooks-handle-sso-callback
wobsoriano Jan 29, 2026
90ca0c5
Merge branch 'main' into ds.feat/hooks-handle-sso-callback
dstaley Feb 2, 2026
606b224
fix(react): Remove render prop
dstaley Feb 5, 2026
c1e7de3
fix(react): Add clerk.loaded to dependency array
dstaley Feb 5, 2026
85533b7
Merge branch 'main' into ds.feat/hooks-handle-sso-callback
dstaley Feb 5, 2026
d1bae58
fix(react): Remove unused render prop from HandleSSOCallback test
dstaley Feb 5, 2026
679d4e8
fix(react): Remove unused render prop from HandleSSOCallback test
dstaley Feb 5, 2026
5595341
cleanup(react): rm unused var
dstaley Feb 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changeset/vast-loops-open.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
'@clerk/chrome-extension': minor
'@clerk/nextjs': minor
'@clerk/react': minor
---

Add `HandleSSOCallback` component which handles the SSO callback during custom flows, including support for sign-in-or-up.
1 change: 1 addition & 0 deletions packages/chrome-extension/src/__tests__/__snapshots__/exports.test.ts.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ exports[`public exports > should not include a breaking change 1`] = `
"ClerkProvider",
"CreateOrganization",
"GoogleOneTap",
"HandleSSOCallback",
"OrganizationList",
"OrganizationProfile",
"OrganizationSwitcher",
Expand Down
1 change: 1 addition & 0 deletions packages/chrome-extension/src/react/re-exports.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ export {
ClerkLoaded,
ClerkLoading,
CreateOrganization,
HandleSSOCallback,
OrganizationList,
OrganizationProfile,
OrganizationSwitcher,
Expand Down
1 change: 1 addition & 0 deletions packages/nextjs/src/client-boundary/uiComponents.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ export {
UserAvatar,
UserButton,
Waitlist,
HandleSSOCallback,
} from '@clerk/react';

// The assignment of UserProfile with BaseUserProfile props is used
Expand Down
1 change: 1 addition & 0 deletions packages/react-router/src/__tests__/__snapshots__/exports.test.ts.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ exports[`root public exports > should not change unexpectedly 1`] = `
"ClerkProvider",
"CreateOrganization",
"GoogleOneTap",
"HandleSSOCallback",
"OrganizationList",
"OrganizationProfile",
"OrganizationSwitcher",
Expand Down
170 changes: 170 additions & 0 deletions packages/react/src/components/HandleSSOCallback.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
import type { SetActiveNavigate } from '@clerk/shared/types';
import React, { type ReactNode, useEffect, useRef } from 'react';

import { useClerk, useSignIn, useSignUp } from '../hooks';

export interface HandleSSOCallbackProps {
/**
* Called when the SSO callback is complete and a session has been created.
*/
navigateToApp: (...params: Parameters<SetActiveNavigate>) => void;
/**
* Called when a sign-in requires additional verification, or a sign-up is transfered to a sign-in that requires
* additional verification.
*/
navigateToSignIn: () => void;
/**
* Called when a sign-in is transfered to a sign-up that requires additional verification.
*/
navigateToSignUp: () => void;
}

/**
* Use this component when building custom UI to handle the SSO callback and navigate to the appropriate page based on
* the status of the sign-in or sign-up. By default, this component might render a captcha element to handle captchas
* when required by the Clerk API.
*
* @example
* ```tsx
* import { HandleSSOCallback } from '@clerk/react';
* import { useNavigate } from 'react-router';
*
* export default function Page() {
* const navigate = useNavigate();
*
* return (
* <HandleSSOCallback
* navigateToApp={({ session, decorateUrl }) => {
* if (session?.currentTask) {
* const destination = decorateUrl(`/onboarding/${session?.currentTask.key}`);
* if (destination.startsWith('http')) {
* window.location.href = destination;
* return;
* }
* navigate(destination);
* return;
* }
*
* const destination = decorateUrl('/dashboard');
* if (destination.startsWith('http')) {
* window.location.href = destination;
* return;
* }
* navigate(destination);
* }}
* navigateToSignIn={() => {
* navigate('/sign-in');
* }}
* navigateToSignUp={() => {
* navigate('/sign-up');
* }}
* />
* );
* }
* ```
*/
export function HandleSSOCallback(props: HandleSSOCallbackProps): ReactNode {
const { navigateToApp, navigateToSignIn, navigateToSignUp } = props;
const clerk = useClerk();
const { signIn } = useSignIn();
const { signUp } = useSignUp();
const hasRun = useRef(false);

useEffect(() => {
(async () => {
if (!clerk.loaded || hasRun.current) {
return;
}
// Prevent re-running this effect if the page is re-rendered during session activation (such as on Next.js).
hasRun.current = true;

// If this was a sign-in, and it's complete, there's nothing else to do.
// Note: We perform a cast here to prevent TypeScript from narrowing the type of signIn.status. TypeScript
// doesn't understand that the status can be mutated during the execution of this function.
if ((signIn.status as string) === 'complete') {
Copy link
Member

@nikosdouvlis nikosdouvlis Jan 27, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

// Note: We perform a cast - comment is cut off (i think?), should it explain why?

Copy link
Member Author

@dstaley dstaley Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

whoops 😬

await signIn.finalize({
navigate: async (...params) => {
navigateToApp(...params);
},
});
return;
}

// If the sign-up used an existing account, transfer it to a sign-in.
if (signUp.isTransferable) {
await signIn.create({ transfer: true });
if (signIn.status === 'complete') {
await signIn.finalize({
navigate: async (...params) => {
navigateToApp(...params);
},
});
return;
}
// The sign-in requires additional verification, so we need to navigate to the sign-in page.
return navigateToSignIn();
}

if (
Copy link
Member

@nikosdouvlis nikosdouvlis Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just double checking - this navigates away unless ALL factors are enterprise_sso. Is that the intent?

Copy link
Member Author

@dstaley dstaley Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is directly copy and pasted from our existing handleRedirectCallback implementation. It only navigates to sign-in if the status is needs_first_factor and there is at least one supported first-factor that's NOT enterprise_sso.

signIn.status === 'needs_first_factor' &&
!signIn.supportedFirstFactors?.every(f => f.strategy === 'enterprise_sso')
) {
// The sign-in requires the use of a configured first factor, so navigate to the sign-in page.
return navigateToSignIn();
}

// If the sign-in used an external account not associated with an existing user, create a sign-up.
if (signIn.isTransferable) {
await signUp.create({ transfer: true });
if (signUp.status === 'complete') {
await signUp.finalize({
navigate: async (...params) => {
navigateToApp(...params);
},
});
return;
}
return navigateToSignUp();
}

if (signUp.status === 'complete') {
await signUp.finalize({
navigate: async (...params) => {
navigateToApp(...params);
},
});
return;
}

if (signIn.status === 'needs_second_factor' || signIn.status === 'needs_new_password') {
// The sign-in requires a MFA token or a new password, so navigate to the sign-in page.
return navigateToSignIn();
}

// The external account used to sign-in or sign-up was already associated with an existing user and active
// session on this client, so activate the session and navigate to the application.
if (signIn.existingSession || signUp.existingSession) {
const sessionId = signIn.existingSession?.sessionId || signUp.existingSession?.sessionId;
if (sessionId) {
// Because we're activating a session that's not the result of a sign-in or sign-up, we need to use the
// Clerk `setActive` API instead of the `finalize` API.
await clerk.setActive({
session: sessionId,
navigate: async (...params) => {
return navigateToApp(...params);
},
});
return;
}
}
})();
}, [clerk, clerk.loaded, signIn, signUp]);

return (
<div>
{/* Because a sign-in transferred to a sign-up might require captcha verification, make sure to render the
captcha element. */}
Comment on lines +165 to +166
Copy link
Member

@alexcarpenter alexcarpenter Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we allow children for them to render a spinner here possibly?

Copy link
Member Author

@dstaley dstaley Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I went with the render prop for that, but I'll defer to what you suggest here since I know the thinking has evolved recently!

Copy link
Member

@alexcarpenter alexcarpenter Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

to date we've used children, so I might lean towards children for now. We've yet to introduce a render prop but possibly in the future.

Copy link
Member Author

@dstaley dstaley Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stepping back do we even need either? This renders a div and the captcha (possibly). wouldn't folks probably write code that looks like this?

<Card>
  <CardBody>
    <Spinner />
    <HandleSSOCallback />
  </CardBody>
</Card>

In this situation I don't think they'd want to put their Spinner as a child of HandleSSOCallback. If it's a render prop it would make more sense for it to be:

<HandleSSOCallback render={() => {
  return (
    <Card><CardBody><Spinner /></CardBody></Card>  
  )
}} />

Copy link
Member

@alexcarpenter alexcarpenter Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this could be ok

<Card>
  <CardBody>
    <Spinner />
    <HandleSSOCallback />
  </CardBody>
</Card>

because hypothetically the captcha could render right, and I want to be able to place it in a specific spot within the card. Just feels weird due to the naming of the component.

<div id='clerk-captcha' />
</div>
);
Comment on lines 66 to 169
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find tests that cover HandleSSOCallback
rg -n "HandleSSOCallback" --type ts --type tsx --type js --type jsx -g "*test*" -g "*spec*"

Repository: clerk/javascript

Length of output: 87

🏁 Script executed:

#!/bin/bash
# Find tests that cover HandleSSOCallback
rg -n "HandleSSOCallback" | grep -E "(test|spec)\.(ts|tsx|js|jsx)"

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Search for HandleSSOCallback references in the codebase
rg "HandleSSOCallback" --max-count 20

Repository: clerk/javascript

Length of output: 636

🏁 Script executed:

#!/bin/bash
# Find test files in packages/react
find packages/react -type f \( -name "*.test.*" -o -name "*.spec.*" \) | head -20

Repository: clerk/javascript

Length of output: 1322

🏁 Script executed:

#!/bin/bash
# Check for HandleSSOCallback test file
find packages/react -name "*HandleSSOCallback*test*" -o -name "*HandleSSOCallback*spec*"

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Search for HandleSSOCallback in all test files
find packages/react -path "*__tests__*" -type f \( -name "*.test.*" -o -name "*.spec.*" \) -exec grep -l "HandleSSOCallback" {} \;

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Check if HandleSSOCallback.tsx was modified in this PR
git diff --name-only | grep -i handlessocallback

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Check the overall git status and what files were modified
git diff --name-only | head -20

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Check recent git history for HandleSSOCallback
git log --oneline --all -n 50 | head -20

Repository: clerk/javascript

Length of output: 1527

🏁 Script executed:

#!/bin/bash
# Check if there are any references to HandleSSOCallback in existing test files
rg "HandleSSOCallback" packages/react/src/components/__tests__/

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# Check the HandleSSOCallback.tsx file to understand its context
head -20 packages/react/src/components/HandleSSOCallback.tsx

Repository: clerk/javascript

Length of output: 899

🏁 Script executed:

#!/bin/bash
# Check the git history for HandleSSOCallback specifically
git log --all --oneline -- packages/react/src/components/HandleSSOCallback.tsx | head -10

Repository: clerk/javascript

Length of output: 93

🏁 Script executed:

#!/bin/bash
# Check what changed in the recent commit for HandleSSOCallback
git show 9cf07019 --stat | grep -A 10 HandleSSOCallback

Repository: clerk/javascript

Length of output: 741

🏁 Script executed:

#!/bin/bash
# Check if tests were added for HandleSSOCallback in the same commit
git show 9cf07019 | grep -A 5 -B 5 "HandleSSOCallback.*test"

Repository: clerk/javascript

Length of output: 42

🏁 Script executed:

#!/bin/bash
# List all files added in commit 9cf07019
git show 9cf07019 --name-only | grep -E "(test|spec)"

Repository: clerk/javascript

Length of output: 35882

🏁 Script executed:

#!/bin/bash
# Specifically search for HandleSSOCallback in packages/react test directory
rg "HandleSSOCallback" packages/react/src/components/__tests__/

Repository: clerk/javascript

Length of output: 42

Add tests for HandleSSOCallback component.

No test coverage found for this component. Add tests covering the sign-in/sign-up transfer branches and completion paths as required by coding guidelines.

🤖 Prompt for AI Agents 
In `@packages/react/src/components/HandleSSOCallback.tsx` around lines 70 - 176,
Add unit tests for the HandleSSOCallback component that cover the
sign-in/sign-up transfer and completion branches by mocking the Clerk hooks and
flows (useClerk, useSignIn, useSignUp) and asserting
navigation/finalize/setActive behavior: test when signIn.status === 'complete'
that signIn.finalize is called and navigateToApp is invoked; test
signUp.isTransferable path where signIn.create({transfer:true}) leads to
finalize or navigateToSignIn as appropriate; test signIn.isTransferable path
where signUp.create({transfer:true}) leads to finalize or navigateToSignUp; test
the needs_first_factor branch (when supportedFirstFactors do not all have
strategy === 'enterprise_sso') and the needs_second_factor/needs_new_password
branches call navigateToSignIn; test existingSession handling calls
clerk.setActive with sessionId and navigates to app; also include a render test
that returns the captcha div when no render prop provided. Mock and spy on
signIn.create, signIn.finalize, signUp.create, signUp.finalize, clerk.setActive
and the navigate callbacks to verify correct calls.

Copy link
Member

@nikosdouvlis nikosdouvlis Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeRabbit flagged this too - no test coverage for this component

Copy link
Member

@nikosdouvlis nikosdouvlis Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this something e2e tests are better suited for?

Copy link
Member Author

@dstaley dstaley Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

given the number of permutations I actually think a unit test with mocks might be better. I'll add that!

}
Loading
Loading