Skip to content

fix(backend): Align enterprise connection create and update params with the Backend API#9155

Merged
manovotny merged 6 commits into
mainfrom
manovotny/amazing-lalande-e031c2
Jul 18, 2026
Merged

fix(backend): Align enterprise connection create and update params with the Backend API#9155
manovotny merged 6 commits into
mainfrom
manovotny/amazing-lalande-e031c2

Conversation

@manovotny

@manovotny manovotny commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Description

Aligns CreateEnterpriseConnectionParams and UpdateEnterpriseConnectionParams with the Backend API contract (clerk_go api/bapi/v1/enterprise_connections/service.go). Folds in #9153 — the provider fix and this work are one thought: the create/update params didn't match what BAPI accepts. Every claim was verified against the Go source.

Discovered while reviewing clerk/clerk#2887, where a docs code sample calling createEnterpriseConnection without provider would fail BAPI validation despite type-checking.

Required provider field (from #9153)

  • CreateEnterpriseConnectionParams was missing provider, which BAPI validates as required. Calls without it type-checked and failed at runtime. The field is typed as the OrganizationEnterpriseConnectionProvider union from @clerk/shared/types (matching the sibling SamlConnectionApi pattern), with type-level tests so it can't silently become optional or widen back to string.
  • The tanstack-start enterprise SSO integration test was already passing provider behind an as cast to work around the missing field. The cast is removed.

Required name and domains, plus deprecations

  • name and domains are now required on create. BAPI validates both (validate:"required", min=1 on domains), so calls without them already failed at runtime — the types now catch it at compile time. Type-level tests lock each field individually.
  • syncUserAttributes on create is deprecated. BAPI's CreateParams has no sync_user_attributes field; the JSON decoder drops it silently. It works on update, and the deprecation notice points there.
  • provider on update is deprecated. BAPI's UpdateParams has no provider field — the provider can't be changed after creation.

Missing optional params

  • Adds the optional fields BAPI accepts that the SDK types omitted: allowOrganizationAccountLinking, customAttributes, authenticatable, disableJitProvisioning (create and update), disableAdditionalIdentifications (update only), and saml.loginHint.
  • loginHint is a discriminated union: source is required exactly when mode is 'custom_attribute' and rejected otherwise, matching BAPI's validation. Custom attribute shapes (name and key required) match the Go structs, and all camelCase names were confirmed to snake-case to the exact wire keys.

Making previously-optional fields required is a compile-time change, but only for calls that already failed BAPI validation at runtime — it converts a runtime failure into a type error. Ships as a patch for that reason.

To test: pnpm --filter @clerk/backend test:node EnterpriseConnectionApi.test.ts — wire-format tests assert every field reaches the request body in snake_case, alongside the type-level assertions.

Checklist

  • pnpm test runs as expected.
  • pnpm build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

🤖 Generated with Claude Code

manovotny and others added 2 commits July 13, 2026 22:55
…onParams

The Backend API validates provider as required on enterprise connection
creation, so calls without it type-checked but failed at runtime.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…ntract

Reuses the OrganizationEnterpriseConnectionProvider union from
@clerk/shared/types (matching the sibling SamlConnectionApi pattern) and
adds type-level tests so provider can't silently become optional or widen
back to string.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@changeset-bot

changeset-bot Bot commented Jul 14, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: 95db01e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 10 packages
Name Type
@clerk/backend Patch
@clerk/astro Patch
@clerk/express Patch
@clerk/fastify Patch
@clerk/hono Patch
@clerk/nextjs Patch
@clerk/nuxt Patch
@clerk/react-router Patch
@clerk/tanstack-react-start Patch
@clerk/testing Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel

vercel Bot commented Jul 14, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
clerk-js-sandbox Ready Ready Preview, Comment Jul 17, 2026 10:59pm
swingset Ready Ready Preview, Comment Jul 17, 2026 10:59pm

Request Review

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: f0c02279-170f-45ba-abd2-93fd1233299e

📥 Commits

Reviewing files that changed from the base of the PR and between 774304d and 95db01e.

📒 Files selected for processing (6)
  • .changeset/heavy-melons-argue.md
  • .changeset/tidy-donuts-attend.md
  • .changeset/violet-planes-repeat.md
  • integration/tests/tanstack-start/enterprise-sso.test.ts
  • packages/backend/src/api/__tests__/EnterpriseConnectionApi.test.ts
  • packages/backend/src/api/endpoints/EnterpriseConnectionApi.ts
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:


📝 Walkthrough

Walkthrough

Enterprise connection API types now require supported creation providers, names, and domains, and add provisioning, custom attribute, and SAML login-hint parameters. Update types add additional-identification control and deprecate changing providers. Tests cover compile-time constraints, provider payloads, and camelCase-to-snake_case serialization. The integration helper now passes typed parameters directly. Changesets document the backend patch release.

Estimated code review effort: 3 (Moderate) | ~20 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: aligning enterprise connection create and update params with the Backend API.
Description check ✅ Passed The description is directly about the same API contract alignment and matches the changeset details.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Comment @coderabbitai help to get the list of available commands.

manovotny and others added 2 commits July 13, 2026 23:25
…ctions

Stacked on #9153 (required provider field). Aligns the remaining
CreateEnterpriseConnectionParams gaps with the Backend API contract,
which validates name and domains (min 1) as required. Deprecates
syncUserAttributes on create and provider on update, since the
Backend API ignores both.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Adds the optional create/update params the Backend API supports but
the SDK types omitted: allowOrganizationAccountLinking,
customAttributes, authenticatable, disableJitProvisioning,
disableAdditionalIdentifications (update only), and saml.loginHint.
Verified against BAPI's CreateParams/UpdateParams/SAMLParams in
clerk_go.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Codex review: BAPI requires login_hint.source exactly when mode is
custom_attribute and rejects it otherwise; model as a discriminated
union. Also lock name/domains as required with type-level tests.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

@wobsoriano wobsoriano left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this looks legit to me

@pkg-pr-new

pkg-pr-new Bot commented Jul 17, 2026

Copy link
Copy Markdown

Open in StackBlitz

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@9155

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@9155

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@9155

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@9155

@clerk/electron

npm i https://pkg.pr.new/@clerk/electron@9155

@clerk/electron-passkeys

npm i https://pkg.pr.new/@clerk/electron-passkeys@9155

@clerk/eslint-plugin

npm i https://pkg.pr.new/@clerk/eslint-plugin@9155

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@9155

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@9155

@clerk/express

npm i https://pkg.pr.new/@clerk/express@9155

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@9155

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@9155

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@9155

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@9155

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@9155

@clerk/react

npm i https://pkg.pr.new/@clerk/react@9155

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@9155

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@9155

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@9155

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@9155

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@9155

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@9155

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@9155

commit: 95db01e

@github-actions

Copy link
Copy Markdown
Contributor

API Changes Report

Generated by Break Check on 2026-07-17T23:00:47.781Z

Summary

Metric Count
Packages analyzed 19
Packages with changes 0
🔴 Breaking changes 0
🟡 Non-breaking changes 0
🟢 Additions 0

No API Changes Detected

All packages have stable APIs with no detected changes.


Report generated by Break Check

Last ran on 95db01e.

@manovotny
manovotny merged commit a009d91 into main Jul 18, 2026
51 checks passed
@manovotny
manovotny deleted the manovotny/amazing-lalande-e031c2 branch July 18, 2026 03:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants