Clerk Root Domain Demo
Authentication across different domains
Your Primary domain or in this case Root domain is where the authentication state lives, and Satellite domains are able to securely read that state from the primary domain, enabling a seamless authentication flow across domains. This example repository was created to demonstrate just that.
If you're trying this out locally, attempt to access a protected route on our satellite domain atlocalhost:3001/dashboard without logging in and see what happens. Clerk will redirect you to the Primary domain set on localhost:3000 to authenticate you and redirect back to the Satellite once the authentication flow has successfully executed.
Production Environment
To see how this works in a production environment, head over to the Satellite Domain and try to access the page. Since the entire site is protected by clerkMiddleware you'll see that you're redirected to authenticate on the Root Domain and then redirected back to the Satellite domain after successfully completing the sign-in flow.
How It Works
- Primary domain initiates the authentication state
- Satellite domains read state securely from the Primary
- Seamless redirection between domains
- Protected by clerkMiddleware
The primary domain is where authentication state is stored and managed. Users sign in here first.
Satellite domains securely read authentication state from the primary domain without requiring re-authentication.