Clerk

​

Integration Guide

This guide will walk you through setting up a webhook integration between Clerk and HookFlo, enabling you to receive alerts for user authentication and management events.

​

Prerequisites

• A HookFlo account with an active project
• A Clerk account with admin access to your application
• Basic understanding of Clerk’s authentication system

​

Integration Overview

The integration process follows these key steps:

1. Set up a webhook in HookFlo
2. Configure notification channels (email/Slack)
3. Connect Clerk to HookFlo
4. Configure Clerk to send webhooks
5. Test the integration

​

Setting Up Your HookFlo Webhook

After logging into HookFlo, follow these steps to create and configure your Clerk webhook:

​

Configuring Clerk

Now that your HookFlo webhook is set up, you need to configure Clerk to send events to it:

​

Testing Your Integration

To ensure your integration is working properly:

​

Supported Events

Clerk supports a wide range of webhook events. Here are the most commonly used categories:

​

User Events

• user.created: When a new user is created
• user.updated: When user details are changed
• user.deleted: When a user is deleted
• user.locked: When a user account is locked

​

Session Events

• session.created: When a user signs in
• session.removed: When a user signs out
• session.ended: When a session expires

​

Authentication Events

• emailAddress.created: When an email address is added
• emailAddress.verified: When an email is verified
• phoneNumber.created: When a phone number is added
• phoneNumber.verified: When a phone is verified
• password.created: When a password is set
• password.reset: When a password is reset

​

Organization Events

• organization.created: When a new organization is created
• organization.updated: When an organization is updated
• organization.deleted: When an organization is deleted
• organizationMembership.created: When a user joins an organization
• organizationMembership.deleted: When a user leaves an organization

For a complete list of events, refer to the Clerk Webhook Events documentation.

​

Webhook Headers

Clerk webhooks include these important headers that HookFlo uses for verification:

• svix-id: A unique identifier for the webhook event
• svix-timestamp: When the webhook was sent
• svix-signature: A signature that proves the webhook came from Clerk

​

Webhook Payload Structure

Here’s an example of what the webhook payload looks like for a user.created event:

{
  "data": {
    "id": "user_2NZrMxLQOI49IM9xmLMBB6yrY7L",
    "first_name": "John",
    "last_name": "Doe",
    "email_addresses": [
      {
        "id": "idn_2NZrMxWEDc8XVtCyD6ULe9YNdGX",
        "email_address": "john@example.com",
        "verification": {
          "status": "verified",
          "strategy": "email_code"
        }
      }
    ],
    "created_at": 1645131680,
    "updated_at": 1645131680
  },
  "object": "event",
  "type": "user.created"
}

​

Advanced Configuration

​

Troubleshooting

​

Example: Monitoring New User Signups

Here’s a complete example of setting up HookFlo to alert your team when new users sign up:

​

Security Considerations

When setting up webhook integrations between Clerk and HookFlo, keep these security best practices in mind:

• Protect your signing secret: Never expose the Clerk signing secret in client-side code
• Validate all webhooks: Always use the signing secret to verify webhook authenticity
• Use HTTPS only: Ensure all webhook URLs use encrypted connections
• Implement proper access controls: Limit who can view sensitive user information
• Monitor webhook activity: Regularly review webhook events for suspicious patterns

​

Congratulations! 🎉

You’ve successfully set up real-time authentication event tracking and alerting between Clerk and HookFlo in just a few minutes. Your team can now receive immediate notifications about important user events, helping you respond quickly to critical situations.

Need more help? Contact our support team or join our Discord forum or DM me directly on X.