Menu
I am trying to set up some access control for a project build with NextJs and Clerk.
The plan is to set up the middleware so that I can control which routes they can access based on their role or organization.
I created a user and two organizations, member in one and Admin in another, no custom roles.
If I have this in the middleware:
export default clerkMiddleware(async (auth, request) => {
const resolvedAuth = await auth();
console.log('auth', resolvedAuth);
})
I can get the userId in the console log, but orgId and orgRole are undefined.
I also tried using the has({role: 'Admin'}) helper functions for roles or permissions, but it always returns false. I also tried with custom roles.
Everywhere I look it says I should use the authMiddleware(), but its deprecated.
Thanks for any help! also, if you could give me an opinion about this approach to access control that would be helpful.
889
May be different as my users are only able to be part of one organization, but I am able to get org_name and org_role from sessionClaims this way. Note, I edited my session token in the CLerk Dashboard (Configure -> Sessions -> Customize session token).
export default clerkMiddleware(
async (auth, req) => {
// Add your middleware checks
const { sessionClaims, has, redirectToSignIn } = await auth();
if (!sessionClaims) {
return redirectToSignIn();
}
const {org_name, org_role} = sessionClaims;
},
{ debug: true },
)
answered Dec 19 '25 13:12
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With