oaknational/clerk-orgs
.agents/skills/clerk-orgs/SKILL.md
Clerk Organizations for B2B SaaS - create multi-tenant apps with org switching, role-based access, verified domains, and enterprise SSO. Use for team workspaces, RBAC, org-based routing, member management.
$ install --global
skillsauthnpx skillsauth add oaknational/oak-open-curriculum-ecosystem clerk-orgsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 9:51 PM7.0s2 files scanned
SKILL.md
- name:
- clerk-orgs
- description:
- Clerk Organizations for B2B SaaS - create multi-tenant apps with org switching, role-based access, verified domains, and enterprise SSO. Use for team workspaces, RBAC, org-based routing, member management.
- allowed-tools:
- WebFetch
- license:
- MIT
- author:
- clerk
- version:
- 1.0.0
Organizations (B2B SaaS)
Prerequisite: Enable Organizations in Clerk Dashboard first.
Quick Start
- Create an organization via dashboard or through Clerk API
- Use OrganizationSwitcher to let users switch between orgs
- Protect routes using orgSlug from URL and role checks
Documentation Reference
| Task | Link | | -------------------- | -------------------------------------------------------------------------------- | | Overview | https://clerk.com/docs/guides/organizations/overview | | Org slugs in URLs | https://clerk.com/docs/guides/organizations/org-slugs-in-urls | | Roles & permissions | https://clerk.com/docs/guides/organizations/control-access/roles-and-permissions | | Check access | https://clerk.com/docs/guides/organizations/control-access/check-access | | Invitations | https://clerk.com/docs/guides/organizations/add-members/invitations | | OrganizationSwitcher | https://clerk.com/docs/reference/components/organization/organization-switcher | | Verified domains | https://clerk.com/docs/guides/organizations/verified-domains | | Enterprise SSO | https://clerk.com/docs/guides/organizations/add-members/sso |
Key Patterns
1. Get Organization from Auth
Server-side access to organization:
import { auth } from '@clerk/nextjs/server';
const { orgId, orgSlug } = await auth();
console.log(`Current org: ${orgSlug}`);
2. Dynamic Routes with Org Slug
Create routes that accept org slug:
app/orgs/[slug]/page.tsx
app/orgs/[slug]/settings/page.tsx
Access the slug:
export default function DashboardPage({ params }: { params: { slug: string } }) {
return <div>Organization: {params.slug}</div>
}
3. Check Organization Membership
Verify user has access to specific org:
import { auth } from '@clerk/nextjs/server'
export default async function ProtectedPage() {
const { orgId, orgSlug } = await auth()
if (!orgId) {
return <div>Not in an organization</div>
}
return <div>Welcome to {orgSlug}</div>
}
4. Role-Based Access Control
Check if user has specific role:
const { has } = await auth()
if (!has({ role: 'org:admin' })) {
return <div>Admin access required</div>
}
5. OrganizationSwitcher Component
Let users switch between organizations:
import { OrganizationSwitcher } from '@clerk/nextjs'
export default function Nav() {
return (
<header>
<h1>Dashboard</h1>
<OrganizationSwitcher />
</header>
)
}
Default Roles
All new members get assigned a role:
| Role | Permissions |
| ------------ | ------------------------------------- |
| org:admin | Full access, manage members, settings |
| org:member | Limited access, read-only |
Custom roles can be created in the dashboard.
Default Permissions
| Permission | Role |
| --------------------- | ------------------------------------------ |
| org:create | Can create new organizations |
| org:manage_members | Can invite/remove members (default: admin) |
| org:manage_roles | Can change member roles (default: admin) |
| org:update_metadata | Can update org metadata (default: admin) |
Authorization Pattern
Complete example protecting a route:
import { auth } from '@clerk/nextjs/server'
import { redirect } from 'next/navigation'
export default async function AdminPage({ params }: { params: { slug: string } }) {
const { orgSlug, has } = await auth()
// Verify user is in the org
if (orgSlug !== params.slug) {
redirect('/dashboard')
}
// Check if admin
if (!has({ role: 'org:admin' })) {
redirect(`/orgs/${orgSlug}`)
}
return <div>Admin settings for {orgSlug}</div>
}
Common Pitfalls
| Symptom | Cause | Solution |
| ----------------------------- | -------------------------------- | ------------------------------------------- |
| orgSlug is undefined | Not calling await auth() | Use const { orgSlug } = await auth() |
| Role check always fails | Not awaiting auth() | Add await before auth() |
| Users can access other orgs | Not checking orgSlug matches URL | Verify orgSlug === params.slug |
| Org not appearing in switcher | Organizations not enabled | Enable in Clerk Dashboard → Organizations |
| Invitations not working | Wrong role configuration | Ensure members have invite role permissions |
Workflow
- Setup - Enable Organizations in Clerk Dashboard
- Create org - Users create org or admin creates via API
- Add members - Send invitations or add directly
- Assign roles - Default member role, promote to admin as needed
- Build protected routes - Use auth() to check orgSlug and roles
- Use OrganizationSwitcher - Let users switch between orgs
Related Skills
oaknational/worktrees
tools
VerifiedTrustedCommunity
When and how to use git worktrees for isolated work.
3SKILL.mdUpdated Apr 15, 2026
oaknational/tsdoc
documentation
VerifiedTrustedCommunity
TSDoc and documentation workflow for canonical source comments, README updates, and ADR touchpoints.
3SKILL.mdUpdated Apr 15, 2026
oaknational/systematic-debugging
development
VerifiedTrustedCommunity
Structured debugging workflow: reproduce, isolate, hypothesise, verify, fix, regression test.
3SKILL.mdUpdated Apr 15, 2026
oaknational/start-right-thorough
data-ai
VerifiedTrustedCommunity
Load the shared thorough start-right workflow from `.agent/skills/start-right-thorough/shared/start-right-thorough.md`.
3SKILL.mdUpdated Apr 15, 2026