From dae5e7e37391a26ce40a41efb0fcbb9174205d20 Mon Sep 17 00:00:00 2001 From: Roy Anger Date: Wed, 4 Dec 2024 14:47:39 -0500 Subject: [PATCH 1/6] feat: Add faq section to help address some common questions --- docs/references/chrome-extension/overview.mdx | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index df84258fed..dd13cef6f0 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -52,3 +52,19 @@ See [the Chrome Extension deployment guide](/docs/deployments/deploy-chrome-exte ## Configure a consistent CRX ID A Chrome Extension can be identified by its unique CRX ID, similar to how a website can be identified by its domain. The CRX ID rotates by default, which can cause errors with the Clerk integration. [Learn how to configure a consistent CRX ID](/docs/references/chrome-extension/configure-consistent-crx-id) so that your extension will have a stable, unchanging key. + +## Frequently asked questions (FAQ) + +### Can I use Clerk in a content script? + +No, unfortunately not. Clerk has strict security restrictions on the allowed origin for requests from the application or extension to Clerk's API. A content script could run on any domain so there is no to enforce origin restrictons. + +### Why can I not use OAuth, SAML or Email Links with the extension popup or side panel? + +OAuth and SAML require a redirect back from the IDP, and at this time this rediret is not supported. + +Email Linka require the popup to remain open while viewing the email, copying the link and then returning to the popup to paste. As soon as a user clicks anything outside of the popup it will close and reset the sign-in status. + +### Why are options like Google One Tap or Web3 not available in a popup or side panel? + +Chrome Extensions can not load code from a remote source. Google One Tap, Web3 and some other options require loading remote code to work. We have removed this code from the Chrome Extension SDK to prevent the Chrome Web Store from rejecting extentions. From 6d2e0566602524fac9a62c908ac225fd07c9514c Mon Sep 17 00:00:00 2001 From: Roy Anger Date: Thu, 5 Dec 2024 15:48:50 -0500 Subject: [PATCH 2/6] fix: Formatting --- docs/references/chrome-extension/overview.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index dd13cef6f0..9547595bba 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -61,7 +61,7 @@ No, unfortunately not. Clerk has strict security restrictions on the allowed ori ### Why can I not use OAuth, SAML or Email Links with the extension popup or side panel? -OAuth and SAML require a redirect back from the IDP, and at this time this rediret is not supported. +OAuth and SAML require a redirect back from the IDP, and at this time this rediret is not supported. Email Linka require the popup to remain open while viewing the email, copying the link and then returning to the popup to paste. As soon as a user clicks anything outside of the popup it will close and reset the sign-in status. From f4d741581da579d25dd77aceb9d2979a8e772ac0 Mon Sep 17 00:00:00 2001 From: vi Date: Wed, 11 Dec 2024 17:10:26 -0500 Subject: [PATCH 3/6] update --- docs/references/chrome-extension/overview.mdx | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index 9547595bba..8d408f0f43 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -57,6 +57,7 @@ A Chrome Extension can be identified by its unique CRX ID, similar to how a webs ### Can I use Clerk in a content script? +<<<<<<< Updated upstream No, unfortunately not. Clerk has strict security restrictions on the allowed origin for requests from the application or extension to Clerk's API. A content script could run on any domain so there is no to enforce origin restrictons. ### Why can I not use OAuth, SAML or Email Links with the extension popup or side panel? @@ -68,3 +69,16 @@ Email Linka require the popup to remain open while viewing the email, copying th ### Why are options like Google One Tap or Web3 not available in a popup or side panel? Chrome Extensions can not load code from a remote source. Google One Tap, Web3 and some other options require loading remote code to work. We have removed this code from the Chrome Extension SDK to prevent the Chrome Web Store from rejecting extentions. +======= +Unfortunately, no. Clerk has strict security restrictions on the allowed origins for requests from the application or extension to Clerk's API. Since a content script could run on any domain, there is no way to enforce origin restrictions. + +### Why can't I use OAuth, SAML, or Email Links with the extension popup or side panel? + +OAuth and SAML require a redirect back from the Identity Provider (IdP), which is not currently supported in popups or side panels. + +Email Links require the popup to remain open while the user checks their email, copies the link, and returns to paste it. Since popups close as soon as a user clicks outside of them, this flow is not possible. The sign-in status resets when the popup closes. + +### Why aren't options like Google One Tap or Web3 available in a popup or side panel? + +Chrome Extensions can't load code from remote sources. Features like Google One Tap, Web3, and some other authentication options require loading remote code to function. This functionality is removed from the Chrome Extension SDK to ensure extensions using Clerk are not rejected by the Chrome Web Store. +>>>>>>> Stashed changes From 666d829f58b973d1cf62544ebae279d26ba2ce90 Mon Sep 17 00:00:00 2001 From: vi Date: Wed, 11 Dec 2024 17:11:18 -0500 Subject: [PATCH 4/6] update --- docs/references/chrome-extension/overview.mdx | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index 95f28ecd3a..c8c9f819ed 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -57,7 +57,6 @@ A Chrome Extension can be identified by its unique CRX ID, similar to how a webs ### Can I use Clerk in a content script? -<<<<<<< Updated upstream No, unfortunately not. Clerk has strict security restrictions on the allowed origin for requests from the application or extension to Clerk's API. A content script could run on any domain so there is no to enforce origin restrictons. ### Why can I not use OAuth, SAML or Email Links with the extension popup or side panel? @@ -69,16 +68,3 @@ Email Linka require the popup to remain open while viewing the email, copying th ### Why are options like Google One Tap or Web3 not available in a popup or side panel? Chrome Extensions can not load code from a remote source. Google One Tap, Web3 and some other options require loading remote code to work. We have removed this code from the Chrome Extension SDK to prevent the Chrome Web Store from rejecting extentions. -======= -Unfortunately, no. Clerk has strict security restrictions on the allowed origins for requests from the application or extension to Clerk's API. Since a content script could run on any domain, there is no way to enforce origin restrictions. - -### Why can't I use OAuth, SAML, or Email Links with the extension popup or side panel? - -OAuth and SAML require a redirect back from the Identity Provider (IdP), which is not currently supported in popups or side panels. - -Email Links require the popup to remain open while the user checks their email, copies the link, and returns to paste it. Since popups close as soon as a user clicks outside of them, this flow is not possible. The sign-in status resets when the popup closes. - -### Why aren't options like Google One Tap or Web3 available in a popup or side panel? - -Chrome Extensions can't load code from remote sources. Features like Google One Tap, Web3, and some other authentication options require loading remote code to function. This functionality is removed from the Chrome Extension SDK to ensure extensions using Clerk are not rejected by the Chrome Web Store. ->>>>>>> Stashed changes From 1275329a6938a6ecda4b548385e9670ad784451c Mon Sep 17 00:00:00 2001 From: vi Date: Thu, 12 Dec 2024 10:42:34 -0500 Subject: [PATCH 5/6] fix --- docs/references/chrome-extension/overview.mdx | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index c8c9f819ed..1954ddfccd 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -57,14 +57,15 @@ A Chrome Extension can be identified by its unique CRX ID, similar to how a webs ### Can I use Clerk in a content script? -No, unfortunately not. Clerk has strict security restrictions on the allowed origin for requests from the application or extension to Clerk's API. A content script could run on any domain so there is no to enforce origin restrictons. +Unfortunately, no. Clerk has strict security restrictions on the allowed origins for requests from the application or extension to Clerk's API. Since a content script could run on any domain, there is no way to enforce origin restrictions. -### Why can I not use OAuth, SAML or Email Links with the extension popup or side panel? +### Why can't I use OAuth, SAML, or Email Links with the extension popup or side panel? -OAuth and SAML require a redirect back from the IDP, and at this time this rediret is not supported. +OAuth and SAML require a redirect back from the Identity Provider (IdP), which is not currently supported in popups or side panels. -Email Linka require the popup to remain open while viewing the email, copying the link and then returning to the popup to paste. As soon as a user clicks anything outside of the popup it will close and reset the sign-in status. +Email Links require the popup to remain open while the user checks their email, copies the link, and returns to paste it. Since popups close as soon as a user clicks outside of them, this flow is not possible. The sign-in status resets when the popup closes. -### Why are options like Google One Tap or Web3 not available in a popup or side panel? +### Why aren't options like Google One Tap or Web3 available in a popup or side panel? + +Chrome Extensions can't load code from remote sources. Features like Google One Tap, Web3, and some other authentication options require loading remote code to function. This functionality is removed from the Chrome Extension SDK to ensure extensions using Clerk are not rejected by the Chrome Web Store. -Chrome Extensions can not load code from a remote source. Google One Tap, Web3 and some other options require loading remote code to work. We have removed this code from the Chrome Extension SDK to prevent the Chrome Web Store from rejecting extentions. From bb41afcd8837f030d8eacb1b42bc7703329971f9 Mon Sep 17 00:00:00 2001 From: vi Date: Thu, 12 Dec 2024 10:44:28 -0500 Subject: [PATCH 6/6] lint --- docs/references/chrome-extension/overview.mdx | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/references/chrome-extension/overview.mdx b/docs/references/chrome-extension/overview.mdx index 1954ddfccd..992d897d24 100644 --- a/docs/references/chrome-extension/overview.mdx +++ b/docs/references/chrome-extension/overview.mdx @@ -68,4 +68,3 @@ Email Links require the popup to remain open while the user checks their email, ### Why aren't options like Google One Tap or Web3 available in a popup or side panel? Chrome Extensions can't load code from remote sources. Features like Google One Tap, Web3, and some other authentication options require loading remote code to function. This functionality is removed from the Chrome Extension SDK to ensure extensions using Clerk are not rejected by the Chrome Web Store. -