feat(clerk-js,localizations,types): Last authentication strategy

[tmilewski]

Description

Introduces "Last used" to the AIO components:

By default, everything will act as it does now.

Once opted-in, the API will supply the value resulting in last used social providers being pulled to the top and marked as such. If email/phone/username will also be marked appropriately, with the exception of the toggleable email/phone inputs.

USER-3395

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

Summary by CodeRabbit

• New Features

  • Added a "Last used" badge in Sign In/Sign Up to highlight the most recently used authentication method and surface that provider in social buttons.

• Localization

  • Added "Last used" translations across many locales (en, es, fr, de, zh, ja, ko, ru, and more).

• Tests

  • Added integration tests covering undefined, null, OAuth (Google) and email scenarios.

• Chores

  • Relaxed bundle size thresholds, bumped a dev dependency, and removed an obsolete changeset.

[changeset-bot]

🦋 Changeset detected

Latest commit: 925e686

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 22 packages

Name	Type
@clerk/clerk-js	Minor
@clerk/localizations	Patch
@clerk/types	Patch
@clerk/chrome-extension	Patch
@clerk/clerk-expo	Patch
@clerk/clerk-react	Patch
@clerk/agent-toolkit	Patch
@clerk/astro	Patch
@clerk/backend	Patch
@clerk/elements	Patch
@clerk/expo-passkeys	Patch
@clerk/express	Patch
@clerk/fastify	Patch
@clerk/nextjs	Patch
@clerk/nuxt	Patch
@clerk/react-router	Patch
@clerk/remix	Patch
@clerk/shared	Patch
@clerk/tanstack-react-start	Patch
@clerk/testing	Patch
@clerk/themes	Patch
@clerk/vue	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
clerk-js-sandbox	Ready	Preview	Comment	Sep 8, 2025 6:13pm

[coderabbitai]

Walkthrough

Adds "Last used" support: new LastAuthenticationStrategy types and client field, UI badge component and wiring into SignIn/Social buttons, distribution util change, many localization entries, integration tests, appearance key, spacing token, and small tooling/changeset updates.

Changes

Cohort / File(s)	Summary
Types: client & JSON packages/types/src/json.ts, packages/types/src/client.ts	New LastAuthenticationStrategy type; ClientJSON.last_authentication_strategy and ClientResource.lastAuthenticationStrategy added.
Appearance & localization typing packages/types/src/appearance.ts, packages/types/src/localization.ts	Added lastAuthenticationStrategyBadge appearance key and lastAuthenticationStrategy localization key type.
Core client resource packages/clerk-js/src/core/resources/Client.ts	Added lastAuthenticationStrategy property; populated from JSON, serialized in snapshots, reset on destroy.
UI constants & foundations packages/clerk-js/src/ui/common/constants.ts, packages/clerk-js/src/ui/foundations/sizes.ts	Added validLastAuthenticationStrategies per first-factor config; new spacing token 4x5.
Customizables & badge element packages/clerk-js/src/ui/customizables/elementDescriptors.ts, packages/clerk-js/src/ui/elements/Badge.tsx	New appearance key descriptor and LastAuthenticationStrategyBadge component with overlay support.
Form element changes packages/clerk-js/src/ui/elements/Form.tsx	Added isLastAuthenticationStrategy?: boolean prop, plumbed through inputs, renders badge with form-state opacity handling.
SignIn & Social UI packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx, packages/clerk-js/src/ui/elements/SocialButtons.tsx	SignInStart reads client last strategy and marks identifier field; SocialButtons highlights and overlays badge on last-used provider and passes flag to buttons.
Strategy distribution util packages/clerk-js/src/ui/elements/utils.ts	distributeStrategiesIntoRows now accepts lastAuthenticationStrategy and returns { strategyRows, lastAuthenticationStrategyPresent }, moving last-used strategy into leading row when present.
Localizations packages/localizations/src/*	Added lastAuthenticationStrategy translations for many locales; small template update in es-ES; one obsolete changeset deleted.
Tests integration/tests/last-authentication-strategy.test.ts	New integration tests covering undefined/null and specific last-auth strategy scenarios, asserting badge visibility and social button layout.
Tooling / changeset .changeset/neat-women-love.md, packages/clerk-js/bundlewatch.config.json, packages/clerk-js/package.json	New changeset; relaxed bundlewatch maxSize entries; bumped devDependency @rspack/plugin-react-refresh.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant U as User
  participant B as Browser UI
  participant C as ClerkJS Client
  participant API as /v1/client

  U->>B: Open Sign In/Sign Up
  B->>C: Initialize client
  C->>API: GET /v1/client
  API-->>C: { ..., last_authentication_strategy }
  C-->>B: client.lastAuthenticationStrategy set

  rect #f0f8ff
  note right of B: Render logic uses lastAuthenticationStrategy
  B->>B: SignInStart checks validLastAuthenticationStrategies
  B->>B: SocialButtons calls distributeStrategiesIntoRows(..., lastAuth)
  B->>B: Render LastAuthenticationStrategyBadge overlay on matching provider/input
  end

Loading

sequenceDiagram
  autonumber
  participant B as Browser UI
  participant Util as distributeStrategiesIntoRows

  B->>Util: (strategies, maxPerRow, lastAuthStrategy)
  alt lastAuthStrategy present
    Util-->>B: { strategyRows: [[last], ...rest], lastAuthenticationStrategyPresent: true }
  else
    Util-->>B: { strategyRows: [...computed], lastAuthenticationStrategyPresent: false }
  end
  B->>B: Compute row lengths and render UI accordingly

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Add “Last used” indicator to AIO components (USER-3395)	✅
Persist and expose lastAuthenticationStrategy on Client (USER-3395)	✅
Render badge on matching social provider and identifier field (USER-3395)	✅
Provide localization key for “Last used” (USER-3395)	✅

Assessment against linked issues: Out-of-scope changes

Code Change	Explanation
Relax bundlewatch maxSize for ./dist/clerk.js and ./dist/ui-common*.legacy.*.js (packages/clerk-js/bundlewatch.config.json)	Tooling/config bump unrelated to USER-3395 feature behavior.
Bump devDependency @rspack/plugin-react-refresh (packages/clerk-js/package.json)	Dev tooling update not required by the feature request.
Delete packages/localizations/src/hideokamoto-changeset.md	Housekeeping removal of an unrelated changeset file; not part of the feature scope.

Poem

I thumped my whiskers on the key,
A tiny badge declared "Last used" for me.
Buttons arranged, the rabbit grins,
A glowing mark where sign-in wins.
Hop—I'm remembered, light as a breeze. 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch tm/user-3395-last-authentication-strategy

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@6722

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@6722

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@6722

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@6722

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@6722

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@6722

@clerk/elements

npm i https://pkg.pr.new/@clerk/elements@6722

@clerk/clerk-expo

npm i https://pkg.pr.new/@clerk/clerk-expo@6722

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@6722

@clerk/express

npm i https://pkg.pr.new/@clerk/express@6722

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@6722

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@6722

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@6722

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@6722

@clerk/clerk-react

npm i https://pkg.pr.new/@clerk/clerk-react@6722

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@6722

@clerk/remix

npm i https://pkg.pr.new/@clerk/remix@6722

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@6722

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@6722

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@6722

@clerk/themes

npm i https://pkg.pr.new/@clerk/themes@6722

@clerk/types

npm i https://pkg.pr.new/@clerk/types@6722

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@6722

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@6722

commit: 925e686

[alexcarpenter]

Looking good!

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

packages/localizations/src/nl-BE.ts (1)

16-16: Switch to nl-BE—also update date/time formatters

Locale id looks good. Align the dates block to 'nl-BE' for consistent CLDR formatting.

-    lastDay: "Gisteren om {{ date | timeString('nl-NL') }}",
-    next6Days: "{{ date | weekday('nl-NL','long') }} om {{ date | timeString('nl-NL') }}",
-    nextDay: "Morgen om {{ date | timeString('nl-NL') }}",
-    numeric: "{{ date | numeric('nl-NL') }}",
-    previous6Days: "Vorige {{ date | weekday('nl-NL','long') }} om {{ date | timeString('nl-NL') }}",
-    sameDay: "Vandaag om {{ date | timeString('nl-NL') }}",
+    lastDay: "Gisteren om {{ date | timeString('nl-BE') }}",
+    next6Days: "{{ date | weekday('nl-BE','long') }} om {{ date | timeString('nl-BE') }}",
+    nextDay: "Morgen om {{ date | timeString('nl-BE') }}",
+    numeric: "{{ date | numeric('nl-BE') }}",
+    previous6Days: "Vorige {{ date | weekday('nl-BE','long') }} om {{ date | timeString('nl-BE') }}",
+    sameDay: "Vandaag om {{ date | timeString('nl-BE') }}",

Also applies to: 183-189

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cf54b46 and 925e686.

📒 Files selected for processing (3)

• packages/localizations/src/hu-HU.ts (1 hunks)
• packages/localizations/src/nl-BE.ts (2 hunks)
• packages/localizations/src/tr-TR.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/localizations/src/hu-HU.ts

🧰 Additional context used

📓 Path-based instructions (7)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use Prettier for consistent code formatting

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

packages/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

TypeScript is required for all packages

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

packages/**/*.{ts,tsx,d.ts}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Packages should export TypeScript types alongside runtime code

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use proper TypeScript error types

**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoid any type - prefer unknown when type is uncertain, then narrow with type guards
Use interface for object shapes that might be extended
Use type for unions, primitives, and computed types
Prefer readonly properties for immutable data structures
Use private for internal implementation details
Use protected for inheritance hierarchies
Use public explicitly for clarity in public APIs
Prefer readonly for properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Use const assertions for literal types: as const
Use satisfies operator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports: import type { ... } from ...
No any types without justification
Proper error handling with typed errors
Consistent use of readonly for immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

packages/localizations/**/*

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Localization files must be placed in 'packages/localizations/'.

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.

Files:

• packages/localizations/src/tr-TR.ts
• packages/localizations/src/nl-BE.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Build Packages
• GitHub Check: semgrep/ci
• GitHub Check: Analyze (javascript-typescript)
• GitHub Check: semgrep-cloud-platform/scan
• GitHub Check: semgrep-cloud-platform/scan

🔇 Additional comments (2)

packages/localizations/src/tr-TR.ts (1)

252-252: LGTM — Turkish phrasing fixed correctly.

“Son kullanılan” reads natural for the badge and aligns with prior feedback. No further changes needed.

packages/localizations/src/nl-BE.ts (1)

252-252: Cross-locale coverage and UI wiring verified
All 53 locale files define lastAuthenticationStrategy, and UI components/tests reference it.

[alexcarpenter]

UI approval