feat(clerk-js): Send previous session token on /tokens requests

[nikosdouvlis]

Why

Session Minter needs the previous session JWT to clone claims at the edge without hitting the DB.

What

Send token (previous session JWT) in the POST body on non-template /tokens requests. Uses conditional spread so the key is absent (not token=) when there's no previous token.

The token param is currently ignored by the backend and will be wired up in PLAT-2471.

Test plan

• Verify token appears in POST body when a previous token exists
• Verify token key is absent on first mint
• Verify token is not sent for template token requests
• Existing token refresh flows still work

Summary by CodeRabbit

• New Features

  • Token refresh now sends the previous session token when available to support Session Minter edge token minting.
  • New configuration flag to enable Session Minter behavior.

• Tests

  • Added tests verifying token refresh requests include the previous token when present, omit it for template-based mints, and preserve sign-in state.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Mar 19, 2026 11:50pm

[changeset-bot]

🦋 Changeset detected

Latest commit: ecdb80a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@clerk/clerk-js	Patch
@clerk/chrome-extension	Patch
@clerk/expo	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4b284890-bfbb-44ac-a876-53af7f29491e

📥 Commits

Reviewing files that changed from the base of the PR and between 469fb9f and ecdb80a.

📒 Files selected for processing (2)

• packages/clerk-js/bundlewatch.config.json
• packages/clerk-js/src/core/resources/__tests__/AuthConfig.test.ts

---

📝 Walkthrough

Walkthrough

Adds session minter support by sending the previous session token in non-template /tokens requests when enabled. Extends AuthConfigJSON with session_minter?: boolean, adds sessionMinter to AuthConfig and AuthConfigResource, updates Session.#createTokenResolver to include lastActiveToken in the request body when sessionMinter is enabled, and adds unit and integration tests plus a changeset entry for a @clerk/clerk-js patch. Also adjusts a bundle size threshold in bundlewatch.config.json.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(clerk-js): Send previous session token on /tokens requests' accurately summarizes the main change: adding logic to send the previous session token in the request body for /tokens endpoints to support Session Minter edge token minting.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@8105

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@8105

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@8105

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@8105

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@8105

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@8105

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@8105

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@8105

@clerk/express

npm i https://pkg.pr.new/@clerk/express@8105

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@8105

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@8105

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@8105

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@8105

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@8105

@clerk/react

npm i https://pkg.pr.new/@clerk/react@8105

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@8105

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@8105

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8105

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@8105

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@8105

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@8105

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@8105

commit: ecdb80a