From 18784038846ebb2ef2b1bb75a7a69bca55275b9f Mon Sep 17 00:00:00 2001 From: Nikos Douvlis Date: Wed, 18 Mar 2026 15:16:32 +0200 Subject: [PATCH] feat(clerk-js): Send force_origin on skipCache token requests When getToken({ skipCache: true }) is called, send force_origin=true in the query string. This tells the FAPI Proxy to route directly to origin instead of Session Minter, preserving the skipCache contract of always returning authoritative DB-minted tokens. --- .changeset/session-minter-force-origin.md | 5 +++++ packages/clerk-js/src/core/resources/Session.ts | 6 +++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 .changeset/session-minter-force-origin.md diff --git a/.changeset/session-minter-force-origin.md b/.changeset/session-minter-force-origin.md new file mode 100644 index 00000000000..734aa3a8a70 --- /dev/null +++ b/.changeset/session-minter-force-origin.md @@ -0,0 +1,5 @@ +--- +'@clerk/clerk-js': patch +--- + +Send `force_origin=true` query param on `/tokens` requests when `skipCache` is true, so FAPI Proxy routes to origin instead of Session Minter. diff --git a/packages/clerk-js/src/core/resources/Session.ts b/packages/clerk-js/src/core/resources/Session.ts index ea5e796dbb8..20b2221fd21 100644 --- a/packages/clerk-js/src/core/resources/Session.ts +++ b/packages/clerk-js/src/core/resources/Session.ts @@ -483,7 +483,11 @@ export class Session extends BaseResource implements SessionResource { const params: Record = template ? {} : { organizationId: organizationId ?? null }; const lastActiveToken = this.lastActiveToken?.getRawString(); - const tokenResolver = Token.create(path, params, skipCache ? { debug: 'skip_cache' } : undefined).catch(e => { + const tokenResolver = Token.create( + path, + params, + skipCache ? { debug: 'skip_cache', force_origin: 'true' } : undefined, + ).catch(e => { if (MissingExpiredTokenError.is(e) && lastActiveToken) { return Token.create(path, { ...params }, { expired_token: lastActiveToken }); }