🤖 Track your AI apps.
Use our free template.
ProductPricingUse CasesCustomersDocsBlogStart building
Back to templates

Clerk JWT

Build multi-tenant apps with Clerk and Tinybird

Clerk JWT

This is a template for a Next.js app that uses Clerk for authentication and multi-tenant Tinybird real-time analytics applications.

Getting Started

  1. Create a new Clerk application
  2. Create a new Tinybird workspace
  3. Create an .env file from the .env.example file and fill in the values
  4. Run npm install
  5. Run npm run dev

In Clerk (Dashboard > Configure > JWT templates) choose the Tinybird JWT template:

Modify the claims to your needs:

{
	"name": "frontend_jwt",
	"limits": {
		"rps": 10
	},
	"scopes": [
		{
			"type": "PIPES:READ",
			"resource": "<YOUR-TINYBIRD-PIPE-NAME>",
			"fixed_params": {
				"org": "{{org.slug}}",
				"user": "{{user.id}}"
			}
		}
	],
	"workspace_id": "<YOUR-TINYBIRD-WORKSPACE-ID>"
}
  • Use your Tinybird admin token as signking key.
  • Add as many scopes as needed, use fixed params to filter your Tinybird API endpoints.
  • Configure fixed_params to match the parameter names and values in your Tinybird API endpoints.

Example:

NODE endpoint
SQL >
    SELECT * FROM ds
    WHERE 1
    {% if defined(org) %}
        AND org = {{String(org)}}
    {% end %}
    {% if defined(user) %}
        AND user = {{String(user)}}
    {% end %}


TYPE endpoint

On your application request a token to Clerk using the tinybird template, where tinybird is the name you gave to the template.

  const authentication = await auth()
  const { userId, sessionId, getToken } = authentication
  const token = await getToken({ template: "tinybird" })


  fetch('https://api.tinybird.co/v0/pipes/your_pipe.json', {
  headers: {
    Authorization: `Bearer ${token}`
  }
})

How it works

On Sign In, the app authenticates with Clerk, the middleware picks up the session and creates a multi-tenant Tinybird JWT token using the tinybird JWT template from Clerk, finally adds the token to the response headers to be used by the application.

Use the token to query Tinybird as the authenticated user.

User management

  • Use Clerk to manage users and organizations.
  • Assign organizations to users and define organization permissions.
  • Use those organization permissions to create multi-tenant Tinybird JWT tokens using the fixed_params feature.

Contributing

Please open an issue or submit a pull request.

Support

Join the Tinybird Slack community to get help with your project.

Learn more about Tinybird JWT tokens and Clerk.

Build fast data products, faster.

Try Tinybird and bring your data sources together and enable engineers to build with data in minutes. No credit card required, free to get started.
Start buildingRequest a demo
Logo Tinybird

Product

ProductPricingROI CalculatorSecurityRequest a demo

Company

About UsPartnersShopCareers

Resources

DocsBlogCommunityTemplatesCustomer StoriesTinybird for StartupsRSS FeedNewsletter

Integrations

Apache KafkaConfluent CloudRedpandaGoogle BigQuerySnowflakePostgres Table FunctionAmazon DynamoDBAmazon S3

Use Cases

User-facing dashboardsReal-time Change Data Capture (CDC)Gaming analyticsWeb analyticsReal-time personalizationUser-generated content (UGC) analyticsContent recommendation systemsVector search
All systems operational

Copyright © 2025 Tinybird. All rights reserved

Terms & conditionsCookiesTrust CenterCompliance Helpline