Intry

Auth flow

Clerk sessions and how the portal talks to Intry Core.

Overview

The portal delegates identity to Clerk. After sign-in, server components or route handlers exchange the Clerk session for Intry authorization — typically by mapping clerkUserId to a User row in Core.

Components

PieceResponsibility
Clerk middlewareProtects routes, refreshes sessions
Next.js Server Actions / Route HandlersCall Core with service or user-scoped credentials
Core UserMust contain matching clerkUserId for PM/resident accounts

Environment variables

Set at minimum:

  • NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
  • CLERK_SECRET_KEY
  • Core base URL + any internal API secret expected by your BFF routes

Never expose Core Unkey keys to the browser — keep them on the server.

Testing

Use Clerk test users and separate Clerk instances per environment. Rotate webhook signing secrets when enabling Clerk webhooks for user sync jobs.

Intry Portal overview

Next.js resident portal with Clerk authentication.

Live access panel

Real-time access activity in the resident portal.

On this page

OverviewComponentsEnvironment variablesTesting