fix(clerk-js): reset Core 3 OAuth retry state

[jacekradko]

Fixes SDK-75.

signIn.__internal_future.sso() reused an existing sign-in resource any time one had an id. After a user backed out of an OAuth provider (browser back button on Google's consent screen), the resource still held the previous provider's externalVerificationRedirectURL, so a later click on a different provider sent them back to the original consent screen.

The fix scopes reuse to enterprise SSO only, where it's needed for ticket-based and identifier-discovery flows that compose ticket() → sso() against a single sign-in resource. OAuth strategies always start fresh now, which closes the cross-provider regression. Also resets the async resource fetch status when restoring a pending task from BFCache, which was leaving subsequent attempts stuck.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	May 7, 2026 6:26pm

[changeset-bot]

🦋 Changeset detected

Latest commit: 67452e8

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@clerk/clerk-js	Patch
@clerk/chrome-extension	Patch
@clerk/expo	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This pull request addresses Core 3 OAuth retry routing in @clerk/clerk-js. The changes modify the SignIn.sso flow to update redirect URLs when using popup-based authentication with wrapped routes, and expand the condition triggering the resource creation step to include cases where the resource ID is absent, the strategy is not enterprise_sso, or the first-factor verification is unverified. A corresponding test scenario is added to verify the OAuth sign-in retry flow after an abandoned provider redirect, along with updated mocks for popup-based authentication behavior. A changeset file documents the patch release.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: fixing OAuth retry state in Core 3 by creating fresh sign-in attempts after abandoned redirects.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The pull request description clearly describes the issue being fixed (OAuth sign-in stuck after browser back button) and the specific changes made to address it.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@8494

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@8494

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@8494

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@8494

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@8494

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@8494

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@8494

@clerk/express

npm i https://pkg.pr.new/@clerk/express@8494

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@8494

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@8494

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@8494

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@8494

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@8494

@clerk/react

npm i https://pkg.pr.new/@clerk/react@8494

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@8494

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@8494

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8494

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@8494

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@8494

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@8494

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@8494

commit: 67452e8