Skip to content

feat: Implement secure Clerk token retrieval and request attachment #141

New issue
New issue
Open
Open
feat: Implement secure Clerk token retrieval and request attachment#141
Assignees
cenkerenozbek
@paradyo

Description

@paradyo
paradyo
opened on Mar 5, 2026

Description

1 secure token retrieval mechanism must be implemented in the React Native client to obtain Clerk session tokens after authentication. Retrieved tokens must be stored securely using Expo secure storage or an equivalent secure storage mechanism. All API requests must automatically include the session token through a centralized request interceptor or API client wrapper to ensure authenticated communication with backend services.

Ownership, Timeline, and Effort

Owner: @cenkerenozbek
Given Date: 04-03-2026
Deadline: 08-03-2026 24:00 (end of day, explicitly stated)
Hours: 1
Value: 1
Week: 10

Deliverables

  • Clerk session token retrieval implemented in the React Native client.
  • Secure token storage implemented using Expo secure storage or equivalent mechanism.
  • Centralized API client or request interceptor attaching session tokens to API requests.
  • Verified authenticated API requests including valid Clerk session tokens.
  • Pull request containing implementation merged into the main branch.

Scope Definition

In Scope

  • Retrieve Clerk session tokens after successful authentication.
  • Store session tokens securely using a secure storage mechanism.
  • Implement centralized API request wrapper or interceptor.
  • Attach stored session tokens to outgoing API requests.
  • Verify authenticated API requests include valid session tokens.
  • Submit pull request with token management implementation.

Out of Scope

  • Backend token validation implementation.
  • Role based authorization logic.
  • Token refresh or advanced session lifecycle management.
  • Migration to a different authentication provider.
  • Changes to backend API authentication mechanisms.

Acceptance Criteria

  • Clerk session tokens can be retrieved after successful authentication.
  • Tokens are stored using a secure storage mechanism.
  • Tokens persist across application reloads when session is valid.
  • All API requests automatically include the session token.
  • Authenticated API calls succeed when valid tokens are present.
  • No sensitive tokens are stored in insecure storage locations.
  • Pull request implementing token management is merged into the main branch.

Domain Specific Notes

Engineering considerations:

  • Token storage must use a secure storage mechanism supported by React Native Expo.
  • API requests must consistently include the session token through centralized request handling.

Assumption: Clerk authentication integration and session creation functionality already exist in the application.

Validation and Review Requirements

  • Reviewer verifies tokens are retrieved correctly after authentication.
  • Reviewer verifies tokens are stored using secure storage.
  • Reviewer confirms API requests include session tokens automatically.
  • Reviewer verifies authenticated API requests succeed with valid tokens.
  • Issue is considered Done only when the pull request implementing token management is merged into the main branch.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions