fix(react): Fix stale SSR state during cross-tab sign-out

[bratsos]

Description

When a user signs out in one browser tab, other tabs viewing protected pages hang instead of redirecting to the sign-in page. The page remains stuck showing stale authentication data even though the session has been terminated.

Reproduction:

• Open two tabs, both authenticated and viewing a protected page
• Sign out in Tab 2 using UserButton
• Tab 1 should detect the sign-out and redirect to sign-in
• Bug: Tab 1 hangs showing stale session data instead of redirecting

Root Cause

The bug is in how useAuthBase decides which authentication state to return. When the page initially loads from the server, it includes a snapshot of the auth state at that moment (initialState). This snapshot is frozen and never updates - it's purely for hydration during the initial render.

The problem occurs during cross-tab sign-out: when Clerk detects the sign-out in another tab, it clears its client-side resources but is still in a "loaded" state. The old logic used an OR condition that would fall back to the frozen server snapshot whenever resources were unavailable, even though the SDK was fully loaded and operational. This meant the code would return stale authentication data from the server (showing the user as signed in) instead of the current reality (user is signed out). Protected routes would see this stale data and fail to redirect.

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

Summary by CodeRabbit

• Bug Fixes

  • Fixed cross-tab sign-out so all active tabs reliably redirect to sign-in, preventing navigation hangs and use of stale session data after sign-out.
  • Improved state initialization to avoid falling back to outdated session snapshots.

• Tests

  • Added an end-to-end test to verify cross-tab sign-out behavior and prevent regressions.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Feb 17, 2026 5:36pm

[changeset-bot]

🦋 Changeset detected

Latest commit: f861ecc

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 6 packages

Name	Type
@clerk/react	Patch
@clerk/chrome-extension	Patch
@clerk/expo	Patch
@clerk/nextjs	Patch
@clerk/react-router	Patch
@clerk/tanstack-react-start	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7865

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7865

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7865

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7865

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7865

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7865

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@7865

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7865

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7865

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7865

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@7865

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7865

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7865

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7865

@clerk/react

npm i https://pkg.pr.new/@clerk/react@7865

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7865

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7865

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7865

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7865

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@7865

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7865

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7865

commit: f861ecc

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a Playwright integration test that verifies cross-tab sign-out: one tab signs out while another is on a protected page and the remaining tab is redirected to sign-in via BroadcastChannel. Refactors useAuthBase state initialization to introduce explicit loaded and hasResources checks, stop falling back to SSR initialState once resources are present, and return undefined when loaded with no resources to avoid stale state. Adds a changeset entry describing the fix for navigation hangs on cross-tab sign-out.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main change: fixing stale SSR state during cross-tab sign-out, which is the primary issue addressed in the PR.
Linked Issues check	✅ Passed	The PR directly addresses USER-4721 by fixing the navigation hang that occurred when signing out in one tab. The code changes prevent stale SSR state from being returned, resolving the reproduction scenario described in the issue.
Out of Scope Changes check	✅ Passed	All changes are directly related to fixing the stale SSR state issue: the test validates cross-tab sign-out behavior, useAuthBase changes fix the root cause, and the changeset documents the fix.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

.changeset/dry-mangos-fail.md (1)

5-5: Consider adding cross-tab scenario context.

The description is clear and technically accurate. For enhanced user understanding, you could optionally mention the specific cross-tab scenario (e.g., "when signing out in one browser tab while other tabs remain open").

📝 Optional enhancement for user clarity

-Fix navigation hang on cross-tab sign-out by preventing stale SSR state from being used after sign-out detection.
+Fix navigation hang when signing out in one browser tab while other authenticated tabs remain open, by preventing stale SSR state from being used after sign-out detection.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.changeset/dry-mangos-fail.md at line 5, Update the changeset description
"Fix navigation hang on cross-tab sign-out by preventing stale SSR state from
being used after sign-out detection." to explicitly mention the cross-tab
scenario (for example: "when signing out in one browser tab while other tabs
remain open") so users immediately understand the context; keep the technical
explanation about preventing stale SSR state after sign-out detection (the
existing phrase) and append a short example clause referencing the cross-tab
sign-out behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.changeset/dry-mangos-fail.md:
- Line 5: Update the changeset description "Fix navigation hang on cross-tab
sign-out by preventing stale SSR state from being used after sign-out
detection." to explicitly mention the cross-tab scenario (for example: "when
signing out in one browser tab while other tabs remain open") so users
immediately understand the context; keep the technical explanation about
preventing stale SSR state after sign-out detection (the existing phrase) and
append a short example clause referencing the cross-tab sign-out behavior.

[jacekradko]

@bratsos I am wondering if other hooks like useUserBase for example have the same issue of returning stale initialState ?