Skip to content

docs(backend): note M2MToken timestamps are in milliseconds#9122

Merged
wobsoriano merged 2 commits into
mainfrom
ss/m2m-token-timestamps-ms
Jul 10, 2026
Merged

docs(backend): note M2MToken timestamps are in milliseconds#9122
wobsoriano merged 2 commits into
mainfrom
ss/m2m-token-timestamps-ms

Conversation

@SarahSoutoul

@SarahSoutoul SarahSoutoul commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Description

Clarify in the M2MToken JSDoc that expiration, createdAt, and updatedAt are Unix timestamps in milliseconds (not seconds). The constructor already converts JWT exp/iat claims via * 1000, so the values are milliseconds; only the doc comments were ambiguous.

Checklist

  • pnpm test runs as expected.
  • pnpm build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

Summary by CodeRabbit

Summary by CodeRabbit

  • Documentation
    • Clarified that machine-to-machine token and related OAuth/API key timestamp fields (expiration, createdAt, lastUsedAt, updatedAt) are Unix timestamps expressed in milliseconds.
    • Updated the existing release notes to reflect this documentation clarification.

Clarify in the `M2MToken` JSDoc that `expiration`, `createdAt`, and
`updatedAt` are Unix timestamps in milliseconds (not seconds). The
constructor already converts JWT `exp`/`iat` claims via `* 1000`, so
the values are milliseconds; only the doc comments were ambiguous.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@SarahSoutoul SarahSoutoul self-assigned this Jul 10, 2026
@changeset-bot

changeset-bot Bot commented Jul 10, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: d709d0c

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 10 packages
Name Type
@clerk/backend Patch
@clerk/astro Patch
@clerk/express Patch
@clerk/fastify Patch
@clerk/hono Patch
@clerk/nextjs Patch
@clerk/nuxt Patch
@clerk/react-router Patch
@clerk/tanstack-react-start Patch
@clerk/testing Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel

vercel Bot commented Jul 10, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
clerk-js-sandbox Ready Ready Preview, Comment Jul 10, 2026 8:20pm
swingset Ready Ready Preview, Comment Jul 10, 2026 8:20pm

Request Review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Repository UI (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: 36930130-9944-4db3-a764-dc7af65cfbfe

📥 Commits

Reviewing files that changed from the base of the PR and between ac6d46e and d709d0c.

📒 Files selected for processing (3)
  • .changeset/m2m-token-timestamp-units.md
  • packages/backend/src/api/resources/APIKey.ts
  • packages/backend/src/api/resources/IdPOAuthAccessToken.ts
✅ Files skipped from review due to trivial changes (2)
  • packages/backend/src/api/resources/APIKey.ts
  • packages/backend/src/api/resources/IdPOAuthAccessToken.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • .changeset/m2m-token-timestamp-units.md

📝 Walkthrough

Walkthrough

Clarifies that timestamp fields in M2MToken, APIKey, and IdPOAuthAccessToken use Unix timestamps in milliseconds, and adds a patch changeset for @clerk/backend.

Changes

Timestamp unit documentation

Layer / File(s) Summary
Clarify timestamp units
packages/backend/src/api/resources/M2MToken.ts, packages/backend/src/api/resources/APIKey.ts, packages/backend/src/api/resources/IdPOAuthAccessToken.ts, .changeset/m2m-token-timestamp-units.md
Updates JSDoc for relevant timestamp fields to specify Unix milliseconds and records the backend patch changeset.

Estimated code review effort: 1 (Trivial) | ~3 minutes

Poem

I’m a rabbit with timestamps bright,
Milliseconds now hop into sight.
Three token docs wear a clearer tune,
A patch release follows soon.
Hop, hop—precision blooms!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: backend docs clarifying M2MToken timestamps are in milliseconds.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch

Comment @coderabbitai help to get the list of available commands.

@pkg-pr-new

pkg-pr-new Bot commented Jul 10, 2026

Copy link
Copy Markdown

Open in StackBlitz

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@9122

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@9122

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@9122

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@9122

@clerk/electron

npm i https://pkg.pr.new/@clerk/electron@9122

@clerk/electron-passkeys

npm i https://pkg.pr.new/@clerk/electron-passkeys@9122

@clerk/eslint-plugin

npm i https://pkg.pr.new/@clerk/eslint-plugin@9122

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@9122

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@9122

@clerk/express

npm i https://pkg.pr.new/@clerk/express@9122

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@9122

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@9122

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@9122

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@9122

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@9122

@clerk/react

npm i https://pkg.pr.new/@clerk/react@9122

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@9122

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@9122

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@9122

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@9122

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@9122

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@9122

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@9122

commit: d709d0c

@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

API Changes Report

Generated by Break Check on 2026-07-10T20:22:12.335Z

Summary

Metric Count
Packages analyzed 19
Packages with changes 0
🔴 Breaking changes 0
🟡 Non-breaking changes 0
🟢 Additions 0

No API Changes Detected

All packages have stable APIs with no detected changes.


Report generated by Break Check

Last ran on d709d0c.

@wobsoriano wobsoriano left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks!

…milliseconds

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@manovotny

Copy link
Copy Markdown
Contributor

Pushed one commit directly in d709d0c — extended the same clarification to the sibling machine-auth resources, which have the identical ambiguity:

  • APIKey: added "(in milliseconds)" to the expiration, lastUsedAt, createdAt, and updatedAt JSDoc
  • IdPOAuthAccessToken: those fields had no JSDoc at all, so added matching comments
  • Updated the changeset to mention all three resources

Both verified against the backing service the same way as M2MToken (same opaque-token store, ms-based expiry check, 13-digit test fixtures). If you'd rather keep this PR strictly M2M-scoped, feel free to drop the commit and I'll split it out.

@manovotny

Copy link
Copy Markdown
Contributor

@wobsoriano I don't think @SarahSoutoul or I have permissions to merge in this repo. Can you mash the button for us or grant us permission?

CleanShot 2026-07-10 at 15 34 00@2x

@wobsoriano wobsoriano merged commit 1a19409 into main Jul 10, 2026
53 checks passed
@wobsoriano wobsoriano deleted the ss/m2m-token-timestamps-ms branch July 10, 2026 20:45
@wobsoriano

Copy link
Copy Markdown
Member

@wobsoriano I don't think @SarahSoutoul or I have permissions to merge in this repo. Can you mash the button for us or grant us permission?

CleanShot 2026-07-10 at 15 34 00@2x

Merged! I do not have powers to grant permissions 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants