feat(ui): Special handling of offline_access scope in OAuth Consent screen

[jfoshee]

Description

This PR introduces special handling for the offline_access OAuth scope on the consent screen.

See discussion.

The offline_access scope is now:

• Excluded from the list of displayed scopes, as it describes access duration rather than specific permissions.
• Indicated by an additional sentence ("You’ll stay signed in until you sign out or revoke access.") appended to the redirect information text when present.

The sandbox environment has been updated to facilitate testing of these changes.

Part of USER-4333

With offline_access:

Without offline_access:

Sandbox demo URL:

http://localhost:4000/oauth-consent?
  scopes=email,profile,offline_access&
  oauth-application-name=My%20App&
  redirect_uri=https://example.com/callback&
  logo-url=https://example.com/logo.png&
  app-url=https://example.com

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

---

 

Summary by CodeRabbit

• New Features
  • Enhanced OAuth consent screens with detailed scope descriptions explaining what user data access each permission grants
  • Improved user experience with additional messaging about staying signed in when offline access permissions are included in consent requests

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[changeset-bot]

🦋 Changeset detected

Latest commit: 462f4be

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@clerk/ui	Minor
@clerk/chrome-extension	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Jan 21, 2026 3:21pm

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request adds support for the offline_access scope in the OAuth consent flow. The changes modify the scopes mapping to include description and requires_consent fields for each scope, with the description set to null specifically for offline_access. The UI component is updated to filter offline_access from the displayed scope list while tracking its presence and conditionally displaying an informational note when it is included in the OAuth request.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: special handling for the offline_access scope in the OAuth Consent UI component.
Linked Issues check	✅ Passed	The PR addresses USER-4333 by making offline_access a supported scope and providing appropriate UI handling without altering core behavior.
Out of Scope Changes check	✅ Passed	All changes are scoped to OAuth offline_access handling: sandbox testing setup, UI component filtering, and conditional messaging. No unrelated modifications detected.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[jacekradko]

Looks good. We need to add some tests for the OAuthConsent component in the future though

[jfoshee]

We need to add some tests for the OAuthConsent component in the future though

Agree. Thanks @jacekradko

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7627

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7627

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7627

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7627

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7627

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7627

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@7627

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7627

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7627

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7627

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7627

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7627

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7627

@clerk/react

npm i https://pkg.pr.new/@clerk/react@7627

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7627

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7627

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7627

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7627

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@7627

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7627

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7627

commit: 462f4be