fix(ui): make verify domain step complete when any domain is verified

[iagodahlem]

Description

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

Summary by CodeRabbit

• New Features

  • Updated the SSO setup flow to recognize the domain verification step as complete once any domain is successfully verified.
  • Improved step progression in the setup wizard so later steps unlock more accurately based on current connection and verification status.

• Bug Fixes

  • Fixed cases where the SSO wizard could appear incomplete even after a successful domain verification.
  • Refined reachability and completion states for setup steps to better match the actual setup progress.

[changeset-bot]

🦋 Changeset detected

Latest commit: bdf2fe9

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@clerk/ui	Patch
@clerk/chrome-extension	Patch
@clerk/swingset	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Jun 25, 2026 6:34pm
swingset	Ready	Preview, Comment	Jun 25, 2026 6:34pm

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Repository UI (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: a32f94ca-8212-41db-aca5-38c8bde0e80f

📥 Commits

Reviewing files that changed from the base of the PR and between 34c653a and bdf2fe9.

📒 Files selected for processing (3)

• .changeset/tall-banks-invite.md
• packages/ui/src/components/ConfigureSSO/ConfigureSSOWizard.tsx
• packages/ui/src/components/ConfigureSSO/domain/organizationEnterpriseConnection.ts

---

📝 Walkthrough

Walkthrough

The PR adds a helper for detecting whether any organization domain is verified, updates ConfigureSSOWizard to mark the verify-domain step complete on that condition, and revises later step gating to keep requiring full domain verification.

Changes

Configure SSO domain verification

Layer / File(s)	Summary
Any-domain verification predicate packages/ui/src/components/ConfigureSSO/domain/organizationEnterpriseConnection.ts, .changeset/tall-banks-invite.md	Adds hasAnyOrganizationDomainsVerified and updates the changeset note to describe completion when at least one domain is verified.
Wizard step gating packages/ui/src/components/ConfigureSSO/ConfigureSSOWizard.tsx	Uses the new helper for verify-domain completion and adjusts configure/test/activate reachability and completion checks plus memo dependencies.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• clerk/javascript#8799 — Also touches ConfigureSSOWizard and organizationEnterpriseConnection.ts, with related SSO wizard and domain-flow changes.
• clerk/javascript#8864 — Overlaps with the same wizard state and step-navigation flow affected by the updated gating logic here.

Suggested reviewers

• LauraBeatris

Poem

I hopped by moonlight through the gate,
One verified domain said, “You’re great!”
The wizard twitched and gave a cheer,
While farther steps stayed neatly near. 🐰

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and accurately summarizes the main UI behavior change in the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

---

_{Comment @coderabbitai help to get the list of available commands.}

[github-actions]

API Changes Report

Generated by Break Check on 2026-06-25T18:37:11.965Z

Summary

Metric	Count
Packages analyzed	19
Packages with changes	2
🔴 Breaking changes	5
🟡 Non-breaking changes	2
🟢 Additions	0

Warning
5 breaking change(s) detected - Major version bump required

🤖 This report was reviewed by claude-sonnet-4-6.

🔴 Breaking changes index (5)

Every breaking change, up front. Full diffs are in the package sections below.

Package	Subpath	Change
@clerk/shared	./types	OrganizationDomainOwnershipVerification.status
@clerk/shared	./types	OrganizationDomainOwnershipVerificationJSON.status
@clerk/shared	./types	OrganizationDomainOwnershipVerificationStatus
@clerk/shared	./types	OrganizationDomainOwnershipVerificationStrategy
@clerk/shared	./types	OrganizationDomainVerificationStatus

---

@clerk/shared

Version: 4.22.0 → 4.21.0
Recommended bump: MAJOR

Subpath ./types

🔴 Breaking Changes (5)

Changed: OrganizationDomainOwnershipVerification.status

- status: OrganizationDomainOwnershipVerificationStatus;
+ status: OrganizationDomainVerificationStatus;

Static analyzer: Breaking change in property OrganizationDomainOwnershipVerification.status: Type changed: import("@clerk/shared").OrganizationDomainOwnershipVerificationStatus → import("@clerk/shared").OrganizationDomainVerificationStatus

🤖 AI review (confirmed) (85%): The status property of OrganizationDomainOwnershipVerification changed from OrganizationDomainOwnershipVerificationStatus ('expired'|'unverified'|'verified') to OrganizationDomainVerificationStatus ('unverified'|'verified'), removing the 'expired' variant; consumers who switch/match on 'expired' will have type errors.

Migration: Remove or remap any code that handles the 'expired' status value on OrganizationDomainOwnershipVerification.status, as it is no longer part of the type.

Changed: OrganizationDomainOwnershipVerificationJSON.status

- status: OrganizationDomainOwnershipVerificationStatus;
+ status: OrganizationDomainVerificationStatus;

Static analyzer: Breaking change in property OrganizationDomainOwnershipVerificationJSON.status: Type changed: import("@clerk/shared").OrganizationDomainOwnershipVerificationStatus → import("@clerk/shared").OrganizationDomainVerificationStatus

🤖 AI review (confirmed) (85%): Same narrowing as b73ffcd5d145 but on the JSON variant; OrganizationDomainOwnershipVerificationJSON.status loses the 'expired' variant, breaking consumers who pattern-match on it.

Migration: Remove or remap any code that handles the 'expired' status value on OrganizationDomainOwnershipVerificationJSON.status, as it is no longer part of the type.

Changed: OrganizationDomainOwnershipVerificationStatus

- type OrganizationDomainOwnershipVerificationStatus = 'unverified' | 'verified' | 'expired';

Static analyzer: Removed type alias OrganizationDomainOwnershipVerificationStatus

🤖 AI review (confirmed) (95%): OrganizationDomainOwnershipVerificationStatus is a fully removed export; any consumer that imported or referenced this type alias will fail to compile.

Migration: Replace usages of OrganizationDomainOwnershipVerificationStatus with OrganizationDomainVerificationStatus, and remove handling for the 'expired' value if present.

Changed: OrganizationDomainOwnershipVerificationStrategy

- type OrganizationDomainOwnershipVerificationStrategy = 'txt' | 'legacy' | 'manual_override' | 'parent_domain';
+ type OrganizationDomainOwnershipVerificationStrategy = 'txt' | 'legacy' | 'manual_override';

Static analyzer: Breaking change in type alias OrganizationDomainOwnershipVerificationStrategy: Type changed: 'legacy'|'manual_override'|'parent_domain'|'txt' → 'legacy'|'manual_override'|'txt'

🤖 AI review (confirmed) (90%): OrganizationDomainOwnershipVerificationStrategy lost the 'parent_domain' member; consumers who assign or compare against 'parent_domain' will encounter type errors.

Migration: Remove any code that references or handles the 'parent_domain' strategy value in OrganizationDomainOwnershipVerificationStrategy.

Changed: OrganizationDomainVerificationStatus

- type OrganizationDomainVerificationStatus = 'unverified' | 'verified' | 'failed' | 'expired';
+ type OrganizationDomainVerificationStatus = 'unverified' | 'verified';

Static analyzer: Breaking change in type alias OrganizationDomainVerificationStatus: Type changed: 'expired'|'failed'|'unverified'|'verified' → 'unverified'|'verified'

🤖 AI review (confirmed) (90%): OrganizationDomainVerificationStatus was narrowed from 'expired'|'failed'|'unverified'|'verified' to 'unverified'|'verified', removing 'expired' and 'failed'; consumers who handle those variants will have type errors.

Migration: Remove or remap any code that handles 'expired' or 'failed' values for OrganizationDomainVerificationStatus.

🟡 Non-breaking Changes (1)

Modified: __internal_LocalizationResource

// ... 1297 unchanged lines elided ...
        domainCard: {
          badge__verified: LocalizationValue;
          badge__unverified: LocalizationValue;
-         badge__expired: LocalizationValue;
          verifiedAtLabel: LocalizationValue<'date'>;
-         expiredAtLabel: LocalizationValue<'date'>;
-         expiredLabel: LocalizationValue;
-         verifyAgainButton: LocalizationValue;
          removeButtonTooltip__lastVerifiedDomain: LocalizationValue;
          removeButtonTooltip__lastVerifiedDomainActive: LocalizationValue;
          txtRecord: {
// ... 639 unchanged lines elided ...

Static analyzer: Breaking change in type alias __internal_LocalizationResource: Type changed: {locale:string;maintenanceMode:import("@clerk/shared").LocalizationValue;roles:{[r:string]:import("@clerk/shared").Loca… → {locale:string;maintenanceMode:import("@clerk/shared").LocalizationValue;roles:{[r:string]:import("@clerk/shared").Loca…

🤖 AI review (reclassified as non-breaking) (55%): The before/after snippets differ by only 4 elided lines (1867 vs 1863), indicating minor removals/additions within the localization resource; __internal_LocalizationResource is used only as the source for LocalizationResource which extends DeepPartial<DeepLocalizationWithoutObjects<...>>, making consumers read optional fields from it (output/partial direction), so removing a few optional keys is unlikely to break well-typed consumers — however without seeing exactly which keys changed, confidence is moderate.

---

@clerk/ui

Version: 1.23.0 → 1.22.0
Recommended bump: MINOR

Subpath ./internal

🟡 Non-breaking Changes (1)

Modified: ElementsConfig

// ... 490 unchanged lines elided ...
    configureSSOVerifyDomainErrorSubtitle: WithOptions;
    configureSSOVerifyDomainList: WithOptions;
    configureSSOVerifyDomainSuggestion: WithOptions;
-   configureSSOVerifyDomainCard: WithOptions<'verified' | 'unverified' | 'expired'>;
-   configureSSOVerifyDomainCardBadge: WithOptions<'verified' | 'unverified' | 'expired'>;
+   configureSSOVerifyDomainCard: WithOptions<'verified' | 'unverified'>;
+   configureSSOVerifyDomainCardBadge: WithOptions<'verified' | 'unverified'>;
    configureSSOVerifyDomainCardRemoveButton: WithOptions;
    configureSSOVerifyDomainCardTxtRecord: WithOptions;
    configureSSOVerifyDomainCardTxtRecordValue: WithOptions;
-   configureSSOVerifyDomainCardExpired: WithOptions;
    configureSSOEmailVerificationForm: WithOptions<string>;
    configureSSOEmailVerificationIcon: WithOptions<string>;
    configureSSOEmailVerificationTitle: WithOptions<string>;
// ... 51 unchanged lines elided ...

Static analyzer: Breaking change in type alias ElementsConfig: Type changed: {button:import("@clerk/ui").~WithOptions<string>;input:import("@clerk/ui").~WithOptions;checkbox:import("@clerk/ui").~W… → {button:import("@clerk/ui").~WithOptions<string>;input:import("@clerk/ui").~WithOptions;checkbox:import("@clerk/ui").~W…

🤖 AI review (reclassified as non-breaking) (70%): The diff shows one fewer elided line (473→472) in the middle section but all visible keys and value types are identical; ElementsConfig is consumed only via the Elements mapped type which is an output type, so no well-typed consumer constructs an ElementsConfig object directly.

---

Report generated by Break Check

_{Last ran on bdf2fe9.}