feat(backend): Add user_id field to organizationInvitation.accepted webhook events

[kduprey]

Description

Add user_id field to organizationInvitation.accepted webhook events.

Creates a new OrganizationInvitationAcceptedJSON interface that extends OrganizationInvitationJSON with a required user_id field, and updates the webhook type system to use this interface specifically for organizationInvitation.accepted events.

USER-3577

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

Summary by CodeRabbit

• New Features
  • Added a dedicated "organizationInvitation.accepted" webhook event whose payload now includes a required user_id to identify the account that accepted an invitation.
• Chores
  • Improved webhook event typing and mappings for organization invitation events to increase clarity and reliability for integrators.

[changeset-bot]

🦋 Changeset detected

Latest commit: 0b2ab7b

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 11 packages

Name	Type
@clerk/backend	Minor
@clerk/agent-toolkit	Patch
@clerk/astro	Patch
@clerk/express	Patch
@clerk/fastify	Patch
@clerk/nextjs	Patch
@clerk/nuxt	Patch
@clerk/react-router	Patch
@clerk/remix	Patch
@clerk/tanstack-react-start	Patch
@clerk/testing	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
clerk-js-sandbox	Ready	Preview	Comment	Sep 29, 2025 11:20pm

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds a new OrganizationInvitationAcceptedJSON interface (with required user_id) and updates webhook typings to introduce a distinct organizationInvitation.accepted event type using that interface; organizationInvitation.accepted is removed from the existing OrganizationInvitationWebhookEvent. Changeset metadata updated.

Changes

Cohort / File(s)	Summary
Webhook typing updates packages/backend/src/api/resources/Webhooks.ts	Imports OrganizationInvitationAcceptedJSON. Removes 'organizationInvitation.accepted' from OrganizationInvitationWebhookEvent. Adds OrganizationInvitationAcceptedWebhookEvent = Webhook<'organizationInvitation.accepted', OrganizationInvitationAcceptedJSON> and includes it in the WebhookEvent union.
JSON interface addition packages/backend/src/api/resources/JSON.ts	Exports new interface OrganizationInvitationAcceptedJSON that extends OrganizationInvitationJSON with required user_id: string.
Changeset metadata .changeset/blue-teeth-report.md	Records the backend change: adds OrganizationInvitationAcceptedJSON and assigns it to organizationInvitation.accepted webhook events.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant Backend
  participant WebhookDispatcher as Dispatcher
  participant Consumer

  User->>Backend: Accept organization invitation
  Backend->>Backend: Build OrganizationInvitationAcceptedJSON (includes user_id)
  Backend->>Dispatcher: Emit 'organizationInvitation.accepted' event
  Dispatcher-->>Consumer: Deliver Webhook<'organizationInvitation.accepted', OrganizationInvitationAcceptedJSON>
  note right of Consumer #DFF2E1: Consumer receives payload\nwith required `user_id`

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

A twitch of ears, a hop of delight,
Accepted invites now carry a light.
user_id snug in the JSON nest,
Webhooks sing, the payloads blessed.
I nibble code and thump with zest — 🥕

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly and concisely describes the main change in the pull request by specifying that the user_id field is being added to the organizationInvitation.accepted webhook events in the backend. It follows conventional commit style, indicates the affected subsystem (backend), and outlines the primary feature change without extraneous detail.
Linked Issues Check	✅ Passed	The pull request fulfills the objective of USER-3577 by introducing a new OrganizationInvitationAcceptedJSON interface that extends the base invitation JSON type to include the required user_id field for accepted invitations, and updates the webhook type mappings to use this interface for organizationInvitation.accepted events. This ensures that accepted invitation payloads now carry the user identifier as specified in the linked issue.
Out of Scope Changes Check	✅ Passed	All code changes are focused on adding the user_id field to the accepted invitation event payload and updating related webhook type definitions; there are no unrelated or extraneous modifications beyond a standard metadata header in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch kenton/user-3577-update-organizationinvitationjson-interface-to-include

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR adds a user_id field to organizationInvitation.accepted webhook events by creating a specialized interface and webhook type. The change provides more detailed information about accepted organization invitations by including the ID of the user who accepted the invitation.

• Creates a new OrganizationInvitationAcceptedJSON interface that extends the base interface with a required user_id field
• Separates the organizationInvitation.accepted event into its own webhook type to use the enhanced interface
• Updates the type system to distinguish between accepted invitations and other invitation events

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
packages/backend/src/api/resources/JSON.ts	Adds new OrganizationInvitationAcceptedJSON interface extending base interface with user_id field
packages/backend/src/api/resources/Webhooks.ts	Creates separate webhook type for accepted invitations and removes it from generic invitation events
.changeset/blue-teeth-report.md	Documents the breaking change for version management

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The new OrganizationInvitationAcceptedWebhookEvent type should be included in the main webhook union types to ensure it's properly recognized by the webhook handling system. Consider adding it to any existing webhook event unions in this file or related files.

[tmilewski]

I think this comment is correct?

[kduprey]

I did add this to the main webhook union types below :)

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/backend/src/api/resources/Webhooks.ts (1)

98-112: Accepted webhook event dropped from WebhookEvent union
By removing 'organizationInvitation.accepted' from OrganizationInvitationWebhookEvent but not adding the new OrganizationInvitationAcceptedWebhookEvent to the overall WebhookEvent union, the accepted invitation payload is no longer represented in the exported aggregate type. Any consumers relying on WebhookEvent to cover all webhook payloads will now fail to type-check or miss accepted events. Please include the new type in the union so accepted events remain covered.

 export type WebhookEvent =
   | UserWebhookEvent
   | SessionWebhookEvent
   | EmailWebhookEvent
   | SMSWebhookEvent
   | OrganizationWebhookEvent
   | OrganizationDomainWebhookEvent
   | OrganizationMembershipWebhookEvent
   | OrganizationInvitationWebhookEvent
+  | OrganizationInvitationAcceptedWebhookEvent
   | RoleWebhookEvent
   | PermissionWebhookEvent
   | WaitlistEntryWebhookEvent
   | BillingPaymentAttemptWebhookEvent
   | BillingSubscriptionWebhookEvent
   | BillingSubscriptionItemWebhookEvent;

🧹 Nitpick comments (1)

.changeset/blue-teeth-report.md (1)

7-7: Tighten inline code formatting for the event name
The event name renders as organizationInvitation`.accepted because the backticks wrap only the first segment. Consider keeping the entire literal inside the inline code span for clarity.

-Creates a new `OrganizationInvitationAcceptedJSON` interface that extends `OrganizationInvitationJSON` with a required `user_id` field, and updates the webhook type system to use this interface specifically for `organizationInvitation`.accepted events.
+Creates a new `OrganizationInvitationAcceptedJSON` interface that extends `OrganizationInvitationJSON` with a required `user_id` field, and updates the webhook type system to use this interface specifically for `organizationInvitation.accepted` events.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 37028ca and 0ed3485.

📒 Files selected for processing (3)

• .changeset/blue-teeth-report.md (1 hunks)
• packages/backend/src/api/resources/JSON.ts (1 hunks)
• packages/backend/src/api/resources/Webhooks.ts (2 hunks)

🧰 Additional context used

📓 Path-based instructions (7)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use Prettier for consistent code formatting

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

packages/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

TypeScript is required for all packages

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

packages/**/*.{ts,tsx,d.ts}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Packages should export TypeScript types alongside runtime code

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use proper TypeScript error types

**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoid any type - prefer unknown when type is uncertain, then narrow with type guards
Use interface for object shapes that might be extended
Use type for unions, primitives, and computed types
Prefer readonly properties for immutable data structures
Use private for internal implementation details
Use protected for inheritance hierarchies
Use public explicitly for clarity in public APIs
Prefer readonly for properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Use const assertions for literal types: as const
Use satisfies operator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports: import type { ... } from ...
No any types without justification
Proper error handling with typed errors
Consistent use of readonly for immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.

Files:

• packages/backend/src/api/resources/Webhooks.ts
• packages/backend/src/api/resources/JSON.ts

.changeset/**

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Automated releases must use Changesets.

Files:

• .changeset/blue-teeth-report.md

🧬 Code graph analysis (2)

packages/backend/src/api/resources/Webhooks.ts (1)

packages/backend/src/api/resources/JSON.ts (2)

• OrganizationInvitationJSON (380-393)
• OrganizationInvitationAcceptedJSON (395-397)

packages/backend/src/api/resources/JSON.ts (1)

packages/types/src/json.ts (1)

• OrganizationInvitationJSON (433-444)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Build Packages
• GitHub Check: semgrep-cloud-platform/scan
• GitHub Check: semgrep-cloud-platform/scan
• GitHub Check: Analyze (javascript-typescript)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

packages/backend/src/api/resources/JSON.ts (1)

395-397: Tighten the accepted invitation status typing

Since this interface exclusively models the organizationInvitation.accepted webhook, we can re-declare status to the 'accepted' literal (or the corresponding enum literal) so consumers get a guaranteed value instead of the inherited optional union. Right now handlers still have to defensively branch on 'pending'/'revoked'. Consider:

 export interface OrganizationInvitationAcceptedJSON extends OrganizationInvitationJSON {
+  status: 'accepted';
   user_id: string;
 }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 0ed3485 and 0b2ab7b.

📒 Files selected for processing (3)

• .changeset/blue-teeth-report.md (1 hunks)
• packages/backend/src/api/resources/JSON.ts (1 hunks)
• packages/backend/src/api/resources/Webhooks.ts (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• .changeset/blue-teeth-report.md
• packages/backend/src/api/resources/Webhooks.ts

🧰 Additional context used

📓 Path-based instructions (6)

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels

Files:

• packages/backend/src/api/resources/JSON.ts

**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use Prettier for consistent code formatting

Files:

• packages/backend/src/api/resources/JSON.ts

packages/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

TypeScript is required for all packages

Files:

• packages/backend/src/api/resources/JSON.ts

packages/**/*.{ts,tsx,d.ts}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Packages should export TypeScript types alongside runtime code

Files:

• packages/backend/src/api/resources/JSON.ts

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/development.mdc)

Use proper TypeScript error types

**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoid any type - prefer unknown when type is uncertain, then narrow with type guards
Use interface for object shapes that might be extended
Use type for unions, primitives, and computed types
Prefer readonly properties for immutable data structures
Use private for internal implementation details
Use protected for inheritance hierarchies
Use public explicitly for clarity in public APIs
Prefer readonly for properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Use const assertions for literal types: as const
Use satisfies operator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports: import type { ... } from ...
No any types without justification
Proper error handling with typed errors
Consistent use of readonly for immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)

Files:

• packages/backend/src/api/resources/JSON.ts

**/*.{js,ts,tsx,jsx}

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.

Files:

• packages/backend/src/api/resources/JSON.ts

🧬 Code graph analysis (1)

packages/backend/src/api/resources/JSON.ts (1)

packages/types/src/json.ts (1)

• OrganizationInvitationJSON (433-444)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Formatting | Dedupe | Changeset
• GitHub Check: Build Packages
• GitHub Check: semgrep/ci
• GitHub Check: Analyze (javascript-typescript)
• GitHub Check: semgrep-cloud-platform/scan
• GitHub Check: semgrep-cloud-platform/scan

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@6887

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@6887

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@6887

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@6887

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@6887

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@6887

@clerk/elements

npm i https://pkg.pr.new/@clerk/elements@6887

@clerk/clerk-expo

npm i https://pkg.pr.new/@clerk/clerk-expo@6887

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@6887

@clerk/express

npm i https://pkg.pr.new/@clerk/express@6887

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@6887

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@6887

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@6887

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@6887

@clerk/clerk-react

npm i https://pkg.pr.new/@clerk/clerk-react@6887

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@6887

@clerk/remix

npm i https://pkg.pr.new/@clerk/remix@6887

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@6887

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@6887

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@6887

@clerk/themes

npm i https://pkg.pr.new/@clerk/themes@6887

@clerk/types

npm i https://pkg.pr.new/@clerk/types@6887

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@6887

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@6887

commit: 0b2ab7b

[tmilewski]

Per the Coderabbit nitpick comment:

Suggested change

	export interface OrganizationInvitationAcceptedJSON extends OrganizationInvitationJSON {
	user_id: string;
	}
	export interface OrganizationInvitationAcceptedJSON extends OrganizationInvitationJSON {
	status: 'accepted';
	user_id: string;
	}

[tmilewski]

I think this comment is correct?