The Short Version
Choose Clerk if you want pre-built, beautiful UI components that
drop into React/Next.js with minimal configuration. Clerk's <SignIn />
and <UserButton /> components are genuinely excellent. If developer
experience and time-to-ship are your top priorities, and fraud prevention is a secondary
concern, Clerk is hard to beat.
Choose Auth1 if you need fraud protection built into the authentication layer itself. VOIP blocking, risk scoring, phone line-type detection, and rate limiting that actually prevents fake signups. If you're losing money to signup fraud, promo abuse, or fake accounts — or if you need multi-tenant white-labeling or self-hosting — Auth1 is built for that.
This is published on the Auth1 blog, so we have an obvious bias. We've tried to be fair and accurate. Where Clerk is genuinely better, we say so. If you spot an inaccuracy, email us at hello@auth1.ai and we'll correct it.
Feature-by-Feature Comparison
| Feature | Clerk | Auth1 |
|---|---|---|
| Pre-built UI components | Excellent (React, Next.js, Remix) | SDK only (bring your own UI) |
| VOIP phone blocking | No | Yes (automatic on every request) |
| Risk scoring | No | Yes (per-request, webhook payload) |
| Phone line-type detection | No | Yes (mobile/VOIP/landline/toll-free) |
| OTP rate limiting | Basic | 5/hr per phone, 5 attempts per OTP |
| Social login (Google, GitHub, etc.) | 20+ providers | Not yet (phone/email focus) |
| Multi-factor authentication | TOTP, SMS, Backup codes | SMS OTP, Magic links |
| User management dashboard | Beautiful, full-featured | API-first (admin endpoints) |
| Multi-tenant support | Organizations (limited) | Built-in (API key per tenant) |
| White-label SMS | No (Clerk-branded) | Yes (per-tenant branding) |
| Self-hostable | No | Yes (Docker) |
| Webhook events | Yes (Svix) | Yes (native) |
| Session management | JWT + session tokens | JWT with Redis sessions |
Fraud Detection: The Core Difference
This is where the comparison becomes stark. Clerk is an authentication platform. Auth1 is an authentication platform with fraud prevention built into the authentication layer. These are fundamentally different approaches.
What Clerk Does
Clerk verifies that a phone number can receive SMS. That's the extent of its fraud prevention for phone-based auth. It doesn't check whether the number is a VOIP number, a landline, a recently ported number, or a disposable number from TextNow. A Google Voice number passes Clerk verification just as easily as a real T-Mobile mobile number.
Clerk does offer bot detection through their Turnstile integration, which helps prevent automated signups. But bot detection and fraud detection are different problems. A human using a VOIP number to create fake accounts passes bot detection perfectly — because they're not a bot.
What Auth1 Does
Auth1 runs a fraud check on every OTP request before the SMS is sent:
- Line-type lookup — checks if the number is mobile, VOIP, landline, or toll-free via Twilio Lookup API
- VOIP blocking — rejects Google Voice, TextNow, Burner, and other VOIP numbers by default
- Rate limiting — enforces 5 OTP requests per hour per phone number (prevents brute-force and abuse)
- Attempt limiting — limits verification attempts to 5 per OTP code
- Risk scoring — assigns a 0-1 risk score based on line type, carrier, and behavioral signals
This data is available in every webhook payload, so your application can make informed decisions about user trust levels.
{
"event": "auth.verified",
"user": {
"phone": "+15551234567",
"user_id": "usr_abc123",
"is_new": true
},
"risk": {
"score": 0.15,
"line_type": "mobile",
"carrier": "T-Mobile",
"voip": false,
"country_code": "US"
}
}
Clerk's webhook payload for phone verification includes the phone number and verification status. No risk score. No line type. No carrier data. No VOIP flag.
If fraud prevention matters to your business — if you're losing money to fake signups, promo abuse, or multi-accounting — Auth1 solves the problem at the authentication layer. Clerk does not address this use case.
Developer Experience
Clerk's developer experience is genuinely excellent. The <SignIn />
component renders a complete, polished authentication form with social login buttons,
email/password fields, and phone verification — in a single line of code:
// Clerk: One line for a complete auth form import { SignIn } from '@clerk/nextjs'; export default function SignInPage() { return <SignIn />; } // That's it. Social buttons, email, phone, MFA // all rendered with Clerk's design system.
Auth1 takes a different approach. It's API-first — you build your own UI and call Auth1's endpoints. This means more code but complete control over the user experience:
// Auth1: API-first, you control the UI import { Auth1Client } from '@auth1/sdk'; const auth1 = new Auth1Client({ apiKey: process.env.AUTH1_API_KEY, baseUrl: 'https://auth-api.z101.ai' }); export default function SignInPage() { const [phone, setPhone] = useState(''); const [code, setCode] = useState(''); const [step, setStep] = useState('phone'); async function requestOTP() { await auth1.requestOTP({ phone }); setStep('code'); } async function verifyOTP() { const result = await auth1.verifyOTP({ phone, code }); if (result.verified) { // Set session, redirect, etc. } } // You build the UI however you want return ( <div> {step === 'phone' ? ( <> <input value={phone} onChange={...} /> <button onClick={requestOTP}>Send Code</button> </> ) : ( <> <input value={code} onChange={...} /> <button onClick={verifyOTP}>Verify</button> </> )} </div> ); }
If time-to-ship is your priority and you want a polished auth UI without building it yourself, Clerk wins. Their component library is production-ready out of the box. Auth1's API-first approach requires more frontend work but gives you total design control.
Pricing Comparison
| Plan | Clerk | Auth1 |
|---|---|---|
| Free tier | 10,000 MAU | 1,000 verifications/month |
| Starter/Growth | $25/mo + $0.02/MAU over 10K | $39/mo (10K verifications included) |
| At 50K MAU | $825/mo | $99/mo |
| At 100K MAU | $1,825/mo | $199/mo |
| Self-hosted | Not available | Free (your infrastructure) |
| Remove branding | Pro plan ($25/mo+) | All plans |
| SMS cost | Included (+ Clerk markup) | Pass-through Twilio pricing |
The pricing models are fundamentally different. Clerk charges per MAU (monthly active user) — every user who logs in during a month counts. Auth1 charges per verification event. For apps with high login frequency (daily active users), Clerk's per-MAU model can be more cost-effective. For apps with lower frequency but many registered users, Auth1's per-verification model saves money.
Clerk includes SMS delivery in their pricing but applies a markup over raw Twilio rates. Auth1 uses your own Twilio or AWS SNS account at pass-through pricing. For high-volume SMS (50K+ per month), the Twilio direct pricing can be significantly cheaper than Clerk's bundled SMS.
Self-Hosting and Data Control
Clerk is SaaS-only. There is no self-hosted option. All user data lives in Clerk's infrastructure. This works for most applications but is a non-starter for:
- Companies with strict data residency requirements (GDPR, HIPAA, FedRAMP)
- Fintech applications where auth data is in PCI scope
- Government contracts requiring on-premise or GovCloud deployment
- Companies that want full database access to their auth data
Auth1 can run as a managed service (auth-api.z101.ai) or self-hosted via Docker. Self-hosted Auth1 gives you direct PostgreSQL access to all auth data, full control over data residency, and no dependency on external services for authentication.
If you need self-hosting, data sovereignty, or compliance with strict data residency requirements, Auth1 is the only option. Clerk does not offer self-hosting.
White-Labeling
Clerk's Pro plan ($25/mo) removes the "Secured by Clerk" badge from their components. But the underlying SMS messages, email templates, and authentication flows still carry Clerk branding. There's no per-tenant branding — every user sees the same authentication experience.
Auth1 is multi-tenant by default. Each API key maps to a tenant with its own branding configuration. SMS messages say "Your {AppName} code is: 482913" where AppName is configured per tenant. This is essential for SaaS platforms serving multiple customers.
For multi-tenant SaaS with per-customer branding, Auth1's architecture is purpose-built for this. Clerk's Organizations feature provides user grouping but not per-organization branding on auth flows.
When to Choose Each
Choose Clerk When:
- You want beautiful, pre-built auth UI components that work immediately
- Social login (Google, GitHub, Apple, etc.) is a core requirement
- Developer experience and time-to-ship matter more than fraud prevention
- You're building a B2C app with standard auth requirements
- You want a user management dashboard without building one
- You're using React/Next.js and want tight framework integration
Choose Auth1 When:
- Signup fraud is costing you money (fake accounts, promo abuse, VOIP abuse)
- You need VOIP blocking, risk scoring, or phone line-type intelligence
- Multi-tenant white-labeling is a requirement (SaaS platforms, agencies)
- You need to self-host authentication (compliance, data sovereignty)
- You want API-first auth with full control over the UI
- Cost at scale matters (Auth1 is significantly cheaper above 50K users)
- You need direct database access to authentication data
Some teams use Clerk for social login and session management while using Auth1's API separately for phone verification with fraud protection. The two products can complement each other. Use Clerk's UI components for the login page and call Auth1's API for the phone verification step where fraud detection matters.