---
title: Migrating from Stack Auth to Hexclave
description: How to migrate your application from the legacy @stackframe/* packages to @hexclave/*.
sidebarTitle: Migration
---

Stack Auth is now Hexclave. The dashboard, APIs, and your data are unchanged — only the brand and the package names changed. Both backends (`api.stack-auth.com` and `api.hexclave.com`) point at the same service, so each `@stackframe/*` package continues to work; staying on the legacy SDK requires no action.

This guide is for projects that want to migrate to `@hexclave/*` packages.

## 1. Install the new packages

Replace each `@stackframe/*` dependency with its `@hexclave/*` equivalent:

```bash
npm uninstall @stackframe/stack
npm install @hexclave/next
```

| Old package | New package |
| --- | --- |
| `@stackframe/stack` | `@hexclave/next` |
| `@stackframe/react` | `@hexclave/react` |
| `@stackframe/js` | `@hexclave/js` |

Rename your imports from `@stackframe/*` to `@hexclave/*`. The public API surface is identical, except that all `Stack*` references are renamed to `Hexclave*`:

```ts title="Before"
import { StackClientApp, StackProvider, useStackApp } from "@stackframe/stack";
```

```ts title="After"
import { HexclaveClientApp, HexclaveProvider, useHexclaveApp } from "@hexclave/next";
```

## 2. Update hardcoded references

Sweep your codebase and replace:

- `https://api.stack-auth.com` → `https://api.hexclave.com`

## Optional changes

All legacy names keep working — rename only if you want your code to match the new brand.

- **Request headers**: `X-Stack-*` → `X-Hexclave-*`.
- **Environment variables**: `STACK_*` → `HEXCLAVE_*`.
- **Bearer prefix**: `stackauth_*` tokens remain valid.
- **CLI binary**: both `stack` and `hexclave` ship with `@hexclave/cli`.
- **Hosted-handler subdomain**: `.built-with-stack-auth.com` still works.

## Other

If your backend verifies Hexclave-issued JWTs directly (for example with `jose.jwtVerify`), update the expected `iss` claim — `@hexclave/*` SDKs sign tokens under the hexclave host:

```ts title="Before"
const { payload } = await jose.jwtVerify(token, jwks, {
  issuer: 'https://api.stack-auth.com/api/v1/projects/YOUR_PROJECT_ID',
  audience: 'YOUR_PROJECT_ID',
});
```

```ts title="After"
const { payload } = await jose.jwtVerify(token, jwks, {
  issuer: 'https://api.hexclave.com/api/v1/projects/YOUR_PROJECT_ID',
  audience: 'YOUR_PROJECT_ID',
});
```

The same applies to the anonymous (`/api/v1/projects-anonymous-users/...`) and restricted (`/api/v1/projects-restricted-users/...`) issuer variants.

You don't need to update your OAuth provider callback URLs — your current `api.stack-auth.com` callback URLs keep working. However, if you recreate an OAuth provider on the dashboard, you'll need to use the new callback URL:

```
https://api.hexclave.com/api/v1/auth/oauth/callback/<provider>
```

Questions? [Discord](https://discord.hexclave.com) or [team@hexclave.com](mailto:team@hexclave.com).