After changing instance configuration (in our case toggling bot protection via the platform config API), the natural way to verify the change took effect is the instance's public FAPI /v1/environment payload, since that is what clerk-js actually consumes. The CLI speaks BAPI and PLAPI but has no FAPI surface, so verification falls back to curl plus manually decoding the FAPI domain out of the publishable key.
A small addition would close the loop, any of:
clerk api --fapi /environment --app <id> --instance <dev|prod> (resolve the FAPI domain from the instance's pk, no auth needed for public endpoints)- a
clerk config pull --effective style command that fetches the public environment alongside the platform config
This would make config changes verifiable end to end with the CLI alone.
After changing instance configuration (in our case toggling bot protection via the platform config API), the natural way to verify the change took effect is the instance's public FAPI
/v1/environmentpayload, since that is what clerk-js actually consumes. The CLI speaks BAPI and PLAPI but has no FAPI surface, so verification falls back to curl plus manually decoding the FAPI domain out of the publishable key.A small addition would close the loop, any of:
clerk api --fapi /environment --app <id> --instance <dev|prod>(resolve the FAPI domain from the instance's pk, no auth needed for public endpoints)clerk config pull --effectivestyle command that fetches the public environment alongside the platform configThis would make config changes verifiable end to end with the CLI alone.