diff --git a/packages/auth-providers/clerk/setup/src/templates/api/lib/auth.ts.template b/packages/auth-providers/clerk/setup/src/templates/api/lib/auth.ts.template
index 488fe1323898..92f1ee761481 100644
--- a/packages/auth-providers/clerk/setup/src/templates/api/lib/auth.ts.template
+++ b/packages/auth-providers/clerk/setup/src/templates/api/lib/auth.ts.template
@@ -29,11 +29,14 @@ export const getCurrentUser = async (
 
   const { roles } = parseJWT({ decoded })
 
+  // Remove privateMetadata property from CurrentUser as it should not be accessible on the web
+  const { privateMetadata, ...userWithoutPrivateMetadata } = decoded
+
   if (roles) {
-    return { ...decoded, roles }
+    return { ...userWithoutPrivateMetadata, roles }
   }
 
-  return { ...decoded }
+  return { ...userWithoutPrivateMetadata }
 }
 
 /**