openapi: 3.0.0
info:
version: '1'
title: Kinde Management API
description: >
Provides endpoints to manage your Kinde Businesses.
## Intro
## How to use
1. [Set up and authorize a machine-to-machine (M2M)
application](https://docs.kinde.com/developer-tools/kinde-api/connect-to-kinde-api/).
2. [Generate a test access
token](https://docs.kinde.com/developer-tools/kinde-api/access-token-for-api/)
3. Test request any endpoint using the test token
termsOfService: https://docs.kinde.com/trust-center/agreements/terms-of-service/
contact:
name: Kinde Support Team
email: support@kinde.com
url: https://docs.kinde.com
servers:
- url: https://{subdomain}.kinde.com
variables:
subdomain:
default: your_kinde_subdomain
description: The subdomain generated for your business on Kinde.
tags:
- name: APIs
x-displayName: APIs
- name: Applications
x-displayName: Applications
- name: Business
x-displayName: Business
- name: Industries
x-displayName: Industries
- name: Timezones
x-displayName: Timezones
- name: Callbacks
x-displayName: Callbacks
- name: Connected Apps
x-displayName: Connected Apps
- name: Connections
x-displayName: Connections
- name: Environments
x-displayName: Environments
- name: Environment variables
x-displayName: Environment variables
- name: Feature Flags
x-displayName: Feature Flags
- name: Identities
x-displayName: Identities
- name: MFA
x-displayName: MFA
- name: Organizations
x-displayName: Organizations
- name: Permissions
x-displayName: Permissions
- name: Properties
x-displayName: Properties
- name: Property Categories
x-displayName: Property Categories
- name: Roles
x-displayName: Roles
- name: Search
x-displayName: Search
- name: Subscribers
x-displayName: Subscribers
- name: Users
x-displayName: Users
- name: Webhooks
x-displayName: Webhooks
- name: OAuth
x-displayName: OAuth
paths:
/api/v1/apis:
get:
tags:
- APIs
operationId: getAPIs
summary: Get APIs
description: |
Returns a list of your APIs. The APIs are returned sorted by name.
read:apis
parameters:
- name: expand
in: query
description: Specify additional data to retrieve. Use "scopes".
required: false
schema:
type: string
nullable: true
enum:
- scopes
responses:
'200':
description: A list of APIs.
content:
application/json:
schema:
$ref: '#/components/schemas/get_apis_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- APIs
operationId: addAPIs
summary: Create API
description: >
Register a new API. For more information read [Register and manage
APIs](https://docs.kinde.com/developer-tools/your-apis/register-manage-apis/).
create:apis
externalDocs:
url: https://docs.kinde.com/developer-tools/your-apis/register-manage-apis
description: Register and manage APIs
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
name:
type: string
description: The name of the API. (1-64 characters).
example: Example API
audience:
type: string
description: >-
A unique identifier for the API - commonly the URL. This
value will be used as the `audience` parameter in
authorization claims. (1-64 characters)
example: https://api.example.com
required:
- name
- audience
responses:
'200':
description: APIs successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/create_apis_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}:
parameters:
- $ref: '#/components/parameters/api_id'
get:
tags:
- APIs
operationId: getAPI
summary: Get API
description: |
Retrieve API details by ID.
read:apis
responses:
'200':
description: API successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_api_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
operationId: deleteAPI
summary: Delete API
description: |
Delete an API you previously created.
delete:apis
responses:
'200':
description: API successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/delete_api_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/scopes:
get:
tags:
- APIs
operationId: getAPIScopes
summary: Get API scopes
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
description: |
Retrieve API scopes by API ID.
read:api_scopes
responses:
'200':
description: API scopes successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_api_scopes_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- APIs
operationId: addAPIScope
summary: Create API scope
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
description: |
Create a new API scope.
create:api_scopes
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
key:
type: string
description: >-
The key reference for the scope (1-64 characters, no white
space).
example: read:logs
description:
type: string
description: Description of the api scope purpose.
example: Scope for reading logs.
required:
- key
responses:
'200':
description: API scopes successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/create_api_scopes_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/scopes/{scope_id}:
get:
tags:
- APIs
operationId: getAPIScope
summary: Get API scope
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Retrieve API scope by API ID.
read:api_scopes
responses:
'200':
description: API scope successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_api_scope_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- APIs
operationId: updateAPIScope
summary: Update API scope
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Update an API scope.
update:api_scopes
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
description:
type: string
description: Description of the api scope purpose.
example: Scope for reading logs.
responses:
'200':
description: API scope successfully updated
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
operationId: deleteAPIScope
summary: Delete API scope
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Delete an API scope you previously created.
delete:apis_scopes
responses:
'200':
description: API scope successfully deleted.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/applications:
parameters:
- $ref: '#/components/parameters/api_id'
patch:
tags:
- APIs
operationId: updateAPIApplications
summary: Authorize API applications
description: |
Authorize applications to be allowed to request access tokens for an API
update:apis
requestBody:
description: The applications you want to authorize.
required: true
content:
application/json:
schema:
type: object
required:
- applications
properties:
applications:
type: array
items:
type: object
required:
- id
properties:
id:
description: The application's Client ID.
type: string
example: d2db282d6214242b3b145c123f0c123
operation:
description: >-
Optional operation, set to 'delete' to revoke
authorization for the application. If not set, the
application will be authorized.
type: string
example: delete
responses:
'200':
description: Authorized applications updated.
content:
application/json:
schema:
$ref: '#/components/schemas/authorize_app_api_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/applications/{application_id}/scopes/{scope_id}:
post:
tags:
- APIs
operationId: addAPIApplicationScope
summary: Add scope to API application
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: application_id
in: path
description: Application ID
required: true
schema:
type: string
nullable: false
example: 7643b487c97545aab79257fd13a1085a
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Add a scope to an API application.
create:api_application_scopes
responses:
'200':
description: API scope successfully added to API application
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
operationId: deleteAPIAppliationScope
summary: Delete API application scope
parameters:
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: application_id
in: path
description: Application ID
required: true
schema:
type: string
nullable: false
example: 7643b487c97545aab79257fd13a1085a
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Delete an API application scope you previously created.
delete:apis_application_scopes
responses:
'200':
description: API scope successfully deleted.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications:
get:
tags:
- Applications
operationId: getApplications
summary: Get applications
description: |
Get a list of applications / clients.
read:applications
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: A successful response with a list of applications or an empty list.
content:
application/json:
schema:
$ref: '#/components/schemas/get_applications_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Applications
operationId: createApplication
summary: Create application
description: |
Create a new client.
create:applications
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The application's name.
type: string
example: React Native app
type:
description: >-
The application's type. Use `reg` for regular server
rendered applications, `spa` for single-page applications,
and `m2m` for machine-to-machine applications.
type: string
enum:
- reg
- spa
- m2m
required:
- name
- type
responses:
'201':
description: Application successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_application_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}:
get:
tags:
- Applications
operationId: getApplication
summary: Get application
description: |
Gets an application given the application's ID.
read:applications
parameters:
- name: application_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
nullable: false
example: 20bbffaa4c5e492a962273039d4ae18b
responses:
'200':
description: Application successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_application_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Applications
operationId: updateApplication
summary: Update Application
description: >
Updates a client's settings. For more information, read [Applications in
Kinde](https://docs.kinde.com/build/applications/about-applications)
update:applications
parameters:
- name: application_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
example: 20bbffaa4c5e492a962273039d4ae18b
requestBody:
description: Application details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The application's name.
type: string
language_key:
description: The application's language key.
type: string
logout_uris:
description: The application's logout uris.
type: array
items:
type: string
redirect_uris:
description: The application's redirect uris.
type: array
items:
type: string
login_uri:
description: The default login route for resolving session issues.
type: string
homepage_uri:
description: The homepage link to your application.
type: string
responses:
'200':
description: Application successfully updated.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Applications
operationId: deleteApplication
summary: Delete application
description: |
Delete a client / application.
delete:applications
parameters:
- name: application_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
example: 20bbffaa4c5e492a962273039d4ae18b
responses:
'200':
description: Application successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/connections:
get:
tags:
- Applications
operationId: GetApplicationConnections
description: |
Gets all connections for an application.
read:application_connections
summary: Get connections
parameters:
- name: application_id
in: path
description: The identifier/client ID for the application.
required: true
schema:
type: string
nullable: false
example: 20bbffaa4c5e492a962273039d4ae18b
responses:
'200':
description: Application connections successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_connections_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/connections/{connection_id}:
post:
tags:
- Applications
operationId: EnableConnection
summary: Enable connection
description: |
Enable an auth connection for an application.
create:application_connections
parameters:
- name: application_id
in: path
description: The identifier/client ID for the application.
required: true
schema:
type: string
example: 20bbffaa4c5e492a962273039d4ae18b
- name: connection_id
in: path
description: The identifier for the connection.
required: true
schema:
type: string
example: conn_0192c16abb53b44277e597d31877ba5b
responses:
'200':
description: Connection successfully enabled.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Applications
operationId: RemoveConnection
summary: Remove connection
description: |
Turn off an auth connection for an application
delete:application_connections
parameters:
- name: application_id
in: path
description: The identifier/client ID for the application.
required: true
schema:
type: string
example: 20bbffaa4c5e492a962273039d4ae18b
- name: connection_id
in: path
description: The identifier for the connection.
required: true
schema:
type: string
example: conn_0192c16abb53b44277e597d31877ba5b
responses:
'200':
description: Connection successfully removed.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/properties:
parameters:
- $ref: '#/components/parameters/application_id'
get:
tags:
- Applications
operationId: getApplicationPropertyValues
summary: Get property values
description: |
Gets properties for an application by client ID.
read:application_properties
responses:
'200':
description: Properties successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_property_values_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/properties/{property_key}:
parameters:
- $ref: '#/components/parameters/application_id'
- $ref: '#/components/parameters/property_key'
put:
tags:
- Applications
operationId: updateApplicationsProperty
summary: Update property
description: |
Update application property value.
update:application_properties
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
value:
oneOf:
- type: string
- type: boolean
description: The new value for the property
example: Some new value
required:
- value
responses:
'200':
description: Property successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/tokens:
patch:
tags:
- Applications
operationId: updateApplicationTokens
summary: Update application tokens
description: |
Configure tokens for an application.
update:application_tokens
parameters:
- name: application_id
in: path
description: The identifier/client ID for the application.
required: true
schema:
type: string
example: 20bbffaa4c5e492a962273039d4ae18b
requestBody:
description: Application tokens.
required: true
content:
application/json:
schema:
type: object
properties:
access_token_lifetime:
description: The lifetime of an access token in seconds.
type: integer
example: 3600
refresh_token_lifetime:
description: The lifetime of a refresh token in seconds.
type: integer
example: 86400
id_token_lifetime:
description: The lifetime of an ID token in seconds.
type: integer
example: 3600
authenticated_session_lifetime:
description: The lifetime of an authenticated session in seconds.
type: integer
example: 86400
is_hasura_mapping_enabled:
description: Enable or disable Hasura mapping.
type: boolean
example: true
responses:
'200':
description: Application tokens succesfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/business:
get:
tags:
- Business
operationId: getBusiness
summary: Get business
description: |
Get your business details.
read:businesses
responses:
'200':
description: Your business details.
content:
application/json:
schema:
$ref: '#/components/schemas/get_business_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Business
operationId: updateBusiness
summary: Update business
description: |
Update your business details.
update:businesses
requestBody:
description: The business details to update.
required: true
content:
application/json:
schema:
type: object
properties:
business_name:
type: string
description: The name of the business.
example: Tailsforce Ltd
nullable: true
email:
type: string
description: The email address of the business.
example: sally@example.com
nullable: true
industry_key:
type: string
description: >-
The key of the industry of your business. Can be retrieved
from the /industries endpoint.
example: construction
nullable: true
is_click_wrap:
description: Whether the business is using clickwrap agreements.
type: boolean
example: false
nullable: true
is_show_kinde_branding:
description: >-
Whether the business is showing Kinde branding. Requires a
paid plan.
type: boolean
example: true
nullable: true
kinde_perk_code:
description: The Kinde perk code for the business.
type: string
nullable: true
phone:
description: The phone number of the business.
type: string
example: 123-456-7890
nullable: true
privacy_url:
description: The URL to the business's privacy policy.
type: string
example: https://example.com/privacy
nullable: true
terms_url:
description: The URL to the business's terms of service.
type: string
example: https://example.com/terms
nullable: true
timezone_key:
description: >-
The key of the timezone of your business. Can be retrieved
from the /timezones endpoint.
type: string
example: los_angeles_pacific_standard_time
nullable: true
responses:
'200':
description: Business successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/industries:
get:
tags:
- Industries
operationId: getIndustries
summary: Get industries
description: |
Get a list of industries and associated industry keys.
read:industries
responses:
'200':
description: A list of industries.
content:
application/json:
schema:
$ref: '#/components/schemas/get_industries_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/timezones:
get:
tags:
- Timezones
operationId: getTimezones
summary: Get timezones
description: |
Get a list of timezones and associated timezone keys.
read:timezones
responses:
'200':
description: A list of timezones.
content:
application/json:
schema:
$ref: '#/components/schemas/get_timezones_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/applications/{app_id}/auth_redirect_urls:
get:
tags:
- Callbacks
operationId: getCallbackURLs
description: |
Returns an application's redirect callback URLs.
read:applications_redirect_uris
summary: List Callback URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
responses:
'200':
description: Callback URLs successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/redirect_callback_urls'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/redirect_callback_urls'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Callbacks
operationId: addRedirectCallbackURLs
description: |
Add additional redirect callback URLs.
create:applications_redirect_uris
summary: Add Redirect Callback URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
requestBody:
description: Callback details.
required: true
content:
application/json:
schema:
type: object
properties:
urls:
type: array
items:
type: string
description: Array of callback urls.
responses:
'200':
description: Callbacks successfully updated
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
put:
tags:
- Callbacks
operationId: replaceRedirectCallbackURLs
description: |
Replace all redirect callback URLs.
update:applications_redirect_uris
summary: Replace Redirect Callback URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
requestBody:
description: Callback details.
required: true
content:
application/json:
schema:
type: object
properties:
urls:
type: array
items:
type: string
description: Array of callback urls.
responses:
'200':
description: Callbacks successfully updated
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
delete:
tags:
- Callbacks
operationId: deleteCallbackURLs
description: |
Delete callback URLs.
delete:applications_redirect_uris
summary: Delete Callback URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
- name: urls
in: query
description: Urls to delete, comma separated and url encoded.
required: true
schema:
type: string
responses:
'200':
description: Callback URLs successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/applications/{app_id}/auth_logout_urls:
get:
tags:
- Callbacks
operationId: getLogoutURLs
description: |
Returns an application's logout redirect URLs.
read:application_logout_uris
summary: List logout URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
responses:
'200':
description: Logout URLs successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/logout_redirect_urls'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Callbacks
operationId: addLogoutRedirectURLs
description: |
Add additional logout redirect URLs.
create:application_logout_uris
summary: Add logout redirect URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
requestBody:
description: Callback details.
required: true
content:
application/json:
schema:
type: object
properties:
urls:
type: array
items:
type: string
description: Array of logout urls.
responses:
'200':
description: Logout URLs successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
put:
tags:
- Callbacks
operationId: replaceLogoutRedirectURLs
description: |
Replace all logout redirect URLs.
update:application_logout_uris
summary: Replace logout redirect URls
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
requestBody:
description: Callback details.
required: true
content:
application/json:
schema:
type: object
properties:
urls:
type: array
items:
type: string
description: Array of logout urls.
responses:
'200':
description: Logout URLs successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Callbacks
operationId: deleteLogoutURLs
description: |
Delete logout URLs.
delete:application_logout_uris
summary: Delete Logout URLs
parameters:
- name: app_id
in: path
description: The identifier for the application.
required: true
schema:
type: string
- name: urls
in: query
description: Urls to delete, comma separated and url encoded.
required: true
schema:
type: string
responses:
'200':
description: Logout URLs successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/connected_apps/auth_url:
get:
tags:
- Connected Apps
operationId: GetConnectedAppAuthUrl
description: >
Get a URL that authenticates and authorizes a user to a third-party
connected app.
read:connected_apps
summary: Get Connected App URL
parameters:
- name: key_code_ref
in: query
description: >-
The unique key code reference of the connected app to authenticate
against.
schema:
type: string
nullable: false
required: true
- name: user_id
in: query
description: >-
The id of the user that needs to authenticate to the third-party
connected app.
schema:
type: string
nullable: false
required: false
- name: org_code
in: query
description: >-
The code of the Kinde organization that needs to authenticate to the
third-party connected app.
schema:
type: string
nullable: false
required: false
- name: override_callback_url
in: query
description: >-
A URL that overrides the default callback URL setup in your
connected app configuration
schema:
type: string
nullable: false
required: false
responses:
'200':
description: >-
A URL that can be used to authenticate and a session id to identify
this authentication session.
content:
application/json:
schema:
$ref: '#/components/schemas/connected_apps_auth_url'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/connected_apps_auth_url'
'400':
description: Error retrieving connected app auth url.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'404':
description: Error retrieving connected app auth url.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/connected_apps/token:
get:
tags:
- Connected Apps
operationId: GetConnectedAppToken
description: >
Get an access token that can be used to call the third-party provider
linked to the connected app.
read:connected_apps
summary: Get Connected App Token
parameters:
- name: session_id
in: query
description: The unique sesssion id representing the login session of a user.
schema:
type: string
nullable: false
required: true
responses:
'200':
description: >-
An access token that can be used to query a third-party provider, as
well as the token's expiry time.
content:
application/json:
schema:
$ref: '#/components/schemas/connected_apps_access_token'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/connected_apps_access_token'
'400':
description: The session id provided points to an invalid session.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/connected_apps/revoke:
post:
tags:
- Connected Apps
operationId: RevokeConnectedAppToken
description: |
Revoke the tokens linked to the connected app session.
create:connected_apps
summary: Revoke Connected App Token
parameters:
- name: session_id
in: query
description: The unique sesssion id representing the login session of a user.
schema:
type: string
nullable: false
required: true
responses:
'200':
description: >-
An access token that can be used to query a third-party provider, as
well as the token's expiry time.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'405':
description: Invalid HTTP method used.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/connections:
get:
tags:
- Connections
operationId: GetConnections
description: >
Returns a list of authentication connections. Optionally you can filter
this by a home realm domain.
read:connections
summary: Get connections
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: home_realm_domain
in: query
description: Filter the results by the home realm domain.
schema:
example: myapp.com
type: string
nullable: true
- name: starting_after
in: query
description: The ID of the connection to start after.
schema:
type: string
nullable: true
- name: ending_before
in: query
description: The ID of the connection to end before.
schema:
type: string
nullable: true
responses:
'200':
description: Connections successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_connections_response'
application/json:
schema:
$ref: '#/components/schemas/get_connections_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Connections
operationId: CreateConnection
description: |
Create Connection.
create:connections
summary: Create Connection
requestBody:
description: Connection details.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The internal name of the connection.
type: string
nullable: false
display_name:
description: The public facing name of the connection.
type: string
nullable: false
strategy:
description: The identity provider identifier for the connection.
type: string
enum:
- oauth2:apple
- oauth2:azure_ad
- oauth2:bitbucket
- oauth2:discord
- oauth2:facebook
- oauth2:github
- oauth2:gitlab
- oauth2:google
- oauth2:linkedin
- oauth2:microsoft
- oauth2:patreon
- oauth2:slack
- oauth2:stripe
- oauth2:twitch
- oauth2:twitter
- oauth2:xero
- saml:custom
- wsfed:azure_ad
nullable: false
enabled_applications:
description: >-
Client IDs of applications in which this connection is to be
enabled.
type: array
items:
type: string
organization_code:
description: >-
Enterprise connections only - the code for organization that
manages this connection.
type: string
nullable: true
example: org_80581732fbe
options:
oneOf:
- type: object
description: Social connection options (e.g., Google SSO).
properties:
client_id:
type: string
description: OAuth client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: OAuth client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
is_use_custom_domain:
type: boolean
description: Use custom domain callback URL.
example: true
- type: object
description: Azure AD connection options.
properties:
client_id:
type: string
description: Client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: Client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
home_realm_domains:
type: array
items:
type: string
description: List of domains to limit authentication.
example:
- '@kinde.com'
- '@kinde.io'
entra_id_domain:
type: string
description: Domain for Entra ID.
example: kinde.com
is_use_common_endpoint:
type: boolean
description: >-
Use https://login.windows.net/common instead of a
default endpoint.
example: true
is_sync_user_profile_on_login:
type: boolean
description: Sync user profile data with IDP.
example: true
is_retrieve_provider_user_groups:
type: boolean
description: Include user group info from MS Entra ID.
example: true
is_extended_attributes_required:
type: boolean
description: Include additional user profile information.
example: true
is_auto_join_organization_enabled:
type: boolean
description: >-
Users automatically join organization when using
this connection.
example: true
- type: object
description: SAML connection options (e.g., Cloudflare SAML).
properties:
home_realm_domains:
type: array
items:
type: string
description: List of domains to restrict authentication.
example:
- '@kinde.com'
- '@kinde.io'
saml_entity_id:
type: string
description: SAML Entity ID.
example: https://kinde.com
saml_acs_url:
type: string
description: Assertion Consumer Service URL.
example: https://kinde.com/saml/acs
saml_idp_metadata_url:
type: string
description: URL for the IdP metadata.
example: https://kinde.com/saml/metadata
saml_email_key_attr:
type: string
description: Attribute key for the user’s email.
example: email
saml_first_name_key_attr:
type: string
description: Attribute key for the user’s first name.
example: given_name
saml_last_name_key_attr:
type: string
description: Attribute key for the user’s last name.
example: family_name
is_create_missing_user:
type: boolean
description: Create user if they don’t exist.
example: true
saml_signing_certificate:
type: string
description: Certificate for signing SAML requests.
example: >-
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIEUjZoyDANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVNhbiBGcmFuYzEXMBUGA1UECgwOQ2xv
-----END CERTIFICATE-----
saml_signing_private_key:
type: string
description: Private key associated with the signing certificate.
example: >-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCy5+KLjTzF6tvl
-----END PRIVATE KEY-----
is_auto_join_organization_enabled:
type: boolean
description: >-
Users automatically join organization when using
this connection.
example: true
responses:
'201':
description: Connection successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_connection_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/connections/{connection_id}:
get:
tags:
- Connections
operationId: GetConnection
description: |
Get Connection.
read:connections
summary: Get Connection
parameters:
- name: connection_id
in: path
description: The unique identifier for the connection.
required: true
schema:
type: string
responses:
'200':
description: Connection successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/connection'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Connections
operationId: UpdateConnection
description: |
Update Connection.
update:connections
summary: Update Connection
parameters:
- name: connection_id
in: path
description: The unique identifier for the connection.
required: true
schema:
type: string
requestBody:
description: The fields of the connection to update.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The internal name of the connection.
type: string
nullable: false
example: ConnectionA
display_name:
description: The public facing name of the connection.
type: string
nullable: false
example: Connection
enabled_applications:
description: >-
Client IDs of applications in which this connection is to be
enabled.
type: array
example:
- c647dbe20f5944e28af97c9184fded22
- 20bbffaa4c5e492a962273039d4ae18b
items:
type: string
options:
oneOf:
- type: object
description: Social connection options (e.g., Google SSO).
properties:
client_id:
type: string
description: OAuth client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: OAuth client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
is_use_custom_domain:
type: boolean
description: Use custom domain callback URL.
example: true
- type: object
description: Azure AD connection options.
properties:
client_id:
type: string
description: Client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: Client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
home_realm_domains:
type: array
items:
type: string
description: List of domains to limit authentication.
example:
- '@kinde.com'
- '@kinde.io'
entra_id_domain:
type: string
description: Domain for Entra ID.
example: kinde.com
is_use_common_endpoint:
type: boolean
description: >-
Use https://login.windows.net/common instead of a
default endpoint.
example: true
is_sync_user_profile_on_login:
type: boolean
description: Sync user profile data with IDP.
example: true
is_retrieve_provider_user_groups:
type: boolean
description: Include user group info from MS Entra ID.
example: true
is_extended_attributes_required:
type: boolean
description: Include additional user profile information.
example: true
- type: object
description: SAML connection options (e.g., Cloudflare SAML).
properties:
home_realm_domains:
type: array
items:
type: string
description: List of domains to restrict authentication.
example:
- '@kinde.com'
- '@kinde.io'
saml_entity_id:
type: string
description: SAML Entity ID.
example: https://kinde.com
saml_acs_url:
type: string
description: Assertion Consumer Service URL.
example: https://kinde.com/saml/acs
saml_idp_metadata_url:
type: string
description: URL for the IdP metadata.
example: https://kinde.com/saml/metadata
saml_email_key_attr:
type: string
description: Attribute key for the user’s email.
example: email
saml_first_name_key_attr:
type: string
description: Attribute key for the user’s first name.
example: given_name
saml_last_name_key_attr:
type: string
description: Attribute key for the user’s last name.
example: family_name
is_create_missing_user:
type: boolean
description: Create user if they don’t exist.
example: true
saml_signing_certificate:
type: string
description: Certificate for signing SAML requests.
example: >-
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIEUjZoyDANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVNhbiBGcmFuYzEXMBUGA1UECgwOQ2xv
-----END CERTIFICATE-----
saml_signing_private_key:
type: string
description: Private key associated with the signing certificate.
example: >-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCy5+KLjTzF6tvl
-----END PRIVATE KEY-----
responses:
'200':
description: Connection successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
put:
tags:
- Connections
operationId: ReplaceConnection
description: |
Replace Connection Config.
update:connections
summary: Replace Connection
parameters:
- name: connection_id
in: path
description: The unique identifier for the connection.
required: true
schema:
type: string
requestBody:
description: The complete connection configuration to replace the existing one.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The internal name of the connection.
type: string
example: ConnectionA
nullable: false
display_name:
description: The public-facing name of the connection.
type: string
example: Connection
nullable: false
enabled_applications:
description: >-
Client IDs of applications in which this connection is to be
enabled.
type: array
items:
type: string
example:
- c647dbe20f5944e28af97c9184fded22
- 20bbffaa4c5e492a962273039d4ae18b
options:
oneOf:
- type: object
description: Social connection options (e.g., Google SSO).
properties:
client_id:
type: string
description: OAuth client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: OAuth client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
is_use_custom_domain:
type: boolean
description: Use custom domain callback URL.
example: true
- type: object
description: Azure AD connection options.
properties:
client_id:
type: string
description: Client ID.
example: hji7db2146af332akfldfded22
client_secret:
type: string
description: Client secret.
example: 19fkjdalg521l23fassf3039d4ae18b
home_realm_domains:
type: array
items:
type: string
description: List of domains to limit authentication.
example:
- '@kinde.com'
- '@kinde.io'
entra_id_domain:
type: string
description: Domain for Entra ID.
example: kinde.com
is_use_common_endpoint:
type: boolean
description: >-
Use https://login.windows.net/common instead of a
default endpoint.
example: true
is_sync_user_profile_on_login:
type: boolean
description: Sync user profile data with IDP.
example: true
is_retrieve_provider_user_groups:
type: boolean
description: Include user group info from MS Entra ID.
example: true
is_extended_attributes_required:
type: boolean
description: Include additional user profile information.
example: true
- type: object
description: SAML connection options (e.g., Cloudflare SAML).
properties:
home_realm_domains:
type: array
items:
type: string
description: List of domains to restrict authentication.
example:
- '@kinde.com'
- '@kinde.io'
saml_entity_id:
type: string
description: SAML Entity ID.
example: https://kinde.com
saml_acs_url:
type: string
description: Assertion Consumer Service URL.
example: https://kinde.com/saml/acs
saml_idp_metadata_url:
type: string
description: URL for the IdP metadata.
example: https://kinde.com/saml/metadata
saml_email_key_attr:
type: string
description: Attribute key for the user’s email.
example: email
saml_first_name_key_attr:
type: string
description: Attribute key for the user’s first name.
example: given_name
saml_last_name_key_attr:
type: string
description: Attribute key for the user’s last name.
example: family_name
is_create_missing_user:
type: boolean
description: Create user if they don’t exist.
example: true
saml_signing_certificate:
type: string
description: Certificate for signing SAML requests.
example: >-
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIEUjZoyDANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVNhbiBGcmFuYzEXMBUGA1UECgwOQ2xv
-----END CERTIFICATE-----
saml_signing_private_key:
type: string
description: Private key associated with the signing certificate.
example: >-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCy5+KLjTzF6tvl
-----END PRIVATE KEY-----
responses:
'200':
description: Connection successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Connections
operationId: deleteConnection
description: |
Delete connection.
delete:connections
summary: Delete Connection
parameters:
- name: connection_id
in: path
description: The identifier for the connection.
required: true
schema:
type: string
responses:
'200':
description: Connection successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/environment:
get:
tags:
- Environments
operationId: getEnvironment
summary: Get environment
description: |
Gets the current environment.
read:environments
responses:
'200':
description: Environment successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_environment_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/environment/feature_flags:
delete:
tags:
- Environments
operationId: DeleteEnvironementFeatureFlagOverrides
description: |
Delete all environment feature flag overrides.
delete:environment_feature_flags
summary: Delete Environment Feature Flag Overrides
responses:
'200':
description: Feature flag overrides deleted successfully.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
get:
tags:
- Environments
operationId: GetEnvironementFeatureFlags
description: |
Get environment feature flags.
read:environment_feature_flags
summary: List Environment Feature Flags
responses:
'200':
description: Feature flags retrieved successfully.
content:
application/json:
schema:
$ref: '#/components/schemas/get_environment_feature_flags_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_environment_feature_flags_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/environment/feature_flags/{feature_flag_key}:
delete:
tags:
- Environments
operationId: DeleteEnvironementFeatureFlagOverride
description: |
Delete environment feature flag override.
delete:environment_feature_flags
summary: Delete Environment Feature Flag Override
parameters:
- name: feature_flag_key
in: path
description: The identifier for the feature flag.
required: true
schema:
type: string
responses:
'200':
description: Feature flag deleted successfully.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Environments
operationId: UpdateEnvironementFeatureFlagOverride
description: |
Update environment feature flag override.
update:environment_feature_flags
summary: Update Environment Feature Flag Override
parameters:
- name: feature_flag_key
in: path
description: The identifier for the feature flag.
required: true
schema:
type: string
requestBody:
description: Flag details.
required: true
content:
application/json:
schema:
type: object
properties:
value:
description: The flag override value.
type: string
nullable: false
required:
- value
responses:
'200':
description: Feature flag override successful
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/environment/logos:
get:
tags:
- Environments
operationId: ReadLogo
description: |
Read environment logo details
read:environments
summary: Read logo details
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/read_env_logo_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/environment/logos/{type}:
put:
tags:
- Environments
operationId: AddLogo
description: |
Add environment logo
update:environments
summary: Add logo
parameters:
- name: type
in: path
description: The type of logo to add.
required: true
schema:
type: string
example: dark
enum:
- dark
- light
requestBody:
description: Logo details.
required: true
content:
multipart/form-data:
schema:
type: object
required:
- logo
properties:
logo:
type: string
format: binary
description: The logo file to upload.
responses:
'200':
description: Logo successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Environments
operationId: DeleteLogo
description: |
Delete environment logo
update:environments
summary: Delete logo
parameters:
- name: type
in: path
description: The type of logo to delete.
required: true
schema:
type: string
example: dark
enum:
- dark
- light
responses:
'200':
description: Logo successfully deleted
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'204':
description: No logo found to delete
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/environment_variables:
get:
tags:
- Environment variables
operationId: getEnvironmentVariables
summary: Get environment variables
description: >
Get environment variables. This feature is in beta and admin UI is not
yet available.
read:environment_variables
responses:
'200':
description: >-
A successful response with a list of environment variables or an
empty list.
content:
application/json:
schema:
$ref: '#/components/schemas/get_environment_variables_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Environment variables
operationId: createEnvironmentVariable
summary: Create environment variable
description: >
Create a new environment variable. This feature is in beta and admin UI
is not yet available.
create:environment_variables
requestBody:
description: The environment variable details.
required: true
content:
application/json:
schema:
type: object
properties:
key:
type: string
description: The name of the environment variable (max 128 characters).
example: MY_API_KEY
value:
type: string
description: >-
The value of the new environment variable (max 2048
characters).
example: some-secret-value
is_secret:
type: boolean
description: >-
Whether the environment variable is sensitive. Secrets are
not-readable by you or your team after creation.
example: false
required:
- key
- value
responses:
'201':
description: Environment variable successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_environment_variable_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/environment_variables/{variable_id}:
parameters:
- $ref: '#/components/parameters/variable_id'
get:
tags:
- Environment variables
operationId: getEnvironmentVariable
summary: Get environment variable
description: >
Retrieve environment variable details by ID. This feature is in beta and
admin UI is not yet available.
read:environment_variables
responses:
'200':
description: Environment variable successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_environment_variable_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Environment variables
operationId: updateEnvironmentVariable
summary: Update environment variable
description: >
Update an environment variable you previously created. This feature is
in beta and admin UI is not yet available.
update:environment_variables
requestBody:
description: The new details for the environment variable
required: true
content:
application/json:
schema:
type: object
properties:
key:
type: string
description: The key to update.
example: MY_API_KEY
value:
type: string
description: The new value for the environment variable.
example: new-secret-value
is_secret:
type: boolean
description: >-
Whether the environment variable is sensitive. Secret
variables are not-readable by you or your team after
creation.
responses:
'200':
description: Environment variable successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/update_environment_variable_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Environment variables
operationId: deleteEnvironmentVariable
summary: Delete environment variable
description: >
Delete an environment variable you previously created. This feature is
in beta and admin UI is not yet available.
delete:environment_variables
responses:
'200':
description: Environment variable successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/delete_environment_variable_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/feature_flags:
post:
tags:
- Feature Flags
operationId: CreateFeatureFlag
description: |
Create feature flag.
create:feature_flags
summary: Create Feature Flag
requestBody:
description: Flag details.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The name of the flag.
type: string
nullable: false
description:
description: Description of the flag purpose.
type: string
nullable: false
key:
description: The flag identifier to use in code.
type: string
nullable: false
type:
description: The variable type.
type: string
enum:
- str
- int
- bool
nullable: false
allow_override_level:
description: Allow the flag to be overridden at a different level.
type: string
enum:
- env
- org
- usr
nullable: false
default_value:
description: >-
Default value for the flag used by environments and
organizations.
type: string
nullable: false
required:
- name
- key
- type
- default_value
responses:
'201':
description: Feature flag successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/feature_flags/{feature_flag_key}:
delete:
tags:
- Feature Flags
operationId: DeleteFeatureFlag
description: |
Delete feature flag
delete:feature_flags
summary: Delete Feature Flag
parameters:
- name: feature_flag_key
in: path
description: The identifier for the feature flag.
required: true
schema:
type: string
responses:
'200':
description: Feature flag successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
put:
tags:
- Feature Flags
operationId: UpdateFeatureFlag
description: |
Update feature flag.
update:feature_flags
summary: Replace Feature Flag
parameters:
- name: feature_flag_key
in: path
description: The key identifier for the feature flag.
required: true
schema:
type: string
- name: name
in: query
description: The name of the flag.
schema:
type: string
nullable: false
required: true
- name: description
in: query
description: Description of the flag purpose.
schema:
type: string
nullable: false
required: true
- name: type
in: query
description: The variable type
schema:
type: string
enum:
- str
- int
- bool
nullable: false
required: true
- name: allow_override_level
in: query
description: Allow the flag to be overridden at a different level.
schema:
type: string
enum:
- env
- org
nullable: false
required: true
- name: default_value
in: query
description: Default value for the flag used by environments and organizations.
schema:
type: string
nullable: false
required: true
responses:
'200':
description: Feature flag successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/identities/{identity_id}:
get:
tags:
- Identities
operationId: GetIdentity
description: |
Returns an identity by ID
read:identities
summary: Get identity
parameters:
- name: identity_id
in: path
description: The unique identifier for the identity.
required: true
schema:
type: string
responses:
'200':
description: Identity successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/identity'
application/json:
schema:
$ref: '#/components/schemas/identity'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Identities
operationId: UpdateIdentity
description: |
Update identity by ID.
update:identities
summary: Update identity
parameters:
- name: identity_id
in: path
description: The unique identifier for the identity.
required: true
schema:
type: string
requestBody:
description: The fields of the identity to update.
required: true
content:
application/json:
schema:
type: object
properties:
is_primary:
description: Whether the identity is the primary for it's type
type: boolean
nullable: false
responses:
'200':
description: Identity successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
delete:
tags:
- Identities
operationId: DeleteIdentity
description: |
Delete identity by ID.
delete:identities
summary: Delete identity
parameters:
- name: identity_id
in: path
description: The unique identifier for the identity.
required: true
schema:
type: string
responses:
'200':
description: Identity successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/mfa:
put:
tags:
- MFA
operationId: ReplaceMFA
description: |
Replace MFA Configuration.
update:mfa
summary: Replace MFA Configuration
requestBody:
description: MFA details.
required: true
content:
application/json:
schema:
type: object
properties:
policy:
description: >-
Specifies whether MFA is required, optional, or not
enforced.
type: string
enum:
- required
- 'off'
- optional
nullable: false
enabled_factors:
description: The MFA methods to enable.
type: array
nullable: false
items:
type: string
enum:
- mfa:email
- mfa:sms
- mfa:authenticator_app
required:
- policy
- enabled_factors
responses:
'200':
description: MFA Configuration updated successfully.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organization:
get:
tags:
- Organizations
operationId: getOrganization
summary: Get organization
description: |
Retrieve organization details by code.
read:organizations
parameters:
- in: query
name: code
description: The organization's code.
schema:
type: string
example: org_1ccfb819462
responses:
'200':
description: Organization successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_organization_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Organizations
operationId: createOrganization
summary: Create organization
description: >
Create a new organization. To learn more read about [multi tenancy using
organizations](https://docs.kinde.com/build/organizations/multi-tenancy-using-organizations/)
create:organizations
requestBody:
description: Organization details.
required: true
content:
application/json:
schema:
type: object
required:
- name
properties:
name:
description: The organization's name.
type: string
example: Acme Corp
feature_flags:
type: object
description: The organization's feature flag settings.
additionalProperties:
type: string
enum:
- str
- int
- bool
description: Value of the feature flag.
external_id:
description: >-
The organization's external identifier - commonly used when
migrating from or mapping to other systems.
type: string
example: some1234
background_color:
description: The organization's brand settings - background color.
type: string
button_color:
description: The organization's brand settings - button color.
type: string
button_text_color:
description: The organization's brand settings - button text color.
type: string
link_color:
description: The organization's brand settings - link color.
type: string
background_color_dark:
description: >-
The organization's brand settings - dark mode background
color.
type: string
button_color_dark:
description: The organization's brand settings - dark mode button color.
type: string
button_text_color_dark:
description: >-
The organization's brand settings - dark mode button text
color.
type: string
link_color_dark:
description: The organization's brand settings - dark mode link color.
type: string
theme_code:
description: >-
The organization's brand settings - theme/mode 'light' |
'dark' | 'user_preference'.
type: string
handle:
description: >-
A unique handle for the organization - can be used for
dynamic callback urls.
type: string
example: acme_corp
is_allow_registrations:
description: >-
If users become members of this organization when the org
code is supplied during authentication.
type: boolean
example: true
sender_name:
nullable: true
type: string
example: Acme Corp
description: The name of the organization that will be used in emails
sender_email:
nullable: true
type: string
example: hello@acmecorp.com
description: >-
The email address that will be used in emails. Requires
custom SMTP to be set up.
responses:
'200':
description: Organization successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_organization_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations:
get:
tags:
- Organizations
operationId: getOrganizations
summary: Get organizations
description: |
Get a list of organizations.
read:organizations
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- email_asc
- email_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: Organizations successfully retreived.
content:
application/json:
schema:
$ref: '#/components/schemas/get_organizations_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organization/{org_code}:
patch:
tags:
- Organizations
operationId: updateOrganization
description: |
Update an organization.
update:organizations
summary: Update Organization
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
example: org_1ccfb819462
requestBody:
description: Organization details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The organization's name.
type: string
example: Acme Corp
external_id:
description: The organization's ID.
type: string
example: some1234
background_color:
description: The organization's brand settings - background color.
type: string
example: '#fff'
button_color:
description: The organization's brand settings - button color.
type: string
example: '#fff'
button_text_color:
description: The organization's brand settings - button text color.
type: string
example: '#fff'
link_color:
description: The organization's brand settings - link color.
type: string
example: '#fff'
background_color_dark:
description: >-
The organization's brand settings - dark mode background
color.
type: string
example: '#000'
button_color_dark:
description: The organization's brand settings - dark mode button color.
type: string
example: '#000'
button_text_color_dark:
description: >-
The organization's brand settings - dark mode button text
color.
type: string
example: '#000'
link_color_dark:
description: The organization's brand settings - dark mode link color.
type: string
example: '#000'
theme_code:
description: The organization's brand settings - theme/mode.
type: string
enum:
- light
- dark
- user_preference
example: light
handle:
description: The organization's handle.
type: string
example: acme_corp
is_allow_registrations:
deprecated: true
description: Deprecated - Use 'is_auto_membership_enabled' instead.
type: boolean
is_auto_join_domain_list:
description: Users can sign up to this organization.
type: boolean
example: true
allowed_domains:
description: Domains allowed for self-sign up to this environment.
type: array
example:
- https://acme.kinde.com
- https://acme.com
items:
type: string
is_enable_advanced_orgs:
description: Activate advanced organization features.
type: boolean
example: true
is_enforce_mfa:
description: Enforce MFA for all users in this organization.
type: boolean
example: true
sender_name:
nullable: true
type: string
example: Acme Corp
description: The name of the organization that will be used in emails
sender_email:
nullable: true
type: string
example: hello@acmecorp.com
description: >-
The email address that will be used in emails. Requires
custom SMTP to be set up.
responses:
'200':
description: Organization successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Organizations
operationId: deleteOrganization
description: |
Delete an organization.
delete:organizations
summary: Delete Organization
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
responses:
'200':
description: Organization successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users:
get:
tags:
- Organizations
operationId: GetOrganizationUsers
summary: Get organization users
description: |
Get user details for all members of an organization.
read:organization_users
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
example: email_asc
type: string
nullable: true
enum:
- name_asc
- name_desc
- email_asc
- email_desc
- id_asc
- id_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
example: 10
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
example: MTo6OmlkX2FzYw==
type: string
nullable: true
- name: org_code
in: path
description: The organization's code.
required: true
schema:
example: org_1ccfb819462
type: string
nullable: false
- name: permissions
in: query
description: Filter by user permissions comma separated (where all match)
schema:
example: admin
type: string
- name: roles
in: query
description: Filter by user roles comma separated (where all match)
schema:
example: manager
type: string
responses:
'200':
description: >-
A successful response with a list of organization users or an empty
list.
content:
application/json:
schema:
$ref: '#/components/schemas/get_organization_users_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Organizations
operationId: AddOrganizationUsers
description: |
Add existing users to an organization.
create:organization_users
summary: Add Organization Users
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
requestBody:
required: false
content:
application/json:
schema:
type: object
properties:
users:
description: Users to be added to the organization.
type: array
items:
type: object
properties:
id:
description: The users id.
type: string
example: kp_057ee6debc624c70947b6ba512908c35
roles:
description: Role keys to assign to the user.
type: array
items:
type: string
example: manager
permissions:
description: Permission keys to assign to the user.
type: array
items:
type: string
example: admin
responses:
'200':
description: Users successfully added.
content:
application/json:
schema:
$ref: '#/components/schemas/add_organization_users_response'
'204':
description: No users added.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Organizations
operationId: UpdateOrganizationUsers
description: |
Update users that belong to an organization.
update:organization_users
summary: Update Organization Users
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
requestBody:
required: false
content:
application/json:
schema:
type: object
properties:
users:
description: Users to add, update or remove from the organization.
type: array
items:
type: object
properties:
id:
description: The users id.
type: string
example: kp_057ee6debc624c70947b6ba512908c35
operation:
description: >-
Optional operation, set to 'delete' to remove the user
from the organization.
type: string
example: delete
roles:
description: Role keys to assign to the user.
type: array
items:
type: string
example: manager
permissions:
description: Permission keys to assign to the user.
type: array
items:
type: string
example: admin
responses:
'200':
description: Users successfully removed.
content:
application/json:
schema:
$ref: '#/components/schemas/update_organization_users_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/roles:
get:
tags:
- Organizations
operationId: GetOrganizationUserRoles
description: |
Get roles for an organization user.
read:organization_user_roles
summary: List Organization User Roles
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: A successful response with a list of user roles.
content:
application/json:
schema:
$ref: '#/components/schemas/get_organizations_user_roles_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_organizations_user_roles_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Organizations
operationId: CreateOrganizationUserRole
description: |
Add role to an organization user.
create:organization_user_roles
summary: Add Organization User Role
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
requestBody:
description: Role details.
required: true
content:
application/json:
schema:
type: object
properties:
role_id:
description: The role id.
type: string
responses:
'200':
description: Role successfully added.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/roles/{role_id}:
delete:
tags:
- Organizations
operationId: DeleteOrganizationUserRole
description: |
Delete role for an organization user.
delete:organization_user_roles
summary: Delete Organization User Role
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
- name: role_id
in: path
description: The role id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: User successfully removed.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Error creating user.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/permissions:
get:
tags:
- Organizations
operationId: GetOrganizationUserPermissions
description: |
Get permissions for an organization user.
read:organization_user_permissions
summary: List Organization User Permissions
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
- name: expand
in: query
description: Specify additional data to retrieve. Use "roles".
required: false
schema:
type: string
nullable: true
responses:
'200':
description: A successful response with a list of user permissions.
content:
application/json:
schema:
$ref: >-
#/components/schemas/get_organizations_user_permissions_response
application/json; charset=utf-8:
schema:
$ref: >-
#/components/schemas/get_organizations_user_permissions_response
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Organizations
operationId: CreateOrganizationUserPermission
description: |
Add permission to an organization user.
create:organization_user_permissions
summary: Add Organization User Permission
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
requestBody:
description: Permission details.
required: true
content:
application/json:
schema:
type: object
properties:
permission_id:
description: The permission id.
type: string
responses:
'200':
description: User permission successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/permissions/{permission_id}:
delete:
tags:
- Organizations
operationId: DeleteOrganizationUserPermission
description: |
Delete permission for an organization user.
delete:organization_user_permissions
summary: Delete Organization User Permission
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
- name: permission_id
in: path
description: The permission id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: User successfully removed.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Error creating user.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}:
delete:
tags:
- Organizations
operationId: RemoveOrganizationUser
description: |
Remove user from an organization.
delete:organization_users
summary: Remove Organization User
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
- name: user_id
in: path
description: The user's id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: User successfully removed from organization
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Error removing user
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/apis/{api_id}/scopes/{scope_id}:
post:
tags:
- Organizations
operationId: addOrganizationUserAPIScope
summary: Add scope to organization user api
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
- name: user_id
in: path
description: User ID
required: true
schema:
type: string
nullable: false
example: kp_5ce676e5d6a24bc9aac2fba35a46e958
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Add a scope to an organization user api.
create:organization_user_api_scopes
responses:
'200':
description: API scope successfully added to organization user api
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Organizations
operationId: deleteOrganizationUserAPIScope
summary: Delete scope from organization user API
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
- name: user_id
in: path
description: User ID
required: true
schema:
type: string
nullable: false
example: kp_5ce676e5d6a24bc9aac2fba35a46e958
- name: api_id
in: path
description: API ID
required: true
schema:
type: string
nullable: false
example: 838f208d006a482dbd8cdb79a9889f68
- name: scope_id
in: path
description: Scope ID
required: true
schema:
type: string
nullable: false
example: api_scope_019391daf58d87d8a7213419c016ac95
description: |
Delete a scope from an organization user api you previously created.
delete:organization_user_api_scopes
responses:
'200':
description: Organization user API scope successfully deleted.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/mfa:
get:
tags:
- Organizations
operationId: GetOrgUserMFA
description: |
Get an organization user’s MFA configuration.
read:organization_user_mfa
summary: Get an organization user's MFA configuration
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
example: org_1ccfb819462
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
example: kp_c3143a4b50ad43c88e541d9077681782
responses:
'200':
description: Successfully retrieve user's MFA configuration.
content:
application/json:
schema:
$ref: '#/components/schemas/get_user_mfa_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/users/{user_id}/mfa/{factor_id}:
delete:
tags:
- Organizations
operationId: ResetOrgUserMFA
description: |
Reset an organization user’s MFA.
delete:organization_user_mfa
summary: Reset MFA for a user
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
example: org_1ccfb819462
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
example: kp_c3143a4b50ad43c88e541d9077681782
- name: factor_id
in: path
description: The identifier for the MFA factor
required: true
schema:
type: string
example: mfa_0193278a00ac29b3f6d4e4d462d55c47
responses:
'200':
description: User's MFA successfully reset.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/feature_flags:
get:
tags:
- Organizations
operationId: GetOrganizationFeatureFlags
description: |
Get all organization feature flags.
read:organization_feature_flags
summary: List Organization Feature Flags
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
responses:
'200':
description: Feature flag overrides successfully returned.
content:
application/json:
schema:
$ref: '#/components/schemas/get_organization_feature_flags_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_organization_feature_flags_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
delete:
tags:
- Organizations
operationId: DeleteOrganizationFeatureFlagOverrides
description: |
Delete all organization feature flag overrides.
delete:organization_feature_flags
summary: Delete Organization Feature Flag Overrides
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
responses:
'200':
description: Feature flag overrides successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/feature_flags/{feature_flag_key}:
delete:
tags:
- Organizations
operationId: DeleteOrganizationFeatureFlagOverride
description: |
Delete organization feature flag override.
delete:organization_feature_flags
summary: Delete Organization Feature Flag Override
parameters:
- name: org_code
in: path
description: The identifier for the organization.
required: true
schema:
type: string
- name: feature_flag_key
in: path
description: The identifier for the feature flag.
required: true
schema:
type: string
responses:
'200':
description: Feature flag override successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Organizations
operationId: UpdateOrganizationFeatureFlagOverride
description: |
Update organization feature flag override.
update:organization_feature_flags
summary: Update Organization Feature Flag Override
parameters:
- name: org_code
in: path
description: The identifier for the organization
required: true
schema:
type: string
- name: feature_flag_key
in: path
description: The identifier for the feature flag
required: true
schema:
type: string
- name: value
in: query
description: Override value
required: true
schema:
type: string
responses:
'200':
description: Feature flag override successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/properties/{property_key}:
put:
tags:
- Organizations
operationId: UpdateOrganizationProperty
description: |
Update organization property value.
update:organization_properties
summary: Update Organization Property value
parameters:
- name: org_code
in: path
description: The identifier for the organization
required: true
schema:
type: string
- name: property_key
in: path
description: The identifier for the property
required: true
schema:
type: string
- name: value
in: query
description: The new property value
required: true
schema:
type: string
responses:
'200':
description: Property successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/properties:
get:
tags:
- Organizations
operationId: GetOrganizationPropertyValues
description: |
Gets properties for an organization by org code.
read:organization_properties
summary: Get Organization Property Values
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Properties successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_property_values_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_property_values_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Organizations
operationId: UpdateOrganizationProperties
description: |
Update organization property values.
update:organization_properties
summary: Update Organization Property values
parameters:
- name: org_code
in: path
description: The identifier for the organization
required: true
schema:
type: string
requestBody:
description: Properties to update.
required: true
content:
application/json:
schema:
type: object
properties:
properties:
description: Property keys and values
type: object
nullable: false
required:
- properties
responses:
'200':
description: Properties successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/mfa:
put:
tags:
- Organizations
operationId: ReplaceOrganizationMFA
description: |
Replace Organization MFA Configuration.
update:organization_mfa
summary: Replace Organization MFA Configuration
parameters:
- name: org_code
in: path
description: The identifier for the organization
required: true
schema:
type: string
requestBody:
description: MFA details.
required: true
content:
application/json:
schema:
type: object
properties:
enabled_factors:
description: The MFA methods to enable.
type: array
nullable: false
items:
type: string
enum:
- mfa:email
- mfa:sms
- mfa:authenticator_app
required:
- enabled_factors
responses:
'200':
description: MFA Configuration updated successfully.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organization/{org_code}/handle:
delete:
tags:
- Organizations
operationId: DeleteOrganizationHandle
description: |
Delete organization handle
delete:organization_handles
summary: Delete organization handle
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Handle successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/logos:
get:
tags:
- Organizations
operationId: ReadOrganizationLogo
description: |
Read organization logo details
read:organizations
summary: Read organization logo details
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
example: org_1ccfb819462
responses:
'200':
description: Successfully retrieved organization logo details
content:
application/json:
schema:
$ref: '#/components/schemas/read_logo_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{org_code}/logos/{type}:
post:
tags:
- Organizations
operationId: AddOrganizationLogo
description: |
Add organization logo
update:organizations
summary: Add organization logo
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
example: org_1ccfb819462
- name: type
in: path
description: The type of logo to add.
required: true
schema:
type: string
example: dark
enum:
- dark
- light
requestBody:
description: Organization logo details.
required: true
content:
multipart/form-data:
schema:
type: object
required:
- logo
properties:
logo:
type: string
format: binary
description: The logo file to upload.
responses:
'200':
description: Organization logo successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Organizations
operationId: DeleteOrganizationLogo
description: |
Delete organization logo
update:organizations
summary: Delete organization logo
parameters:
- name: org_code
in: path
description: The organization's code.
required: true
schema:
type: string
nullable: false
example: org_1ccfb819462
- name: type
in: path
description: The type of logo to delete.
required: true
schema:
type: string
example: dark
enum:
- dark
- light
responses:
'200':
description: Organization logo successfully deleted
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'204':
description: No logo found to delete
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{organization_code}/connections:
get:
tags:
- Organizations
operationId: GetOrganizationConnections
description: |
Gets all connections for an organization.
read:organization_connections
summary: Get connections
parameters:
- name: organization_code
in: path
description: The organization code.
required: true
schema:
type: string
nullable: false
example: org_7d45b01ef13
responses:
'200':
description: Organization connections successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_connections_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/organizations/{organization_code}/connections/{connection_id}:
post:
tags:
- Organizations
operationId: EnableOrgConnection
summary: Enable connection
description: |
Enable an auth connection for an organization.
create:organization_connections
parameters:
- name: organization_code
in: path
description: The unique code for the organization.
required: true
schema:
type: string
example: org_7d45b01ef13
- name: connection_id
in: path
description: The identifier for the connection.
required: true
schema:
type: string
example: conn_0192c16abb53b44277e597d31877ba5b
responses:
'200':
description: Connection successfully enabled.
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Organizations
operationId: RemoveOrgConnection
summary: Remove connection
description: |
Turn off an auth connection for an organization
delete:organization_connections
parameters:
- name: organization_code
in: path
description: The unique code for the organization.
required: true
schema:
type: string
example: org_7d45b01ef13
- name: connection_id
in: path
description: The identifier for the connection.
required: true
schema:
type: string
example: conn_0192c16abb53b44277e597d31877ba5b
responses:
'200':
description: Connection successfully removed.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/permissions:
get:
tags:
- Permissions
operationId: GetPermissions
description: >
The returned list can be sorted by permission name or permission ID in
ascending or descending order. The number of records to return at a time
can also be controlled using the `page_size` query string parameter.
read:permissions
summary: List Permissions
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- id_asc
- id_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: Permissions successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_permissions_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_permissions_response'
'403':
description: Invalid credentials.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Permissions
operationId: CreatePermission
description: |
Create a new permission.
create:permissions
summary: Create Permission
requestBody:
description: Permission details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The permission's name.
type: string
description:
description: The permission's description.
type: string
key:
description: The permission identifier to use in code.
type: string
responses:
'201':
description: Permission successfully created
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/permissions/{permission_id}:
patch:
tags:
- Permissions
operationId: UpdatePermissions
description: |
Update permission
update:permissions
summary: Update Permission
parameters:
- name: permission_id
in: path
description: The identifier for the permission.
required: true
schema:
type: string
nullable: false
requestBody:
description: Permission details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The permission's name.
type: string
description:
description: The permission's description.
type: string
key:
description: The permission identifier to use in code.
type: string
responses:
'200':
description: Permission successfully updated
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
delete:
tags:
- Permissions
operationId: DeletePermission
description: |
Delete permission
delete:permissions
summary: Delete Permission
parameters:
- name: permission_id
in: path
description: The identifier for the permission.
required: true
schema:
type: string
responses:
'200':
description: permission successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/properties:
get:
tags:
- Properties
operationId: GetProperties
description: |
Returns a list of properties
read:properties
summary: List properties
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: starting_after
in: query
description: The ID of the property to start after.
schema:
type: string
nullable: true
- name: ending_before
in: query
description: The ID of the property to end before.
schema:
type: string
nullable: true
- name: context
in: query
description: Filter results by user, organization or application context
schema:
type: string
nullable: true
enum:
- usr
- org
- app
responses:
'200':
description: Properties successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_properties_response'
application/json:
schema:
$ref: '#/components/schemas/get_properties_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Properties
operationId: CreateProperty
description: |
Create property.
create:properties
summary: Create Property
requestBody:
description: Property details.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The name of the property.
type: string
nullable: false
description:
description: Description of the property purpose.
type: string
nullable: false
key:
description: The property identifier to use in code.
type: string
nullable: false
type:
description: The property type.
type: string
enum:
- single_line_text
- multi_line_text
nullable: false
context:
description: The context that the property applies to.
type: string
enum:
- org
- usr
- app
nullable: false
is_private:
description: >-
Whether the property can be included in id and access
tokens.
type: boolean
nullable: false
category_id:
description: Which category the property belongs to.
type: string
nullable: false
required:
- name
- key
- type
- context
- is_private
- category_id
responses:
'201':
description: Property successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/create_property_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/create_property_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/properties/{property_id}:
put:
tags:
- Properties
operationId: UpdateProperty
description: |
Update property.
update:properties
summary: Update Property
parameters:
- name: property_id
in: path
description: The unique identifier for the property.
required: true
schema:
type: string
requestBody:
description: The fields of the property to update.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The name of the property.
type: string
nullable: false
description:
type: string
description: Description of the property purpose.
is_private:
type: boolean
description: >-
Whether the property can be included in id and access
tokens.
category_id:
description: Which category the property belongs to.
type: string
nullable: false
required:
- name
- is_private
- category_id
responses:
'200':
description: Property successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
delete:
tags:
- Properties
operationId: DeleteProperty
description: |
Delete property.
delete:properties
summary: Delete Property
parameters:
- name: property_id
in: path
description: The unique identifier for the property.
required: true
schema:
type: string
responses:
'200':
description: Property successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/property_categories:
get:
tags:
- Property Categories
operationId: GetCategories
description: |
Returns a list of categories.
read:property_categories
summary: List categories
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: starting_after
in: query
description: The ID of the category to start after.
schema:
type: string
nullable: true
- name: ending_before
in: query
description: The ID of the category to end before.
schema:
type: string
nullable: true
- name: context
in: query
description: Filter the results by User or Organization context
schema:
type: string
nullable: true
enum:
- usr
- org
responses:
'200':
description: Categories successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_categories_response'
application/json:
schema:
$ref: '#/components/schemas/get_categories_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Property Categories
operationId: CreateCategory
description: |
Create category.
create:property_categories
summary: Create Category
requestBody:
description: Category details.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The name of the category.
type: string
nullable: false
context:
description: The context that the category applies to.
type: string
enum:
- org
- usr
- app
nullable: false
required:
- name
- context
responses:
'201':
description: Category successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/create_category_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/create_category_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/property_categories/{category_id}:
put:
tags:
- Property Categories
operationId: UpdateCategory
description: |
Update category.
update:property_categories
summary: Update Category
parameters:
- name: category_id
in: path
description: The unique identifier for the category.
required: true
schema:
type: string
requestBody:
description: The fields of the category to update.
required: true
content:
application/json:
schema:
type: object
properties:
name:
description: The name of the category.
type: string
nullable: false
responses:
'200':
description: category successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/roles:
get:
tags:
- Roles
operationId: GetRoles
description: >
The returned list can be sorted by role name or role ID in ascending or
descending order. The number of records to return at a time can also be
controlled using the `page_size` query string parameter.
read:roles
summary: List roles
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- id_asc
- id_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: Roles successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_roles_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Roles
operationId: CreateRole
description: |
Create role.
create:roles
summary: Create role
requestBody:
description: Role details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The role's name.
type: string
description:
description: The role's description.
type: string
key:
description: The role identifier to use in code.
type: string
is_default_role:
description: Set role as default for new users.
type: boolean
responses:
'201':
description: Role successfully created
content:
application/json:
schema:
$ref: '#/components/schemas/create_roles_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/roles/{role_id}:
get:
tags:
- Roles
operationId: GetRole
description: |
Get a role
read:roles
summary: Get role
parameters:
- name: role_id
in: path
description: The identifier for the role.
schema:
type: string
required: true
responses:
'200':
description: Role successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_role_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Roles
operationId: UpdateRoles
description: |
Update a role
update:roles
summary: Update role
parameters:
- name: role_id
in: path
description: The identifier for the role.
schema:
type: string
required: true
requestBody:
description: Role details.
required: false
content:
application/json:
schema:
type: object
properties:
name:
description: The role's name.
type: string
description:
description: The role's description.
type: string
key:
description: The role identifier to use in code.
type: string
is_default_role:
description: Set role as default for new users.
type: boolean
required:
- name
- key
responses:
'201':
description: Role successfully updated
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Roles
operationId: DeleteRole
description: |
Delete role
delete:roles
summary: Delete role
parameters:
- name: role_id
in: path
description: The identifier for the role.
required: true
schema:
type: string
responses:
'200':
description: Role successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/roles/{role_id}/scopes:
get:
tags:
- Roles
operationId: GetRoleScopes
description: |
Get scopes for a role.
read:role_scopes
summary: Get role scopes
parameters:
- name: role_id
in: path
description: The role id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: A list of scopes for a role
content:
application/json:
schema:
$ref: '#/components/schemas/role_scopes_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/role_scopes_response'
'400':
description: Error removing user
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Roles
operationId: AddRoleScope
description: |
Add scope to role.
create:role_scopes
summary: Add role scope
parameters:
- name: role_id
in: path
description: The role id.
required: true
schema:
type: string
nullable: false
requestBody:
description: Add scope to role.
required: false
content:
application/json:
schema:
type: object
properties:
scope_id:
description: The scope identifier.
type: string
responses:
'201':
description: Role scope successfully added.
content:
application/json:
schema:
$ref: '#/components/schemas/add_role_scope_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/roles/{role_id}/scopes/{scope_id}:
delete:
tags:
- Roles
operationId: DeleteRoleScope
description: |
Delete scope from role.
delete:role_scopes
summary: Delete role scope
parameters:
- name: role_id
in: path
description: The role id.
required: true
schema:
type: string
nullable: false
- name: scope_id
in: path
description: The scope id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Role scope successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/delete_role_scope_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/roles/{role_id}/permissions:
get:
tags:
- Roles
operationId: GetRolePermissions
description: |
Get permissions for a role.
read:role_permissions
summary: Get role permissions
parameters:
- name: role_id
in: path
description: The role's public id.
required: true
schema:
type: string
nullable: false
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- id_asc
- id_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: A list of permissions for a role
content:
application/json:
schema:
$ref: '#/components/schemas/role_permissions_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/role_permissions_response'
'400':
description: Error removing user
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Roles
operationId: UpdateRolePermissions
description: |
Update role permissions.
update:role_permissions
summary: Update role permissions
parameters:
- name: role_id
in: path
description: The identifier for the role.
required: true
schema:
type: string
nullable: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
permissions:
description: Permissions to add or remove from the role.
type: array
items:
type: object
properties:
id:
description: The permission id.
type: string
operation:
description: >-
Optional operation, set to 'delete' to remove the
permission from the role.
type: string
responses:
'200':
description: Permissions successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/update_role_permissions_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/update_role_permissions_response'
'403':
description: Invalid credentials.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/roles/{role_id}/permissions/{permission_id}:
delete:
tags:
- Roles
operationId: RemoveRolePermission
description: |
Remove a permission from a role.
delete:role_permissions
summary: Remove role permission
parameters:
- name: role_id
in: path
description: The role's public id.
required: true
schema:
type: string
nullable: false
- name: permission_id
in: path
description: The permission's public id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Permission successfully removed from role
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Error removing user
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/search/users:
get:
tags:
- Search
operationId: searchUsers
description: >
Search for users based on the provided query string. Set query to '*' to
filter by other parameters only.
The number of records to return at a time can be controlled using the
`page_size` query string parameter.
read:users
summary: Search users
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: query
in: query
description: Search the users by email or name. Use '*' to search all.
schema:
type: string
nullable: true
- name: properties
in: query
required: false
style: deepObject
explode: true
schema:
type: object
additionalProperties:
type: array
items:
type: string
- name: starting_after
in: query
description: The ID of the user to start after.
schema:
type: string
nullable: true
- name: ending_before
in: query
description: The ID of the user to end before.
schema:
type: string
nullable: true
- name: expand
in: query
description: >-
Specify additional data to retrieve. Use "organizations" and/or
"identities".
required: false
schema:
type: string
nullable: true
responses:
'200':
description: Users successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/search_users_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/subscribers:
get:
tags:
- Subscribers
operationId: GetSubscribers
description: >
The returned list can be sorted by full name or email address
in ascending or descending order. The number of records to return at a
time can also be controlled using the `page_size` query
string parameter.
read:subscribers
summary: List Subscribers
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
nullable: true
enum:
- name_asc
- name_desc
- email_asc
- email_desc
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
responses:
'200':
description: Subscriber successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_subscribers_response'
'403':
description: Bad request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Subscribers
operationId: CreateSubscriber
description: |
Create subscriber.
create:subscribers
summary: Create Subscriber
parameters:
- name: first_name
in: query
description: Subscriber's first name.
required: true
schema:
type: string
nullable: false
- name: last_name
in: query
description: Subscriber's last name.
required: true
schema:
type: string
nullable: true
- name: email
in: query
description: The email address of the subscriber.
required: true
schema:
type: string
nullable: true
responses:
'201':
description: Subscriber successfully created
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/create_subscriber_success_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/subscribers/{subscriber_id}:
get:
tags:
- Subscribers
operationId: GetSubscriber
description: |
Retrieve a subscriber record.
read:subscribers
summary: Get Subscriber
parameters:
- name: subscriber_id
in: path
description: The subscriber's id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Subscriber successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_subscriber_response'
'400':
description: Bad request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users:
get:
tags:
- Users
operationId: getUsers
description: >
The returned list can be sorted by full name or email address in
ascending or descending order. The number of records to return at a time
can also be controlled using the `page_size` query string parameter.
read:users
summary: Get users
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
nullable: true
- name: user_id
in: query
description: >-
Filter the results by User ID. The query string should be comma
separated and url encoded.
schema:
type: string
nullable: true
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
nullable: true
- name: email
in: query
description: >-
Filter the results by email address. The query string should be
comma separated and url encoded.
schema:
type: string
nullable: true
- name: username
in: query
description: >-
Filter the results by username. The query string should be comma
separated and url encoded.
schema:
type: string
nullable: true
- name: expand
in: query
description: >-
Specify additional data to retrieve. Use "organizations" and/or
"identities".
required: false
schema:
type: string
nullable: true
- name: has_organization
in: query
description: >-
Filter the results by if the user has at least one organization
assigned.
required: false
schema:
type: boolean
nullable: true
responses:
'200':
description: Users successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/users_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/refresh_claims:
post:
tags:
- Users
operationId: refreshUserClaims
description: |
Refreshes the user's claims and invalidates the current cache.
update:user_refresh_claims
summary: Refresh User Claims and Invalidate Cache
parameters:
- in: path
name: user_id
schema:
type: string
required: true
description: The id of the user whose claims needs to be updated.
responses:
'200':
description: Claims successfully refreshed.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Bad request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/user:
get:
tags:
- Users
operationId: getUserData
description: |
Retrieve a user record.
read:users
summary: Get user
parameters:
- name: id
in: query
description: The user's id.
required: true
schema:
type: string
nullable: false
- name: expand
in: query
description: >-
Specify additional data to retrieve. Use "organizations" and/or
"identities".
required: false
schema:
type: string
nullable: true
responses:
'200':
description: User successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/user'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
post:
tags:
- Users
operationId: createUser
description: >
Creates a user record and optionally zero or more identities for the
user. An example identity could be the email
address of the user.
create:users
summary: Create user
requestBody:
description: The details of the user to create.
required: false
content:
application/json:
schema:
type: object
properties:
profile:
description: Basic information required to create a user.
type: object
properties:
given_name:
type: string
description: User's first name.
family_name:
type: string
description: User's last name.
picture:
type: string
description: The user's profile picture.
organization_code:
description: >-
The unique code associated with the organization you want
the user to join.
type: string
provided_id:
description: An external id to reference the user.
type: string
identities:
type: array
description: Array of identities to assign to the created user
items:
type: object
description: The result of the user creation operation.
properties:
type:
type: string
description: >-
The type of identity to create, e.g. email, username,
or phone.
enum:
- email
- phone
- username
details:
type: object
description: Additional details required to create the user.
properties:
email:
type: string
description: The email address of the user.
example: email@email.com
phone:
type: string
description: The phone number of the user.
example: '+61426148233'
phone_country_id:
type: string
description: The country code for the phone number.
example: au
username:
type: string
description: The username of the user.
example: myusername
example:
- type: email
details:
email: email@email.com
- type: phone
details:
phone: '+61426148233'
phone_country_id: au
- type: username
details:
username: myusername
responses:
'200':
description: User successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_user_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
patch:
tags:
- Users
operationId: updateUser
description: |
Update a user record.
update:users
summary: Update user
parameters:
- name: id
in: query
description: The user's id.
required: true
schema:
type: string
nullable: false
requestBody:
description: The user to update.
required: true
content:
application/json:
schema:
type: object
properties:
given_name:
type: string
description: User's first name.
family_name:
type: string
description: User's last name.
picture:
type: string
description: The user's profile picture.
is_suspended:
type: boolean
description: Whether the user is currently suspended or not.
is_password_reset_requested:
type: boolean
description: Prompt the user to change their password on next sign in.
provided_id:
description: An external id to reference the user.
type: string
responses:
'200':
description: User successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/update_user_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
delete:
tags:
- Users
operationId: deleteUser
description: |
Delete a user record.
delete:users
summary: Delete user
parameters:
- name: id
in: query
description: The user's id.
required: true
schema:
type: string
nullable: false
example: kp_c3143a4b50ad43c88e541d9077681782
- name: is_delete_profile
in: query
description: >-
Delete all data and remove the user's profile from all of Kinde,
including the subscriber list
schema:
type: boolean
nullable: false
example: true
responses:
'200':
description: User successfully deleted.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/feature_flags/{feature_flag_key}:
patch:
tags:
- Users
operationId: UpdateUserFeatureFlagOverride
description: |
Update user feature flag override.
update:user_feature_flags
summary: Update User Feature Flag Override
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
- name: feature_flag_key
in: path
description: The identifier for the feature flag
required: true
schema:
type: string
- name: value
in: query
description: Override value
required: true
schema:
type: string
responses:
'200':
description: Feature flag override successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/properties/{property_key}:
put:
tags:
- Users
operationId: UpdateUserProperty
description: |
Update property value.
update:user_properties
summary: Update Property value
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
- name: property_key
in: path
description: The identifier for the property
required: true
schema:
type: string
- name: value
in: query
description: The new property value
required: true
schema:
type: string
responses:
'200':
description: Property successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/properties:
get:
tags:
- Users
operationId: GetUserPropertyValues
description: |
Gets properties for an user by ID.
read:user_properties
summary: Get property values
parameters:
- name: user_id
in: path
description: The user's ID.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Properties successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_property_values_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_property_values_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Users
operationId: UpdateUserProperties
description: |
Update property values.
update:user_properties
summary: Update Property values
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
requestBody:
description: Properties to update.
required: true
content:
application/json:
schema:
type: object
properties:
properties:
description: Property keys and values
type: object
nullable: false
required:
- properties
responses:
'200':
description: Properties successfully updated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/password:
put:
tags:
- Users
operationId: SetUserPassword
description: |
Set user password.
update:user_passwords
summary: Set User password
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
requestBody:
description: Password details.
required: true
content:
application/json:
schema:
type: object
properties:
hashed_password:
description: The hashed password.
type: string
hashing_method:
description: >-
The hashing method or algorithm used to encrypt the user’s
password. Default is bcrypt.
type: string
enum:
- bcrypt
- crypt
- md5
- wordpress
salt:
type: string
description: >-
Extra characters added to passwords to make them stronger.
Not required for bcrypt.
salt_position:
type: string
description: >-
Position of salt in password string. Not required for
bcrypt.
enum:
- prefix
- suffix
is_temporary_password:
type: boolean
description: >-
The user will be prompted to set a new password after
entering this one.
required:
- hashed_password
responses:
'200':
description: User successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/success_response'
'400':
description: Error creating user.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/identities:
get:
tags:
- Users
operationId: GetUserIdentities
description: |
Gets a list of identities for an user by ID.
read:user_identities
summary: Get identities
parameters:
- name: user_id
in: path
description: The user's ID.
required: true
schema:
type: string
nullable: false
- name: starting_after
in: query
description: The ID of the identity to start after.
schema:
type: string
nullable: true
- name: ending_before
in: query
description: The ID of the identity to end before.
schema:
type: string
nullable: true
responses:
'200':
description: Identities successfully retrieved.
content:
application/json:
schema:
$ref: '#/components/schemas/get_identities_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_identities_response'
'400':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Users
operationId: CreateUserIdentity
description: |
Creates an identity for a user.
create:user_identities
summary: Create identity
parameters:
- name: user_id
in: path
description: The user's ID.
required: true
schema:
type: string
nullable: false
requestBody:
description: The identity details.
required: false
content:
application/json:
schema:
type: object
properties:
value:
type: string
description: The email address, social identity, or username of the user.
example: sally@example.com
type:
type: string
description: The identity type
enum:
- email
- username
- phone
- enterprise
- social
example: email
phone_country_id:
type: string
description: >-
The country code for the phone number, only required when
identity type is 'phone'.
example: au
connection_id:
type: string
description: >-
The social or enterprise connection ID, only required when
identity type is 'social' or 'enterprise'.
example: conn_019289347f1193da6c0e4d49b97b4bd2
responses:
'201':
description: Identity successfully created.
content:
application/json:
schema:
$ref: '#/components/schemas/create_identity_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/create_identity_response'
'400':
description: Error creating identity.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/sessions:
delete:
tags:
- Users
operationId: DeleteUserSessions
description: |
Invalidate user sessions.
delete:user_sessions
summary: Delete user sessions
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
example: kp_c3143a4b50ad43c88e541d9077681782
responses:
'200':
description: User sessions successfully invalidated.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/mfa:
get:
tags:
- Users
operationId: GetUsersMFA
description: |
Get a user’s MFA configuration.
read:user_mfa
summary: Get user's MFA configuration
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
example: kp_c3143a4b50ad43c88e541d9077681782
responses:
'200':
description: Successfully retrieve user's MFA configuration.
content:
application/json:
schema:
$ref: '#/components/schemas/get_user_mfa_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/users/{user_id}/mfa/{factor_id}:
delete:
tags:
- Users
operationId: ResetUsersMFA
description: |
Reset a user’s MFA.
delete:user_mfa
summary: Reset MFA for a user
parameters:
- name: user_id
in: path
description: The identifier for the user
required: true
schema:
type: string
example: kp_c3143a4b50ad43c88e541d9077681782
- name: factor_id
in: path
description: The identifier for the MFA factor
required: true
schema:
type: string
example: mfa_0193278a00ac29b3f6d4e4d462d55c47
responses:
'200':
description: User's MFA successfully reset.
content:
application/json:
schema:
$ref: '#/components/schemas/success_response'
'400':
$ref: '#/components/responses/bad_request'
'403':
$ref: '#/components/responses/forbidden'
'404':
$ref: '#/components/responses/not_found'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
/api/v1/events/{event_id}:
get:
tags:
- Webhooks
operationId: GetEvent
description: |
Returns an event
read:events
summary: Get Event
parameters:
- name: event_id
in: path
description: The event id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Event successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_event_response'
application/json:
schema:
$ref: '#/components/schemas/get_event_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/event_types:
get:
tags:
- Webhooks
operationId: GetEventTypes
description: |
Returns a list event type definitions
read:event_types
summary: List Event Types
responses:
'200':
description: Event types successfully retrieved.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_event_types_response'
application/json:
schema:
$ref: '#/components/schemas/get_event_types_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/webhooks/{webhook_id}:
delete:
tags:
- Webhooks
operationId: DeleteWebHook
description: |
Delete webhook
delete:webhooks
summary: Delete Webhook
parameters:
- name: webhook_id
in: path
description: The webhook id.
required: true
schema:
type: string
nullable: false
responses:
'200':
description: Webhook successfully deleted.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/delete_webhook_response'
application/json:
schema:
$ref: '#/components/schemas/delete_webhook_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/api/v1/webhooks:
get:
tags:
- Webhooks
operationId: GetWebHooks
description: |
List webhooks
read:webhooks
summary: List Webhooks
responses:
'200':
description: Webhook list successfully returned.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/get_webhooks_response'
application/json:
schema:
$ref: '#/components/schemas/get_webhooks_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
post:
tags:
- Webhooks
operationId: CreateWebHook
description: |
Create a webhook
create:webhooks
summary: Create a Webhook
requestBody:
description: Webhook request specification.
required: true
content:
application/json:
schema:
type: object
properties:
endpoint:
description: The webhook endpoint url
type: string
nullable: false
event_types:
description: Array of event type keys
type: array
items:
type: string
nullable: false
name:
description: The webhook name
type: string
nullable: false
description:
description: The webhook description
type: string
nullable: true
required:
- endpoint
- event_types
- name
responses:
'200':
description: Webhook successfully created.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/create_webhook_response'
application/json:
schema:
$ref: '#/components/schemas/create_webhook_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
patch:
tags:
- Webhooks
operationId: UpdateWebHook
description: |
Update a webhook
update:webhooks
summary: Update a Webhook
requestBody:
description: Update webhook request specification.
required: true
content:
application/json:
schema:
type: object
properties:
event_types:
description: Array of event type keys
type: array
items:
type: string
nullable: false
name:
description: The webhook name
type: string
nullable: false
description:
description: The webhook description
type: string
nullable: true
responses:
'200':
description: Webhook successfully updated.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/update_webhook_response'
application/json:
schema:
$ref: '#/components/schemas/update_webhook_response'
'400':
description: Invalid request.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'403':
description: Invalid credentials.
content:
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/error_response'
application/json:
schema:
$ref: '#/components/schemas/error_response'
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/oauth2/v2/user_profile:
get:
tags:
- OAuth
operationId: getUserProfileV2
summary: Get user profile
description: >
This endpoint returns a user's ID, names, profile picture URL and email
of the currently logged in user.
responses:
'200':
description: Details of logged in user.
content:
application/json:
schema:
$ref: '#/components/schemas/user_profile_v2'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/oauth2/introspect:
post:
tags:
- OAuth
operationId: tokenIntrospection
summary: Introspect
description: Retrieve information about the provided token.
requestBody:
description: Token details.
required: true
content:
application/x-www-form-urlencoded:
schema:
type: object
properties:
token:
description: The token to be introspected.
type: string
example: rrkYRaz8z96sAiOxPt6IzOCoelFFT4ujWIM2XNZgZsmX2Zu3imZ1W
token_type_hint:
type: string
description: A hint about the token type being queried in the request.
enum:
- access_token
- refresh_token
required:
- token
responses:
'200':
description: Details of the token.
content:
application/json:
schema:
$ref: '#/components/schemas/token_introspect'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/token_introspect'
'401':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/token_error_response'
application/json; charset=utf-8:
schema:
$ref: '#/components/schemas/token_error_response'
'403':
description: Invalid credentials.
'429':
description: Request was throttled.
security:
- kindeBearerAuth: []
/oauth2/revoke:
post:
tags:
- OAuth
operationId: tokenRevocation
summary: Revoke token
description: >-
Use this endpoint to invalidate an access or refresh token. The token
will no longer be valid for use.
requestBody:
description: Details of the token to be revoked.
required: true
content:
application/x-www-form-urlencoded:
schema:
type: object
properties:
client_id:
type: string
description: The `client_id` of your application.
example: 3b0b5c6c8fcc464fab397f4969b5f482
client_secret:
type: string
description: >-
The `client_secret` of your application. Required for
backend apps only.
example: rrkYRaz8z96sAiOxPt6IzOCoelFFT4ujWIM2XNZgZsmX2Zu3imZ1W
token:
description: The token to be revoked.
type: string
example: >-
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTIzNDU2Nzg5LCJuYW1lIjoiSm9zZXBoIn0.OpOSSw7e485LOP5PrzScxHb7SR6sAOMRckfFwi4rp7o
token_type_hint:
type: string
description: The type of token to be revoked.
enum:
- access_token
- refresh_token
required:
- token
- client_id
responses:
'200':
description: Token successfully revoked.
'400':
$ref: '#/components/responses/bad_request'
'401':
description: Bad request.
content:
application/json:
schema:
$ref: '#/components/schemas/token_error_response'
'403':
$ref: '#/components/responses/forbidden'
'429':
$ref: '#/components/responses/too_many_requests'
security:
- kindeBearerAuth: []
components:
parameters:
api_id:
in: path
name: api_id
description: The API's ID.
required: true
schema:
type: string
example: 7ccd126599aa422a771abcb341596881
application_id:
in: path
name: application_id
description: The application's ID / client ID.
required: true
schema:
type: string
example: 3b0b5c6c8fcc464fab397f4969b5f482
property_key:
in: path
name: property_key
description: The property's key.
required: true
schema:
type: string
example: kp_some_key
variable_id:
in: path
name: variable_id
description: The environment variable's ID.
required: true
schema:
type: string
example: env_var_0192b1941f125645fa15bf28a662a0b3
responses:
bad_request:
description: Invalid request.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
not_found:
description: The specified resource was not found
content:
application/json:
schema:
$ref: '#/components/schemas/not_found_response'
forbidden:
description: Unauthorized - invalid credentials.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
too_many_requests:
description: Too many requests. Request was throttled.
content:
application/json:
schema:
$ref: '#/components/schemas/error_response'
schemas:
success_response:
type: object
properties:
message:
type: string
example: Success
code:
type: string
example: OK
error:
type: object
properties:
code:
type: string
description: Error code.
message:
type: string
description: Error message.
error_response:
type: object
properties:
errors:
type: array
items:
$ref: '#/components/schemas/error'
not_found_response:
type: object
properties:
errors:
type: object
properties:
code:
type: string
example: ROUTE_NOT_FOUND
message:
type: string
example: The requested API route does not exist
get_apis_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
next_token:
type: string
description: Pagination token.
example: Njo5Om1hvWVfYXNj
apis:
type: array
items:
type: object
properties:
id:
description: The unique ID for the API.
type: string
example: 7ccd126599aa422a771abcb341596881
name:
type: string
description: The API’s name.
example: Example API
audience:
type: string
description: >-
A unique identifier for the API - commonly the URL. This value
will be used as the `audience` parameter in authorization
claims.
example: https://api.example.com
is_management_api:
type: boolean
description: Whether or not it is the Kinde management API.
example: false
scopes:
type: array
items:
type: object
properties:
id:
type: string
example: api_scope_01939128c3d7193ae87c4755213c07c6
key:
type: string
example: create:apis
create_apis_response:
type: object
properties:
message:
type: string
description: A Kinde generated message.
example: Success
code:
type: string
description: A Kinde generated status code.
example: OK
api:
type: object
properties:
id:
description: The unique ID for the API.
type: string
example: 7ccd126599aa422a771abcb341596881
create_api_scopes_response:
type: object
properties:
message:
type: string
description: A Kinde generated message.
example: Success
code:
type: string
description: A Kinde generated status code.
example: OK
scope:
type: object
properties:
id:
description: The unique ID for the API scope.
type: string
example: api_scope_0193ab57965aef77b2b687d0ef673713
get_environment_variables_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
has_more:
description: Whether more records exist.
type: boolean
environment_variables:
type: array
items:
$ref: '#/components/schemas/environment_variable'
get_environment_variable_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
environment_variable:
$ref: '#/components/schemas/environment_variable'
create_environment_variable_response:
type: object
properties:
message:
type: string
description: A Kinde generated message.
example: Environment variable created
code:
type: string
description: A Kinde generated status code.
example: VARIABLE_CREATED
environment_variable:
type: object
properties:
id:
description: The unique ID for the environment variable.
type: string
example: env_var_0192b194f6156fb7452fe38cfb144958
update_environment_variable_response:
type: object
properties:
message:
type: string
description: A Kinde generated message.
example: Environment variable updated
code:
type: string
description: A Kinde generated status code.
example: ENVIRONMENT_VARIABLE_UPDATED
delete_environment_variable_response:
type: object
properties:
message:
type: string
description: A Kinde generated message.
example: Environment variable deleted
code:
type: string
description: A Kinde generated status code.
example: ENVIRONMENT_VARIABLE_DELETED
get_business_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
business:
type: object
properties:
code:
type: string
description: The unique ID for the business.
example: bus_c69fb73b091
name:
type: string
description: Your business's name.
example: Tailsforce Ltd
phone:
type: string
description: Phone number associated with business.
example: 555-555-5555
nullable: true
email:
type: string
description: Email address associated with business.
example: sally@example.com
nullable: true
industry:
type: string
description: The industry your business is in.
example: Healthcare & Medical
nullable: true
timezone:
type: string
description: The timezone your business is in.
example: Los Angeles (Pacific Standard Time)
nullable: true
privacy_url:
type: string
description: Your Privacy policy URL.
example: https://example.com/privacy
nullable: true
terms_url:
type: string
description: Your Terms and Conditions URL.
example: https://example.com/terms
nullable: true
has_clickwrap:
type: boolean
description: Whether your business uses clickwrap agreements.
example: false
has_kinde_branding:
type: boolean
description: Whether your business shows Kinde branding.
example: true
created_on:
type: string
description: Date of business creation in ISO 8601 format.
example: '2021-01-01T00:00:00Z'
get_industries_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
industries:
type: array
items:
type: object
properties:
key:
description: The unique key for the industry.
type: string
example: administration_office_support
name:
type: string
description: The display name for the industry.
example: Administration & Office Support
get_timezones_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
timezones:
type: array
items:
type: object
properties:
key:
description: The unique key for the timezone.
type: string
example: london_greenwich_mean_time
name:
type: string
description: The display name for the timezone.
example: London (Greenwich Mean Time) [+01:00]
get_api_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: success_response
api:
type: object
properties:
id:
type: string
description: Unique ID of the API.
example: 7ccd126599aa422a771abcb341596881
name:
type: string
description: The API’s name.
example: Example API
audience:
type: string
description: >-
A unique identifier for the API - commonly the URL. This value
will be used as the `audience` parameter in authorization
claims.
example: https://api.example.com
is_management_api:
type: boolean
description: Whether or not it is the Kinde management API.
example: false
scopes:
type: array
items:
type: object
properties:
id:
type: string
description: The ID of the scope.
example: api_scope_01939222ef24200668b9f5829af001ce
key:
type: string
description: The reference key for the scope.
example: read:logs
applications:
type: array
items:
type: object
properties:
id:
type: string
description: The Client ID of the application.
example: 3b0b5c6c8fcc464fab397f4969b5f482
name:
type: string
description: The application's name.
example: My M2M app
type:
type: string
description: The application's type.
enum:
- Machine to machine (M2M)
- Back-end web
- Front-end and mobile
example: Machine to machine (M2M)
is_active:
type: boolean
description: >-
Whether or not the application is authorized to access the
API
example: true
nullable: true
get_api_scopes_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: success_response
scopes:
type: array
items:
type: object
properties:
id:
type: string
description: Unique ID of the API scope.
example: api_scope_01939128c3d7193ae87c4755213c07c6
key:
type: string
description: The scope's reference key.
example: read:logs
description:
type: string
description: Explanation of the scope purpose.
example: Read logs scope
get_api_scope_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: success_response
scope:
type: object
properties:
id:
type: string
description: Unique ID of the API scope.
example: api_scope_01939128c3d7193ae87c4755213c07c6
key:
type: string
description: The scope's reference key.
example: read:logs
description:
type: string
description: Explanation of the scope purpose.
example: Read logs scope
authorize_app_api_response:
type: object
properties:
message:
type: string
example: API applications updated
code:
type: string
example: API_APPLICATIONS_UPDATED
applications_disconnected:
type: array
items:
type: string
applications_connected:
type: array
items:
type: string
example: d2db282d6214242b3b145c123f0c123
delete_api_response:
type: object
properties:
message:
type: string
example: API successfully deleted
code:
type: string
example: API_DELETED
user:
type: object
properties:
id:
type: string
description: Unique ID of the user in Kinde.
provided_id:
type: string
description: External ID for user.
preferred_email:
type: string
description: Default email address of the user in Kinde.
phone:
type: string
description: User's primary phone number.
username:
type: string
description: Primary username of the user in Kinde.
last_name:
type: string
description: User's last name.
first_name:
type: string
description: User's first name.
is_suspended:
type: boolean
description: Whether the user is currently suspended or not.
picture:
type: string
description: User's profile picture URL.
total_sign_ins:
type: integer
description: Total number of user sign ins.
nullable: true
failed_sign_ins:
type: integer
description: Number of consecutive failed user sign ins.
nullable: true
last_signed_in:
type: string
description: Last sign in date in ISO 8601 format.
nullable: true
created_on:
type: string
description: Date of user creation in ISO 8601 format.
nullable: true
organizations:
type: array
description: Array of organizations a user belongs to.
items:
type: string
identities:
type: array
description: Array of identities belonging to the user.
items:
type: object
properties:
type:
type: string
identity:
type: string
update_user_response:
type: object
properties:
id:
type: string
description: Unique ID of the user in Kinde.
given_name:
type: string
description: User's first name.
family_name:
type: string
description: User's last name.
email:
type: string
description: User's preferred email.
is_suspended:
type: boolean
description: Whether the user is currently suspended or not.
is_password_reset_requested:
type: boolean
description: Whether a password reset has been requested.
picture:
type: string
description: User's profile picture URL.
nullable: true
users:
type: array
description: Array of users.
items:
$ref: '#/components/schemas/user'
users_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
users:
type: array
items:
type: object
properties:
id:
type: string
description: Unique ID of the user in Kinde.
provided_id:
type: string
description: External ID for user.
email:
type: string
description: Default email address of the user in Kinde.
phone:
type: string
description: User's primary phone number.
username:
type: string
description: Primary username of the user in Kinde.
last_name:
type: string
description: User's last name.
first_name:
type: string
description: User's first name.
is_suspended:
type: boolean
description: Whether the user is currently suspended or not.
picture:
type: string
description: User's profile picture URL.
total_sign_ins:
type: integer
description: Total number of user sign ins.
nullable: true
failed_sign_ins:
type: integer
description: Number of consecutive failed user sign ins.
nullable: true
last_signed_in:
type: string
description: Last sign in date in ISO 8601 format.
nullable: true
created_on:
type: string
description: Date of user creation in ISO 8601 format.
nullable: true
organizations:
type: array
description: Array of organizations a user belongs to.
items:
type: string
identities:
type: array
description: Array of identities belonging to the user.
items:
type: object
properties:
type:
type: string
identity:
type: string
next_token:
type: string
description: Pagination token.
search_users_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
results:
type: array
items:
type: object
properties:
id:
type: string
description: Unique ID of the user in Kinde.
example: kp_0ba7c433e5d648cf992621ce99d42817
provided_id:
type: string
description: External ID for user.
nullable: true
example: U123456
email:
type: string
description: Default email address of the user in Kinde.
nullable: true
example: user@domain.com
username:
type: string
description: Primary username of the user in Kinde.
nullable: true
example: john.snow
last_name:
type: string
description: User's last name.
example: Snow
first_name:
type: string
description: User's first name.
example: John
is_suspended:
type: boolean
description: Whether the user is currently suspended or not.
example: true
picture:
type: string
description: User's profile picture URL.
example: https://example.com/john_snow.jpg
nullable: true
total_sign_ins:
type: integer
description: Total number of user sign ins.
nullable: true
example: 1
failed_sign_ins:
type: integer
description: Number of consecutive failed user sign ins.
nullable: true
example: 0
last_signed_in:
type: string
description: Last sign in date in ISO 8601 format.
nullable: true
example: '2025-02-12T18:02:23.614638+00:00'
created_on:
type: string
description: Date of user creation in ISO 8601 format.
nullable: true
example: '2025-02-12T18:02:23.614638+00:00'
organizations:
type: array
description: Array of organizations a user belongs to.
items:
type: string
identities:
type: array
description: Array of identities belonging to the user.
items:
type: object
properties:
type:
type: string
identity:
type: string
properties:
type: object
description: The user properties.
additionalProperties:
type: string
create_user_response:
type: object
properties:
id:
description: Unique ID of the user in Kinde.
type: string
created:
description: True if the user was successfully created.
type: boolean
identities:
type: array
items:
$ref: '#/components/schemas/user_identity'
create_organization_response:
type: object
properties:
message:
type: string
description: Response message.
example: Success
code:
type: string
description: Response code.
example: OK
organization:
type: object
properties:
code:
description: The organization's unique code.
type: string
example: org_1ccfb819462
user_identity:
type: object
properties:
type:
type: string
description: The type of identity object created.
result:
type: object
description: The result of the user creation operation.
properties:
created:
type: boolean
description: True if the user identity was successfully created.
create_property_response:
type: object
properties:
message:
type: string
code:
type: string
property:
type: object
properties:
id:
description: The property's ID.
type: string
create_identity_response:
type: object
properties:
message:
type: string
code:
type: string
identity:
type: object
properties:
id:
description: The identity's ID.
type: string
get_identities_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
identities:
type: array
items:
$ref: '#/components/schemas/identity'
has_more:
description: Whether more records exist.
type: boolean
get_user_mfa_response:
type: object
properties:
message:
type: string
code:
type: string
mfa:
type: object
properties:
id:
description: The MFA's identifier.
type: string
example: mfa_01933d1ca1f093e7fad48ebcdb65a871
type:
description: The type of MFA (e.g. email, SMS, authenticator app).
type: string
example: email
created_on:
description: The timestamp when the MFA was created.
type: string
format: date-time
example: '2024-11-18T13:31:46.795085+11:00'
name:
description: The identifier used for MFA (e.g. email address, phone number).
type: string
example: sally@gmail.com
is_verified:
description: Whether the MFA is verified or not.
type: boolean
example: true
usage_count:
description: The number of times MFA has been used.
type: integer
example: 2
last_used_on:
description: The timestamp when the MFA was last used.
type: string
format: date-time
example: '2024-11-18T13:32:07.22538+11:00'
get_properties_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
properties:
type: array
items:
$ref: '#/components/schemas/property'
has_more:
description: Whether more records exist.
type: boolean
get_property_values_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
properties:
type: array
items:
$ref: '#/components/schemas/property_value'
next_token:
description: Pagination token.
type: string
create_category_response:
type: object
properties:
message:
type: string
code:
type: string
category:
type: object
properties:
id:
description: The category's ID.
type: string
get_categories_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
categories:
type: array
items:
$ref: '#/components/schemas/category'
has_more:
description: Whether more records exist.
type: boolean
get_event_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
event:
type: object
properties:
type:
type: string
source:
type: string
event_id:
type: string
timestamp:
type: integer
description: Timestamp in ISO 8601 format.
data:
type: object
description: Event specific data object.
get_event_types_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
event_types:
type: array
items:
$ref: '#/components/schemas/event_type'
get_webhooks_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
webhooks:
type: array
items:
$ref: '#/components/schemas/webhook'
webhook:
type: object
properties:
id:
type: string
name:
type: string
endpoint:
type: string
description:
type: string
event_types:
type: array
items:
type: string
created_on:
type: string
description: Created on date in ISO 8601 format.
create_webhook_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
webhook:
type: object
properties:
id:
type: string
endpoint:
type: string
update_webhook_response:
type: object
properties:
message:
type: string
code:
type: string
webhook:
type: object
properties:
id:
type: string
create_connection_response:
type: object
properties:
message:
type: string
code:
type: string
connection:
type: object
properties:
id:
description: The connection's ID.
type: string
get_connections_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
connections:
type: array
items:
$ref: '#/components/schemas/connection'
has_more:
description: Whether more records exist.
type: boolean
delete_webhook_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
event_type:
type: object
properties:
id:
type: string
code:
type: string
name:
type: string
origin:
type: string
schema:
type: object
organization_item_schema:
type: object
properties:
code:
type: string
description: The unique identifier for the organization.
example: org_1ccfb819462
name:
type: string
description: The organization's name.
example: Acme Corp
handle:
type: string
description: >-
A unique handle for the organization - can be used for dynamic
callback urls.
example: acme_corp
nullable: true
is_default:
type: boolean
description: Whether the organization is the default organization.
example: false
external_id:
type: string
description: >-
The organization's external identifier - commonly used when
migrating from or mapping to other systems.
example: some1234
nullable: true
is_auto_membership_enabled:
type: boolean
example: true
description: >-
If users become members of this organization when the org code is
supplied during authentication.
get_environment_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: success_response
environment:
type: object
properties:
code:
type: string
description: The unique identifier for the environment.
example: production
name:
type: string
description: The environment's name.
example: Production
hotjar_site_id:
type: string
description: Your HotJar site ID.
example: 404009
nullable: true
google_analytics_tag:
type: string
description: Your Google Analytics tag.
example: G-1234567
nullable: true
is_default:
type: boolean
description: >-
Whether the environment is the default. Typically this is your
production environment.
example: true
is_live:
type: boolean
description: Whether the environment is live.
example: true
kinde_domain:
type: string
description: Your domain on Kinde
example: example.kinde.com
custom_domain:
type: string
description: Your custom domain for the environment
nullable: true
example: app.example.com
logo:
type: string
nullable: true
description: The organization's logo URL.
example: >-
https://yoursubdomain.kinde.com/logo?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
logo_dark:
type: string
nullable: true
description: The organization's logo URL to be used for dark themes.
example: >-
https://yoursubdomain.kinde.com/logo_dark?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
favicon_svg:
type: string
nullable: true
description: >-
The organization's SVG favicon URL. Optimal format for most
browsers
example: >-
https://yoursubdomain.kinde.com/favicon_svg?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
favicon_fallback:
type: string
nullable: true
description: >-
The favicon URL to be used as a fallback in browsers that don’t
support SVG, add a PNG
example: >-
https://yoursubdomain.kinde.com/favicon_fallback?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
link_color:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
background_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#ffffff'
hex:
type: string
example: '#ffffff'
hsl:
type: string
example: hsl(0, 0%, 100%)
button_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_text_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#ffffff'
hex:
type: string
example: '#ffffff'
hsl:
type: string
example: hsl(0, 0%, 100%)
link_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
background_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_text_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_border_radius:
type: integer
nullable: true
description: >-
The border radius for buttons. Value is px, Kinde transforms to
rem for rendering
example: 8
card_border_radius:
type: integer
nullable: true
description: >-
The border radius for cards. Value is px, Kinde transforms to
rem for rendering
example: 16
input_border_radius:
type: integer
nullable: true
description: >-
The border radius for inputs. Value is px, Kinde transforms to
rem for rendering
example: 4
theme_code:
type: string
description: >-
Whether the environment is forced into light mode, dark mode or
user preference
enum:
- light
- dark
- user_preference
color_scheme:
type: string
description: >-
The color scheme for the environment used for meta tags based on
the theme code
enum:
- light
- dark
- light dark
created_on:
type: string
description: Date of environment creation in ISO 8601 format.
example: '2021-01-01T00:00:00Z'
get_organization_response:
type: object
properties:
code:
type: string
description: The unique identifier for the organization.
example: org_1ccfb819462
name:
type: string
description: The organization's name.
example: Acme Corp
handle:
type: string
description: >-
A unique handle for the organization - can be used for dynamic
callback urls.
example: acme_corp
nullable: true
is_default:
type: boolean
description: Whether the organization is the default organization.
example: false
external_id:
type: string
description: >-
The organization's external identifier - commonly used when
migrating from or mapping to other systems.
example: some1234
nullable: true
is_auto_membership_enabled:
type: boolean
example: true
description: >-
If users become members of this organization when the org code is
supplied during authentication.
logo:
type: string
nullable: true
description: The organization's logo URL.
example: >-
https://yoursubdomain.kinde.com/logo?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
logo_dark:
type: string
nullable: true
description: The organization's logo URL to be used for dark themes.
example: >-
https://yoursubdomain.kinde.com/logo_dark?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
favicon_svg:
type: string
nullable: true
description: The organization's SVG favicon URL. Optimal format for most browsers
example: >-
https://yoursubdomain.kinde.com/favicon_svg?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
favicon_fallback:
type: string
nullable: true
description: >-
The favicon URL to be used as a fallback in browsers that don’t
support SVG, add a PNG
example: >-
https://yoursubdomain.kinde.com/favicon_fallback?org_code=org_1ccfb819462&cache=311308b8ad3544bf8e572979f0e5748d
link_color:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
background_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#ffffff'
hex:
type: string
example: '#ffffff'
hsl:
type: string
example: hsl(0, 0%, 100%)
button_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_text_color:
nullable: true
type: object
properties:
raw:
type: string
example: '#ffffff'
hex:
type: string
example: '#ffffff'
hsl:
type: string
example: hsl(0, 0%, 100%)
link_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
background_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_text_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_color_dark:
type: object
nullable: true
properties:
raw:
type: string
example: '#0056F1'
hex:
type: string
example: '#0056F1'
hsl:
type: string
example: hsl(220, 100%, 50%)
button_border_radius:
type: integer
nullable: true
description: >-
The border radius for buttons. Value is px, Kinde transforms to rem
for rendering
example: 8
card_border_radius:
type: integer
nullable: true
description: >-
The border radius for cards. Value is px, Kinde transforms to rem
for rendering
example: 16
input_border_radius:
type: integer
nullable: true
description: >-
The border radius for inputs. Value is px, Kinde transforms to rem
for rendering
example: 4
theme_code:
type: string
description: >-
Whether the environment is forced into light mode, dark mode or user
preference
enum:
- light
- dark
- user_preference
color_scheme:
type: string
description: >-
The color scheme for the environment used for meta tags based on the
theme code
enum:
- light
- dark
- light dark
created_on:
type: string
description: Date of organization creation in ISO 8601 format.
example: '2021-01-01T00:00:00Z'
is_allow_registrations:
nullable: true
type: boolean
example: true
deprecated: true
description: Deprecated - Use 'is_auto_membership_enabled' instead
sender_name:
nullable: true
type: string
example: Acme Corp
description: The name of the organization that will be used in emails
sender_email:
nullable: true
type: string
example: hello@acmecorp.com
description: >-
The email address that will be used in emails. Requires custom SMTP
to be set up.
organization_user:
type: object
properties:
id:
type: string
example: kp:97c2ba24217d48e3b96a799b76cf2c74
description: The unique ID for the user.
nullable: true
email:
type: string
example: john.snow@example.com
description: The user's email address.
nullable: true
full_name:
type: string
example: John Snow
description: The user's full name.
last_name:
type: string
example: Snow
description: The user's last name.
nullable: true
first_name:
type: string
example: John
description: The user's first name.
nullable: true
picture:
type: string
example: https://example.com/john_snow.jpg
description: The user's profile picture URL.
nullable: true
joined_on:
type: string
example: '2021-01-01T00:00:00Z'
description: The date the user joined the organization.
roles:
type: array
description: The roles the user has in the organization.
items:
type: string
example: admin
description: The role's key.
category:
type: object
properties:
id:
type: string
name:
type: string
connection:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
connection:
type: object
properties:
id:
type: string
name:
type: string
display_name:
type: string
strategy:
type: string
environment_variable:
type: object
properties:
id:
description: The unique ID for the environment variable.
type: string
example: env_var_0192b1941f125645fa15bf28a662a0b3
key:
type: string
description: The name of the environment variable.
example: MY_API_KEY
value:
type: string
description: The value of the environment variable.
example: some-secret
nullable: true
is_secret:
type: boolean
description: Whether the environment variable is sensitive.
example: false
created_on:
type: string
description: The date the environment variable was created.
example: '2021-01-01T00:00:00Z'
identity:
type: object
properties:
id:
type: string
type:
type: string
is_confirmed:
type: boolean
created_on:
type: string
description: Date of user creation in ISO 8601 format.
last_login_on:
type: string
description: Date of user creation in ISO 8601 format.
total_logins:
type: integer
name:
type: string
property:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
is_private:
type: boolean
description:
type: string
is_kinde_property:
type: boolean
property_value:
type: object
properties:
id:
type: string
example: prop_0192b7e8b4f8ca08110d2b22059662a8
name:
type: string
example: Town
description:
type: string
example: Where the entity is located
nullable: true
key:
type: string
example: kp_town
value:
type: string
example: West-side Staines massive
nullable: true
role:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
description:
type: string
subscribers_subscriber:
type: object
properties:
id:
type: string
email:
type: string
full_name:
type: string
first_name:
type: string
last_name:
type: string
subscriber:
type: object
properties:
id:
type: string
preferred_email:
type: string
first_name:
type: string
last_name:
type: string
organization_user_role:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
organization_user_role_permissions:
type: object
properties:
id:
type: string
role:
type: string
permissions:
type: object
properties:
key:
type: string
organization_user_permission:
type: object
properties:
id:
type: string
key:
type: string
name:
type: string
description:
type: string
roles:
type: array
items:
type: object
properties:
id:
type: string
key:
type: string
organization_users:
type: array
items:
$ref: '#/components/schemas/organization_user'
get_subscriber_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
subscribers:
type: array
items:
$ref: '#/components/schemas/subscriber'
get_subscribers_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
subscribers:
type: array
items:
$ref: '#/components/schemas/subscribers_subscriber'
next_token:
description: Pagination token.
type: string
get_roles_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
roles:
type: array
items:
$ref: '#/components/schemas/roles'
next_token:
description: Pagination token.
type: string
get_role_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
role:
type: object
properties:
id:
type: string
description: The role's ID.
example: 01929904-316d-bb2c-069f-99dfea4ac394
key:
type: string
description: The role identifier to use in code.
example: admin
name:
type: string
description: The role's name.
example: Administrator
description:
type: string
description: The role's description.
example: Full access to all resources.
is_default_role:
type: boolean
description: Whether the role is the default role.
example: false
create_roles_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
role:
type: object
properties:
id:
type: string
description: The role's ID.
add_role_scope_response:
type: object
properties:
code:
type: string
description: Response code.
example: ROLE_SCOPE_ADDED
message:
type: string
description: Response message.
example: Scope added to role
delete_role_scope_response:
type: object
properties:
code:
type: string
description: Response code.
example: SCOPE_DELETED
message:
type: string
description: Response message.
example: Scope deleted from role
get_organizations_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
organizations:
type: array
items:
$ref: '#/components/schemas/organization_item_schema'
next_token:
description: Pagination token.
type: string
example: Mjo5Om1hbWVfYZNj
get_organization_users_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
organization_users:
type: array
items:
$ref: '#/components/schemas/organization_user'
next_token:
type: string
description: Pagination token.
get_organizations_user_roles_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
roles:
type: array
items:
$ref: '#/components/schemas/organization_user_role'
next_token:
type: string
description: Pagination token.
get_organizations_user_permissions_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
permissions:
type: array
items:
$ref: '#/components/schemas/organization_user_permission'
get_organization_feature_flags_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
feature_flags:
type: object
description: The environment's feature flag settings.
additionalProperties:
type: object
properties:
type:
type: string
enum:
- str
- int
- bool
value:
type: string
get_environment_feature_flags_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
feature_flags:
type: object
description: The environment's feature flag settings.
additionalProperties:
type: object
properties:
type:
type: string
enum:
- str
- int
- bool
value:
type: string
next_token:
type: string
description: Pagination token.
add_organization_users_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
users_added:
type: array
items:
type: string
update_role_permissions_response:
type: object
properties:
code:
type: string
message:
type: string
permissions_added:
type: array
items:
type: string
permissions_removed:
type: array
items:
type: string
update_organization_users_response:
type: object
properties:
message:
type: string
example: Success
code:
type: string
example: OK
users_added:
type: array
items:
type: string
example: kp_057ee6debc624c70947b6ba512908c35
users_updated:
type: array
items:
type: string
example: kp_057ee6debc624c70947b6ba512908c35
users_removed:
type: array
items:
type: string
example: kp_057ee6debc624c70947b6ba512908c35
connected_apps_auth_url:
type: object
properties:
url:
type: string
description: >-
A URL that is used to authenticate an end-user against a connected
app.
session_id:
type: string
description: A unique identifier for the login session.
create_subscriber_success_response:
type: object
properties:
subscriber:
type: object
properties:
subscriber_id:
type: string
description: A unique identifier for the subscriber.
connected_apps_access_token:
type: object
properties:
access_token:
type: string
description: The access token to access a third-party provider.
access_token_expiry:
type: string
description: The date and time that the access token expires.
api_result:
type: object
properties:
result:
type: string
description: The result of the api operation.
create_application_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
application:
type: object
properties:
id:
description: The application's identifier.
type: string
example: 3b0b5c6c8fcc464fab397f4969b5f482
client_id:
description: The application's client ID.
type: string
example: 3b0b5c6c8fcc464fab397f4969b5f482
client_secret:
description: The application's client secret.
type: string
example: sUJSHI3ZQEVTJkx6hOxdOSHaLsZkCBRFLzTNOI791rX8mDjgt7LC
get_application_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
application:
type: object
properties:
id:
description: The application's identifier.
type: string
example: 3b0b5c6c8fcc464fab397f4969b5f482
name:
description: The application's name.
type: string
example: My React app
type:
description: The application's type.
type: string
enum:
- m2m
- reg
- spa
client_id:
description: The application's client ID.
type: string
example: 3b0b5c6c8fcc464fab397f4969b5f482
client_secret:
description: The application's client secret.
type: string
example: sUJSHI3ZQEVTJkx6hOxdOSHaLsZkCBRFLzTNOI791rX8mDjgt7LC
login_uri:
description: The default login route for resolving session issues.
type: string
example: https://yourapp.com/api/auth/login
homepage_uri:
description: The homepage link to your application.
type: string
example: https://yourapp.com
has_cancel_button:
description: >-
Whether the application has a cancel button to allow users to
exit the auth flow [Beta].
type: boolean
example: false
applications:
type: object
properties:
id:
type: string
name:
type: string
type:
type: string
get_applications_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
applications:
type: array
items:
$ref: '#/components/schemas/applications'
next_token:
description: Pagination token.
type: string
redirect_callback_urls:
type: object
properties:
redirect_urls:
type: array
description: An application's redirect URLs.
items:
type: string
get_redirect_callback_urls_response:
type: object
properties:
redirect_urls:
description: An application's redirect callback URLs.
type: array
items:
$ref: '#/components/schemas/redirect_callback_urls'
logout_redirect_urls:
type: object
properties:
logout_urls:
type: array
description: An application's logout URLs.
items:
type: string
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
get_permissions_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
permissions:
type: array
items:
$ref: '#/components/schemas/permissions'
next_token:
type: string
description: Pagination token.
permissions:
type: object
properties:
id:
type: string
description: The permission's ID.
key:
type: string
description: The permission identifier to use in code.
name:
type: string
description: The permission's name.
description:
type: string
description: The permission's description.
scopes:
type: object
properties:
id:
type: string
description: Scope ID.
example: api_scope_019541f3fa0c874fc47b3ae73585b21c
key:
type: string
description: Scope key.
example: create:users
description:
type: string
description: Description of scope.
example: Create users
api_id:
type: string
description: API ID.
example: 3635b4431f174de6b789c67481bd0c7a
roles:
type: object
properties:
id:
type: string
description: The role's ID.
key:
type: string
description: The role identifier to use in code.
name:
type: string
description: The role's name.
description:
type: string
description: The role's description.
nullable: true
is_default_role:
type: boolean
description: Whether the role is the default role.
role_permissions_response:
type: object
properties:
code:
type: string
description: Response code.
message:
type: string
description: Response message.
permissions:
type: array
items:
$ref: '#/components/schemas/permissions'
next_token:
type: string
description: Pagination token.
role_scopes_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
message:
type: string
description: Response message.
example: Success
scopes:
type: array
items:
$ref: '#/components/schemas/scopes'
read_logo_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
logos:
type: array
description: A list of logos.
items:
type: object
properties:
type:
type: string
description: The type of logo (light or dark).
example: light
file_name:
type: string
description: The name of the logo file.
example: kinde_light.jpeg
path:
type: string
description: The relative path to the logo file.
example: /logo?p_org_code=org_1767f11ce62
message:
type: string
description: Response message.
example: Success
read_env_logo_response:
type: object
properties:
code:
type: string
description: Response code.
example: OK
logos:
type: array
description: A list of logos.
items:
type: object
properties:
type:
type: string
description: The type of logo (light or dark).
example: light
file_name:
type: string
description: The name of the logo file.
example: kinde_light.jpeg
message:
type: string
description: Response message.
example: Success
user_profile_v2:
type: object
properties:
sub:
type: string
description: Unique ID of the user in Kinde.
example: kp_c3143a4b50ad43c88e541d9077681782
provided_id:
type: string
description: >-
Value of the user's ID in a third-party system when the user is
imported into Kinde.
example: some_external_id
nullable: true
name:
type: string
description: User's first and last name separated by a space.
example: John Snow
given_name:
type: string
description: User's first name.
example: John
family_name:
type: string
description: User's last name.
example: Snow
updated_at:
type: integer
description: Date the user was last updated at (In Unix time).
example: 1612345678
email:
type: string
description: User's email address if available.
example: john.snow@example.com
email_verified:
type: boolean
description: Whether the user's email address has been verified.
example: true
picture:
type: string
description: URL that point's to the user's picture or avatar
example: https://example.com/john_snow.jpg
nullable: true
preferred_username:
type: string
description: User's preferred username.
example: john_snow
nullable: true
id:
type: string
description: Unique ID of the user in Kinde
example: kp_c3143a4b50ad43c88e541d9077681782
token_introspect:
type: object
properties:
active:
type: boolean
description: Indicates the status of the token.
aud:
type: array
description: Array of intended token recipients.
items:
type: string
example: https://api.example.com/v1
client_id:
type: string
description: Identifier for the requesting client.
example: 3b0b5c6c8fcc464fab397f4969b5f482
exp:
type: integer
description: Token expiration timestamp.
example: 1612345678
iat:
type: integer
description: Token issuance timestamp.
example: 1612345678
token_error_response:
type: object
properties:
error:
type: string
description: Error.
error_description:
type: string
description: The error description.
securitySchemes:
kindeBearerAuth:
description: >
Accessing the API requires obtaining an access token when login in
through Kinde. However, management functions (for e.g. user management)
requires an access token obtained using the client_credentials flow.
type: http
scheme: bearer
bearerFormat: JWT