What are connected apps?
By Connor Cameron —
Many applications need to connect to third parties in order to perform a valuable action.
A service like Calendly connects to your Google Calendar to check your meetings and update your availability accordingly. Then, when someone goes in to book a meeting with you, Calendly is able to create that meeting in your Google account and invite the end user.
In order to do this, Calendly needs to connect to your Google account. But, Google doesn’t let them do this without your prior permission. That’s why when you create a Calendly account, they take you to Google and ask you to authorize them to take actions on your behalf (like view your calendar, or create a meeting).
Once that connection is opened, it can pose a security threat. In order to mitigate the risk, an application like Google closes off the connection directly after it is opened. Now, whenever an action is to be taken, a machine-to-machine token transfer is required in order to verify the identity of the parties involved and their access.
Kinde’s connected apps serve to maintain that connection between your application and the third party such that a user doesn’t need to verify the connection over, and over, and over again, just to get anything done.
When connecting an app, your user authorizes a connection to the third party and dictates what your application is allowed to do. For example, it may be able to schedule a post on LinkedIn, or create a new file in Google Drive.
Every time an action is triggered, a request is sent to the connected app. The connected app then requests a token in order to verify that your user, and your application, are allowed to trigger that action in their application.
Rather than having to verify this action each time individually, with your user having to log in to the third party and authorize, Kinde’s M2M token management maintains that connection over time, meaning that it only needs to be authorized once.
Kinde’s platform securely verifies the identity of your user and the connection already in place, letting the third-party application know that this action is a-ok. Kinde’s token management continues in perpetuity until the connection is deliberately closed.
See how to add a connected app in Kinde
Services like Auth0’s allow for the connection to be made once, and then the user needs to verify that connection again every time an action is to be taken. Kinde’s M2M token management is able to hold that connection in perpetuity, continually speaking to your third-party application and maintaining the right for your application to commit those actions.
When a connection is opened, it becomes a vulnerability and is never closed unless that is done manually. Kinde’s secure authentication platform maintains the secure storage and transfer of highly sensitive refresh tokens between the two applications in order to ensure that the connection remains secure.
With some connected apps services, you cannot separate the process for social login with that of connecting apps. When your user logs in with Google, they may be hit with a long list of actions that they are required to verify in order to continue to your application. With Kinde’s connected apps, your login stays your login. The process for establishing a machine-to-machine connection is separated from your Social SSO such that the verification for this process can come down the line, and you don’t need to force the connection on all of your users.
The current means for connecting apps relies heavily on Kinde’s API. Pretty soon, you’ll be able to easily manage these connections all from Kinde’s dashboard.