Docs
Docs
Sign in

Get access token for connecting securely to Kinde’s API

Link to this section

To securely connect to Kinde’s API, you need to obtain an access token.

This document describes:

  • how to get the token using Postman - an API platform - but you can follow similar steps in your own app environment.
  • how to get the token using a Node.js fetch example.

See our other SDK frameworks for additional guidance.

You can also watch a video about connecting and testing the API connection on our YouTube channel here.

Before you begin

Link to this section

You need to have a machine to machine application set up and have the domain details, Client ID and Client secret on hand.

Get the access token (Postman example)

Link to this section

We recommend you do this in a non-production environment first.

If you decide to use Postman, we recommended that you set up a Postman environment.

  1. Add your Kinde machine to machine app’s settings as environment variables, i.e. the domainclient_id, and client_secret from the application.
Adding environment variables in Postman
Adding environment variables in Postman
  1. Go to Collections. Create a new collection called Kinde.
  2. In the three dots menu next to the new Kinde folder, select Add request.
Adding a request in Postman
Adding a request in Postman
  1. Rename it client_credentials or whatever best describes what your purpose is.
  2. Go to the Authorization section and set the Type to OAuth 2.0 and ensure the Header Prefix is set to Bearer.
  3. In the Configure New Token > Configuration options section, set the Grant Type to Client Credentials. This is the grant type for hitting the users end point in the Kinde API.
  4. Enter the Access Token URL, using the domain variable you created above. For example, {{business_domain}}.kinde.com/oauth2/token. Note that even if you use a custom subdomain domain, the access token URL needs to include the kinde.com domain.
Entering the access token URL
Entering the access token URL

  1. Enter the Client ID and Client Secret using the environment variables you created earlier or by copying them from the Kinde application.

  2. Set the audience to https://[yourdomain].kinde.com/api (replacing [your domain]). To do this:

    • Scroll down click Advanced. In the Token request section, select the audience key and enter the above URL in the Value field.

  3. Go to the Headers tab.

Setting the Content-Type value in Postman
Setting the Content-Type value in Postman
  1. Select Accept and ensure the value is application/json.
  2. In the Authorization section, select Get New Access Token. If it works, you should see a confirmation message.
  3. Select Proceed.
Access Token in Postman
Access Token in Postman
  1. Select Use Token. You should now have the access token for making requests to the Kinde management API. See the Kinde API documentation for all the available end points.
  2. Next (optional): Test the connection to Kinde’s API.

Get the access token (Node.js fetch example)

Link to this section

Use the following, but replace <your_domain>, <client_id> and <client_secret> with your own details.

	fetch(`${<your_domain>}.kinde.com/oauth2/token`, {
			method: "POST",
			headers: {
				"content-type": "application/x-www-form-urlencoded",
			},
			body: new URLSearchParams({
				grant_type: "client_credentials",
				client_id: <client_id>,
				client_secret: <client_secret>,
			}),
	})

See our other SDK frameworks for additional code snippets.

Next (optional): Test the connection to Kinde’s API.

Related articles

Talk to us

If you can’t find what you’re looking for in our help center — email our team

Contact support