Skip to content
  • Auth and access
  • Authentication methods

Username authentication

Along with email and phone number, Kinde supports authentication where a username is the user’s sign-in identity.

On sign-up or registration, the user will need to do a one-time validation of their identity via email - for security - but they can subsequently use a username to sign in.

💡 Add usernames, but not for auth
The username field is designed for use in the authentication flow, if you want your customers to set a username, display name, or handle as part of their profile in your app, you can add a different property to capture this data. See Add and manage properties.

Usernames must be unique

Link to this section

There are several ways usernames can be added to a user’s profile:

  • Manually in Kinde
  • Via API
  • Self-created by the user on registration

Regardless of how a username is added, it must be unique. If a username already exists, an error will be returned.

The sign-up flow

Link to this section

For security reasons, Kinde doesn’t allow fully anonymous users. So when a user signs up, they will need to supply an email, in addition to a username. The email can then be used to verify their identity. The username can be supplied by you, or can be created by the user.

The sign-in flow

Link to this section

When a user signs in, they enter their username and proceed with a password.

Either way, it’s a quick process for sign in.

Why an email is still required

Link to this section

In order to be sure that you are signing up a real person, you need to have a way of contacting new users to verify their identity. Without identity verification, the authentication experience you provide could be vulnerable to security threats, fraud, bots, etc.

Once an email is verified, we add this email identity for the user. If in future, the authentication pattern changes, the user can opt to sign in with their email and receive OTPs. An email is also required for password resets.

Enable username authentication in Kinde

Link to this section
  1. In Kinde, go to Settings > Authentication.
  2. Select Configure on the Username tile, in the Password section. A configuration window opens.
  3. Select which apps will support username authentication.
  4. Select Save. The sign up flow will be updated for the applications you selected.

Rules for usernames

Link to this section
  • Usernames must be unique
  • 2-64 characters, no spaces
  • Can include letters, numbers, -dashes, _underscores (no special characters)

One password for multiple identities

Link to this section

Users can only have a single password in Kinde.

If you allow both email-password and username-password authentication for a user, the password is shared across both their identities. For example, changing a user’s password for username affects their email sign-in and vice-versa.

See the password rules.