Skip to content
  • SDKs and APIs
  • Kinde API

Call the Kinde Management API

Before you can get an access token and call the Kinde Management API, follow the steps to create and authorize a machine-to-machine (M2M) application, with scopes.

Get access token

Link to this section

There are two main methods for getting an access token for the Kinde Management API.

Method 1: Get a test access token in the Kinde Admin

Link to this section
  1. Open the M2M application you created for API access.
  2. Go to Test.
  3. Select Get token.
  4. Select Use test token. You’ll be taken to the API docs with the access token prepopulated. You can now test any endpoint.

For full details, see generate a test access token for the Kinde Management API.

Method 2: Perform a POST request to get an access token

Link to this section

To ask Kinde for an access token for calling the management API, perform a POST request to the https://<your_subdomain>.kinde.com/oauth2/token endpoint, using the credentials of the M2M application you created in the prerequisite step.

The payload should look as follows:

Terminal window
curl --request POST \
--url 'https://<your_subdomain>.kinde.com/oauth2/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data 'client_id=<your_m2m_client_id>' \
--data 'client_secret=<your_m2m_client_secret>' \
--data 'audience=https://<your_subdomain>.kinde.com/api'

Make sure to replace <your_subdomain>, <your_m2m_client_id> and <your_m2m_client_secret> with your own details.

The response will contain a signed JWT containing claims including the scopes the token is allowed to access and the expiry time. Here is an example token:

{
"aud": [
"https://example.kinde.com/api"
],
"azp": "bd69bb9fe5db44a38b6b2dacd1f4b451",
"exp": 1729812040,
"gty": [
"client_credentials"
],
"iat": 1729725640,
"iss": "https://example.kinde.com",
"jti": "6f091ebe-44ba-4afc-bd2f-05fcccafc89e",
"scope": "read:users update:users"
}

Use the access token

Link to this section

To use this token, include it in the Authorization header of your request. For example to get all users you would call:

Terminal window
curl --request GET \
--url 'https://<your_subdomain>.kinde.com/api/v1/users' \
--header 'authorization: Bearer <m2m_access_token>' \
--header 'content-type: application/json'

Make sure to replace <your_subdomain> with your Kinde subdomain and <m2m_access_token> with the token received in the previous step.

Use the Kinde Management API JS SDK

Link to this section

As an alternative to making HTTP calls, you can also use the Kinde Management API JS SDK.

You can use it to automatically obtain tokens for, and interact with the Kinde management API.

Alternative - using Postman guide

Link to this section

Set up Postman environment

Link to this section

We recommend you do this in a non-production environment first.

If you decide to use Postman, we recommend that you set up a Postman environment. Here’s some troubleshooting solutions in case you need them.

  1. Add your Kinde machine to machine application keys as environment variables.
Adding environment variables in Postman
  1. Make sure you select Save or the variables will not persist.

Get the access token

Link to this section
  1. Go to Collections. Create a new collection called Kinde.
  2. In the three dots menu next to the new Kinde folder, select Add request.
Adding a request in Postman
  1. Go to the Authorization section and set the Type to OAuth 2.0 and set the Header Prefix to Bearer.
  2. In the Configure New Token > Configuration options section, set the Grant Type to Client Credentials.
  3. Enter the Access Token URL using the domain variable you created above. For example, {{business_domain}}/oauth2/token. Note that even if you use a custom domain, the access token URL should still use your https://<your_subdomain>.kinde.com domain.
Entering the access token URL
  1. Enter the Client ID and Client Secret using the environment variables you created earlier or by copying them from the Kinde application.
  2. Set the audience to {{business_domain}}/api. To do this:
    • Scroll down click Advanced. In the Token request section, select the audience key and enter the above URL in the Value field. Ensure it is being sent in the body of the request
  1. Go to the Headers tab.
Setting the Content-Type value in Postman
  1. Select Accept and ensure the value is application/json.
  2. In the Authorization section, select Get New Access Token. You should see a confirmation message.
  3. Select Proceed.
Access Token in Postman
  1. Select Use Token. You should now have the access token for making requests to the Kinde management API. See the Kinde API documentation for all the available end points.

Test the API endpoints

Link to this section

You can test your API access in Postman by sending a GET request to any Kinde API endpoint. See the Kinde Management API library for options.

Here’s an example using the Get users endpoint.

  1. Create a new GET request.
  2. Enter a URL that contains the /users endpoint, e.g. https://<your_subdomain>.kinde.com/api/v1/users .
Entering a Request URL in Postman
  1. Send the request. It should return your users in the body section. If it does, the connection is successful.
Response body in Postman
  1. Repeat from step 1 for any other Kinde API endpoints you want to test.