Skip to content
  • SDKs and APIs
  • Kinde API

Connect securely to Kinde’s API

To securely connect to Kinde’s API, you need to obtain an access token.

This document describes:

  • how to get the token using Postman - an API platform - but you can follow similar steps in your own app environment.
  • how to get the token using a Node.js fetch example.

See our other SDK frameworks for additional guidance.

You can also watch a video about connecting and testing the API connection on our YouTube channel here.

Before you begin

Link to this section

You need to have a machine to machine application set up and have the domain details, Client ID and Client secret on hand.

Get the access token (Postman example)

Link to this section

We recommend you do this in a non-production environment first.

If you decide to use Postman, we recommended that you set up a Postman environment.

  1. Add your Kinde machine to machine application keys as environment variables.
Adding environment variables in Postman
  1. Go to Collections. Create a new collection called Kinde.
  2. In the three dots menu next to the new Kinde folder, select Add request.
Adding a request in Postman
  1. Rename it client_credentials or whatever best describes what your purpose is.
  2. Go to the Authorization section and set the Type to OAuth 2.0 and ensure the Header Prefix is set to Bearer.
  3. In the Configure New Token > Configuration options section, set the Grant Type to Client Credentials. This is the grant type for hitting the users end point in the Kinde API.
  4. Enter the Access Token URL, using the domain variable you created above. For example, {{business_domain}} Note that even if you use a custom subdomain domain, the access token URL needs to include the domain.
Entering the access token URL
  1. Enter the Client ID and Client Secret using the environment variables you created earlier or by copying them from the Kinde application.
  2. Set the audience to https://[yourdomain] (replacing [your domain]). To do this:
    • Scroll down click Advanced. In the Token request section, select the audience key and enter the above URL in the Value field.
  1. Go to the Headers tab.
Setting the Content-Type value in Postman
  1. Select Accept and ensure the value is application/json.
  2. In the Authorization section, select Get New Access Token. If it works, you should see a confirmation message.
  3. Select Proceed.
Access Token in Postman
  1. Select Use Token. You should now have the access token for making requests to the Kinde management API. See the Kinde API documentation for all the available end points.
  2. Next (optional): Test the connection to Kinde’s API.

Get the access token (Node.js fetch example)

Link to this section

Use the following, but replace <your_domain>, <client_id> and <client_secret> with your own details.

fetch(`${<your_domain>}`, {
method: "POST",
headers: {
"content-type": "application/x-www-form-urlencoded",
body: new URLSearchParams({
audience: "<auth_domain>/api",
grant_type: "client_credentials",
client_id: <client_id>,
client_secret: <client_secret>,

See our other SDK frameworks for additional code snippets.

Next (optional): Test the connection to Kinde’s API.