Skip to content
  • SDKs and APIs
  • Your APIs

Give others access to your API

Although we do not currently have a dedicated feature for it, there is a way to provide your users with programmatic access to your API and applications via Kinde.

You need to register your API with Kinde before you begin.

Here’s the process:

  • Create a machine to machine (M2M) application
  • Connect the application to your API
  • Provide access to the user via token or app keys

Create a M2M application

Link to this section

You will want to create a separate M2M application for each user, system, or business who needs to access your API. It is not secure to share access via the same tokens or app keys.

  1. Go to Settings > Applications.
  2. Select Add Application.
  3. In the dialog that opens, give the application a name, and select Machine to Machine as the Application type.
  4. Select Save. App keys - including Domain details, Client ID and Client Secret - are issued for the application.

Connect the API to the application

Link to this section
  1. In the application list, find the M2M app you created and select View details.
  2. Select APIs in the menu. A list of all available APIs shows.
  3. Switch on the APIs you want to connect to the application. Be very careful you select the intended API and not Kinde’s API.
  4. Select Save.

If you need to cut off access to your API for a user, you can switch off the connection any time.

Provide access to third parties

Link to this section

There are two ways you can provide access to your API: via token or app keys.

The third party can request a token using the relevant audience in the claim, for example,

Copy the app keys: Domain, Client ID, and Client secret from the M2M application and provide them to the third-party. Providing app keys authorizes access unless the Client secret is rotated or revoked. This is a more reliable way for third parties to access your API.