M2M overview
Machine-to-Machine (M2M)
This guide shows you how to create a Machine-to-Machine (M2M) application in Kinde, authorize it for an API, and use the client credentials flow to get a token and make a secure API request.
You can skip this step if you already have an API registered in Kinde.
For more detail, see Register and manage APIs.
If you skip this step, token requests will be rejected.
If your API uses scopes to define permissions:
read:users
, write:flags
)For more detail, see Define and manage API scopes.
You can test the app in one of two ways:
curl --request POST 'https://<your-subdomain>.kinde.com/oauth2/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'client_id=your-client-id' \ --data-urlencode 'client_secret=your-client-secret' \ --data-urlencode 'audience=<your-api-audience>' \ --data-urlencode 'scope=read:users write:flags'
The response will include a bearer token you can use in requests:
{ "access_token": "<token>", "token_type": "Bearer", "expires_in": 3600}
Include the token in the Authorization
header:
curl https://your-subdomain.kinde.com/v1/organizations \ -H "Authorization: Bearer <token>"