Quick start
Machine-to-Machine (M2M)
You can customize the claims of tokens issued to Machine-to-Machine (M2M) applications in Kinde by including selected Properties and Feature Flags. This allows you to inject structured metadata and configuration directly into the token, without requiring an additional lookup at runtime.
This is useful for:
From here you can:
permissions
claimTokens remain signed JWTs and can be verified like any other Kinde-issued token.
Properties are a flexible metadata system in Kinde. You can define custom fields and assign values to individual M2M applications — for example, tier
, region
, or model_version
.
To include a property in the token:
The value will appear in the token under a application_properties
claim:
{ "application_properties": { "region": { "v": "eu" }, "tier": { "v": "pro" } }}
The v
is a shortcode for the value of the property.
Only the properties you explicitly toggle on will be included.
If your M2M app is scoped to an organization, you can also include feature flags that are enabled for that org.
To do this:
feature_flags
claimExample:
{ "feature_flags": { "new-ai-agent": { "t": "b", "v": true }, "access-level": { "t": "s", "v": "beta" } }}
The t
and v
are short codes for the type and value of the feature flag.
t
= type
(boolean, string, number)v
= value
(true | false, “beta”, 1, etc.)Only the feature flags you explicitly toggle on will be included.
For complete control over the token, you can use the Kinde M2M token generation workflow to customize the token further.
For example, you can: