Skip to content
Visit Kinde’s marketing website Kinde Docs
  • Manage your APIs
  • Add and manage API keys

Create an API key

This guide shows you how to create API keys in Kinde for your registered APIs.

API keys can be created at the organization level (managed by admins) or user level (managed by individual users), depending on your business model.

Prerequisites

Link to this section

Before creating API keys:

  1. Register your APIs in Kinde (see API registration guide).
  2. Define scopes for your APIs (optional).
  3. Set up an M2M application for accessing the Kinde management API (if you intend to use our API).

Create API keys

Link to this section

You can enable your customers to create API keys via the self-service portal.

You can also create API keys on their behalf via the Kinde admin area or via API. See below.

Via the Kinde admin area

Link to this section

Create organization-level keys

Link to this section
  1. Go to Organizations
  2. Select an organization.
  3. Select API keys from the left sidebar.
  4. Click Add API key.
  5. Configure the key:
    • Name: Give it a descriptive name (e.g., “Production Integration”)
    • API: Select the API this key can access
    • Scopes: Choose specific scopes for the API
  6. Select Save

Create user-level keys

Link to this section
  1. Go to Users
  2. Select a user.
  3. Select API keys from the left sidebar.
  4. Click Add API key.
  5. Configure the key:
    • Name: Give it a descriptive name (e.g., “Production Integration”)
    • API: Select the API this key can access
    • Scopes: Choose specific scopes for the API
  6. Select Save

Via API

Link to this section

Use your M2M application to create API keys programmatically:

Terminal window
# Create an organization-level key
curl -X POST https://your-domain.kinde.com/api/v1/api_keys \
  -H "Authorization: Bearer YOUR_M2M_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production Integration",
    "api_id": "<your-api-id>",
    "scope_ids": ["read:users", "write:users"],
    "org_code": "<your-org-code>"
  }'


# Create a user-level key
curl -X POST https://your-domain.kinde.com/api/v1/api_keys \
  -H "Authorization: Bearer YOUR_M2M_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "User API Access",
    "api_id": "<your-api-id>",
    "scope_ids": ["read:users"],
    "user_id": "<your-user-id>"
  }'

API key response

Link to this section

When you create a key via API, Kinde returns a key value. Store it securely immediately — you won’t be able to see it again. You can use the id later to manage the key (for example, rotate, revoke, or fetch metadata). You cannot retrieve the secret again.

{
  "message": "API key created",
  "code": "API_KEY_CREATED",
  "api_key": {
    "id": "api_key_0195ac80a14e8d71f42b98e7xxxxxxx",
    "key": "k_live_12345678abcdefghijkl" // example placeholder; not a real key"
  }
}

Related articles

Useful links

  • Join the community

    Get support from the Kinde team and expert users in the Kinde community

    Join via Slack or Discord

  • Contact support

    Chat to support through the Kinde help widget, or send a question via email

    Send an email