About workflows
Workflows
Trigger: m2m:token_generation
This trigger fires when an M2M token is generated.
You cannot modify tokens when the Kinde management API has been requested as an audience.
You may want to add additional custom claims to the M2M token before it is delivered to your product.
If you want, you can use M2M applications similar to API keys to enable access to various endpoints and tie them to an organization or user. For example, you add the organization code as a custom property on the M2M application, then fetch any data you’d like to include in the token. See example code
The kinde.m2mToken binding is used to modify claims in the generated access token.
The main argument provided to your code is the Kinde workflow event
object which has two keys request
and context
. This gives you access to the reason the workflow was triggered. Here’s an example:
{ "request": { "auth": { "audience": ["<EXAMPLE_API>"], "scope": ["read:users"] }, "ip": "192.168.0.1" }, "context": { "domains": { "kindeDomain": "https://example.kinde.com" // Your Kinde domain }, "application": { "clientId": "299627bd8bfa493f8b17e6aec8ebfb86" // the M2M application ID }, "workflow": { "trigger": "m2m:token_generation" } }}
See examples on GitHub:
Map M2M applications to organizations - Shows how to map M2M applications to organizations. Useful if using Kinde for B2B API key management