Why did "Signed out" screen start showing up?
Hello guys, after doing a bunch of Kinde-unrelated frontend changes I started getting Signed out screen from Kinde.
I don't remember changing any Kinde settings and don't understand where this screen is coming from. Can anyone help me?:(
Sharing what we have on production (correct behavior) vs what I have on a deployed staging environment (incorrect). The screen does not show up when developing locally.
...
Is there any way to use Kinde with react native Expo Web?
I've been using Kinde for a while now and love it. We are moving from a pure swift iOS app to an Expo app which will be targeting iOS, Android and Web. However, it seems the Kinde Expo SDK doesn't support web and only supports iOS and Android. Is there any way to enable support for web as otherwise this will be a blocker to us using Kinde and I'll need to move off it which I don't want to do. Is it possible to use the javascript or react sdk in combination with the expo one so that we can target...
Redirect URL for multi-tenancy app
Another issue, but I'll start a separate thread for that, because they are unrelated.
Context: I’m building a multi-tenancy, white-label app. It's an education platform, B2B2C model. I have a platform, where creators (mentors, teachers) can prepare a course. One teacher can have multiple courses. Students can have access to just part of them, but across many organisations (tenants). There is also a student portal, where students can login, if they are invited to (like
edu.example1.com, med.example2.dev). I'm using NextJS.
The issue is:...Multi-tenancy setup and user changing the email
Context: I’m building a multi-tenancy, white-label app. It's an education platform, B2B2C model. I have a platform, where creators (mentors, teachers) can prepare a course. One teacher can have multiple courses. Students can have access to just part of them, but across many organisations (tenants). There is also a student portal, where students can login, if they are invited to (like edu.example1.com, med.example2.dev). I'm using NextJS.
The issue is: users in Kinde are global (per env). So in a scenario like this:
1. User is a student in Org1 (edu.example1.com)
2. User is also a student in Org2 (med.example2.dev)...
Azure Entra ID Oauth Login Microsoft Tokens
Hi,
Quick question. Is it possible to retrieve the microsoft token which is provisioned during Entra ID login? I would like to use the token to fetch some data from the MS Graph APIs.
Thx 🙂...
Missing Billing data in Get Organization API?
Hey Kinde! Just got started with your product and have started to kick the wheels with organizations and billing. According to the docs there should be a billing object on the Get Organization endpoint. But this is missing completely. Using the v1 api - is this under another version since Billing is in beta?
Customise localStorage keys used for useInsecureForRefreshToken between JS and React SDKs
Hello! We're migrating our apps from Auth0 to Kinde (and loving the experience).
We have a React app that has to iframe a legacy app so we've had to use both JS and React SDKs. We were having issues getting the iframed app to use the authenticated Kinde session in local development even though they are on the same domain. We realised that the localStorage key used by the react SDK for the refresh token is
refreshToken0 while the JS SDK is expecting kinde_refresh_token. Is there a way to customise what is used by either SDK to ensure they are the same?...How to transfer ownership of my business?
I created the business as a test with my personal email now I want to convert it to the company email. But couldn't find a way how.
Username entering is buggy?
Hey! When I pass in
testingtesting username all works well - I get prompted to "Enter my password"
However! When I delete this username and replace it with TestingTesting - I get prompted "We need your email too"
Reading in https://docs.kinde.com/authenticate/authentication-methods/username-authentication/ - if I understand correctly these two usernames should be behaving the same! So it seems like a bug to me, please can you confirm?...
Is the Expo SDK buggy with Expo Go?
After the first authentication flow, callbacks stop working. I was told by the Kinde AI that
"This is a known issue with the Expo SDK when using Expo Go. The callbacks stop working after the first authentication flow because of how Expo Go handles deep links and app state restoration"...
Pass values between workflow triggers
Is there a way to pass data between workflows?
I autenticating via SSO (entra id), and need to use the claims in the idToken when generating/formating accesstokens....
Getting and refreshing access tokens in API client ts file
Hi,
I am working on protecting my API by passing the access token in the headers of the API calls and have a few questions to make sure I'm doing this properly using the React SDK.
I am using
openapi-fetch package to call my API and their docs give an example on adding middleware to pass the access token in each request (here). I am using the getRawToken, isAuthenticated, refreshToken utility functions provided in the @kinde-oss/kinde-auth-react/utils import to do this in my API client ts file similar to what is shown in the openapi-fetch docs I linked....Refresh Token missing for Sveltekit, is there a manual option
My environment is Sveltekit v2, Svelte 5 and Typescript, and I am trying to connect to Convex and provide the authorized user through an OIDC handshake.
My understanding is that there are three tokens, the refresh, access and ID. The problem is I need a live connection to the refreshing ID token not the access token. Convex uses a browser based client to ship up authentication and requires a function that can request a refresh, if the existing token is expired. kindeAuthClient getToken returns a memory store with the access token always up to date, but if the user is not at their computer for one hour and returns, the ID is expired despite the user retaining access with regular sessionHooks or getToken. I need a way to send the hooks.server.ts up to date sessionHook ID token to convex. Note, hook.server.ts also runs before any route or server code!
Here is snippets of code...
Error : Moved Permanently POST /api/kinde-webhook 400
Hi, I'm currently trying to implement a Webhook with Kinde in order to sync The Kinde Users with my DynamoDB database.
I used this command for dev testing :
...
ngrok http http://localhost:3000
ngrok http http://localhost:3000
Paid features for development?
Is there any way to have paid features for development? or do i have to pay even if im in the process of building my app? i need more than 2 roles. and test features while building.
Integrating Kinde in Remote MCP Server
Hi, I'm developing a remote MCP server for use in Claude, Cursor etc. and trying to integrate Kinde. The MCP auth flow (https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization) needs to comply with OAuth2.0 Authorization Server Metadata RFC 8414 and Dynamic Client Registration Protocol RFC 7591
I have had some luck but the flow is failing with Kinde's /.well_known/oauth-authorization-server endpoint because it doesn't provide a registration_endpoint field (dynamic client registration). I've worked around this by defining my app as the security "issuer", returning my own oauth-authorization-server response and explicitly defining /register, /authorize, and /token endpoints. In /register I return mockup client ID and secret. It works but now I need to integrate Kinde.
During the connection process in Claude.ai (or Cursor.. etc.) I want the user to be directed to Kinde's login. I think my app's /.well_known/oauth-authorization-server endpoint will still be needed as a proxy but I'm not 100%. I believe I will need to delegate the /authorize and /token endpoints and I'm unsure of what I will need to include in /register - forward to /login?? ....
Issue: production redirects to staging url
Hi,
We've been using Kinde for authentication in our Next.js app since the end of last year. The app is hosted in Azure as a Web App, and within this Web App we have both a staging and a production slot. Each slot has its own set of env variables, including:
```
KINDE_CLIENT_ID...
Enterprise clients can see other enterprise clients on the login screen.
Every time I add a new enterprise client the login screen shows the full list of clients? Is there a way for me to turn off showing all the enterprise connections on the login screen?
Intermittent Error: `Authentication flow: State mismatch`
Hello all -- I am working on a project, and using Kinde for auth (which I quite love).
For this current project that I am working on, I've been intermittently getting this error as soon as I authenticate (with credentials).
{"error":"Authentication flow: State mismatch. Received: <some-string> | Expected: <some-other-string>"}
...Bug in UsersResponseUsersInner class with missing "full_name" field
Hello guys, I'm currently working on a Spring Boot project with Kinde. I'm trying to implement the feature to get all my users with the UsersApi using the kinde management api. The problem is that when I execute usersApi.getUsers(), it uses the UsersResponse type, which in turn uses the UsersResponseUsersInner type. In the UsersResponseUsersInner class, the "full_name" field is missing, and because of the implementation of this class, this error is triggered:
Error retrieving Kinde users: The field
full_name in the JSON string is not defined in the UsersResponseUsersInner properties. JSON: {"id":"random_id","email":"random_email","full_name":"random_full_name","last_name":"random_last_name","created_on":"2025-06-09T21:26:14.471781+00:00","first_name":"random_first_name","is_suspended":false,"last_signed_in":"2025-06-09T21:26:14.93068+00:00","total_sign_ins":1,"failed_sign_ins":0}
I'm using this version :...