New Nuxt /api/access endpoint causing issues
Today I went and updated my
@nuxtjs/kinde package from 0.1.11 to 0.2. All of a sudden all of my routes were failing as they were trying to access /api/access which I'd never seen before and isn't one of my routes. I eventually found the route in the source code of your Nuxt SDK.
Also, unlike the other endpoints I can't see any documentation on this new endpoint.
Now in my setup I have a global catch-all [..].ts file which I use as a proxy between Nuxt and my .NET API. It's job is basically to take the user's request pointing to my Nuxt server and via a Nitro proxy redirect it to my .NET API and add the Kinde bearer token to the header.
What is strange is that the other Kinde SDK endpoints do not trigger the proxy. (E.g. /api/login, /api/logout /api/health. They go through your SDK normally. Is it possibly because they are GET methods, whereas this is a POST method?
I've tried to bypass this by getting my catchall file to either return undefined or to call sendProxy but it either returns no data (which isn't expected) or gives a bad gateway issue. I'll admit that this is possibly more an issue on my end around lack of knowledge of Nuxt / Nitro but I'd appreciate it if someone has a solution.8 Replies
Rolling back to 0.1.11 fixed the issue for me, but obviously that isn't a permanent solution.
Hi there
Thanks for reaching out. Since version
@nuxtjs/[email protected], a new POST route /api/access was added internally to handle session refresh. It’s not documented yet, but it’s required by the SDK.
If you’re using a catch-all API route like server/api/[...].ts, it might be blocking this and breaking the refresh flow.
You have 2 options:
A. Exclude /api/access from your proxy:
B. Remap the endpoints via nuxt.config.ts:
This avoids conflicts with /api/* routes.
Refs:
- NPM: https://www.npmjs.com/package/%40nuxtjs/kinde
- GitHub Release: https://github.com/nuxt-modules/kinde/releases
- Docs: https://docs.kinde.com/developer-tools/sdks/backend/nuxt-module/
Let me know if this helps or if you need more infoThanks, currently working on something else, but I'll give Option B a go later.
Option A doesn't work as the endpoint always returns an empty value which is not what the Kinde SDK is expecting.
Hi there
Try Option B as soon as you’re free—this is the most foolproof way to avoid any future
Let me know the outcome or share any logs/errors you see—happy to dive deeper with you
Try Option B as soon as you’re free—this is the most foolproof way to avoid any future
/api/* conflicts. If you’d prefer Option A but still see empty responses, double‑check that your if (path.startsWith('/api/access')) return is above any await sendProxy(...) logic, and that you’re not inadvertently sending a response body.
Let me know the outcome or share any logs/errors you see—happy to dive deeper with you
I would also vastly prefer Option B as it would give better future proofing.
Neither option worked. Option B still tries to go through my proxy.
That said, I also realised I probably need to change my
.env settings and the documentation and code don't make it clear to me what variable I should be changing to use the new routes.
I tried NUXT_KINDE_ACCESS_URL but it doesn't seem to work.
I can see that remapping the endponts doesn't go through my proxy so I'm feelilng confident once I get the environment mapping in place that should resolve the issue for me.Hi there,
Thanks for the update. Regarding your point: currently, remapping Kinde endpoints via the
kinde.endpoints option in nuxt.config.ts only changes the public paths exposed by the SDK. It doesn't rely on specific .env variables like NUXT_KINDE_ACCESS_URL for this purpose, so setting that won’t affect the routing.
That said, I understand the confusion and will raise this internally with our team to see if clearer environment mapping or documentation updates are needed.
In the meantime, feel free to reach out with any other questions or issues—we’re happy to helpIf we can't change the URL via the
NUXT_KINDE_ACCESS_URL then that's a blocker from me updating to the later versions of Kinde.
The only workaround I could do would be if I changed all of my APIs to use a different URL but that's a fair bit more work (e.g. instead of /api my APIs used /platform or something else.
I would argue that this is a public path as it's visible in the browser and hosted on my web servers.
I'm going to hold off upgrading for now, hopefully your team will get back to us to see if it's possible to enable the routing configuration.Hi there,
Thanks for sharing your concerns. I completely understand how this limitation with the
NUXT_KINDE_ACCESS_URL can be a blocker for your upgrade. I’ve already escalated this issue to our engineering team to investigate whether enabling routing configuration is possible.
As soon as I have more information, I’ll be sure to update you. In the meantime, if you need assistance with anything else, just let me know.