Integrating Kinde in Remote MCP Server
Hi, I'm developing a remote MCP server for use in Claude, Cursor etc. and trying to integrate Kinde. The MCP auth flow (https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization) needs to comply with OAuth2.0 Authorization Server Metadata RFC 8414 and Dynamic Client Registration Protocol RFC 7591
I have had some luck but the flow is failing with Kinde's /.well_known/oauth-authorization-server endpoint because it doesn't provide a registration_endpoint field (dynamic client registration). I've worked around this by defining my app as the security "issuer", returning my own oauth-authorization-server response and explicitly defining /register, /authorize, and /token endpoints. In /register I return mockup client ID and secret. It works but now I need to integrate Kinde.
During the connection process in Claude.ai (or Cursor.. etc.) I want the user to be directed to Kinde's login. I think my app's /.well_known/oauth-authorization-server endpoint will still be needed as a proxy but I'm not 100%. I believe I will need to delegate the /authorize and /token endpoints and I'm unsure of what I will need to include in /register - forward to /login?? .
I have setup a Kinde backend application and tried delegating /authorize to Kinde's /oauth2/auth endpoint but I'm getting an error in that the "callback" is not configured in Kinde. But this is the client's callback, which obviously I can't include because it's always changing. Maybe I need to use single-page PKCE application ??
I've previously implemented multiple nextjs apps with Kinde so I have some knowledge of Kinde but I'm way out of my league on this and need some help.
Thanks
Dave
I have had some luck but the flow is failing with Kinde's /.well_known/oauth-authorization-server endpoint because it doesn't provide a registration_endpoint field (dynamic client registration). I've worked around this by defining my app as the security "issuer", returning my own oauth-authorization-server response and explicitly defining /register, /authorize, and /token endpoints. In /register I return mockup client ID and secret. It works but now I need to integrate Kinde.
During the connection process in Claude.ai (or Cursor.. etc.) I want the user to be directed to Kinde's login. I think my app's /.well_known/oauth-authorization-server endpoint will still be needed as a proxy but I'm not 100%. I believe I will need to delegate the /authorize and /token endpoints and I'm unsure of what I will need to include in /register - forward to /login?? .
I have setup a Kinde backend application and tried delegating /authorize to Kinde's /oauth2/auth endpoint but I'm getting an error in that the "callback" is not configured in Kinde. But this is the client's callback, which obviously I can't include because it's always changing. Maybe I need to use single-page PKCE application ??
I've previously implemented multiple nextjs apps with Kinde so I have some knowledge of Kinde but I'm way out of my league on this and need some help.
Thanks
Dave
