Abdiwak Bekele Comments - Answer Overflow

Topics

Abdiwak Bekele

•Created by __maxom__ on 5/3/2025 in #💻┃support

Kinde Webhooks not being sent

Hi Maxom, As mentioned earlier, we've escalated this internally and are looking into it. It may take a couple of days, especially since we may need to involve our UK-based team for further troubleshooting. In the meantime, we’re continuing to work on gathering more information, and your logs have been very helpful for context. I understand the difficulty of not having visibility into webhook delivery through the dashboard. Rest assured, we're taking this into account as we investigate the issue. If you have any further updates, questions, or if there's anything else you'd like us to look into, please feel free to share it. We’ll keep you informed as we make progress. Thanks again for your cooperation.

19 replies

•Created by __maxom__ on 5/3/2025 in #💻┃support

Kinde Webhooks not being sent

Hi Maxom, We've escalated the issue internally and will be looking into it further. As this may require input from our UK-based team, it could take a couple of days to fully investigate. In the meantime, if possible, could you please share any relevant logs, screenshots of errors, or other supporting details? This will help us provide the necessary context for our team to troubleshoot effectively. We'll keep you updated as we make progress.

19 replies

•Created by Paul E on 5/1/2025 in #💻┃support

Kinde Billing for non-recurring payments

Are you asking what the cost is for using Kinde billing feature?

If so, here is the pricing.

Kinde transaction fees (excluding Stripe fees) per transaction: - Free: 1.25% - Pro: 1% - Plus: 0.75% - Scale: 0.50% Let me know if you have any further questions.

7 replies

•Created by __maxom__ on 5/3/2025 in #💻┃support

Kinde Webhooks not being sent

Hi Maxom, Thank you for taking the time to run those extensive tests. Per our documentation, Kinde does implement an exponential backoff retry mechanism (up to 36 hours in total) https://docs.kinde.com/integrate/webhooks/about-webhooks. As for the issue you're facing — webhooks not reaching your Cloudflare Worker — here’s what we’ve confirmed so far: - The webhook is active and subscribed to the correct events. - Your Cloudflare Worker is publicly accessible and responds correctly when triggered manually. - The JWKS URI is correctly configured and validated via both Postman and code-based tests. - You’ve waited beyond the expected retry intervals (including after the 10-minute mark). - You switched the webhook URL from the local (Ngrok) endpoint to the Cloudflare Worker before the next retry window. Given all of this, it does appear that Kinde may not be retrying the previously failed event after the URL change — or retries are still being sent to the original endpoint. I can confirm that there currently isn’t a “Request Attempts” section in the UI, which is understandably making this harder to debug on your end. I’ve escalated this to our engineering team so they can investigate further internally. I’ll circle back with any updates as soon as I hear back from them. In the meantime, if you've generated any new events after switching to the Cloudflare Worker, please let me know — those should immediately target the updated URL. We’ll get to the bottom of this

19 replies

•Created by __maxom__ on 5/3/2025 in #💻┃support

Kinde Webhooks not being sent

Hey there.

Thanks for reaching out, and sorry you're running into issues. Here are a few things to check based on our docs: 1. Go to Settings → Environment → Webhooks and make sure your production webhook is active and subscribed to the right events (like role.created). 2. Scroll down to Request Attempts — if you don’t see anything here (not even failures), Kinde hasn’t tried sending anything yet. 3. If a webhook fails, we retry on a backoff schedule (5s, 30s, 2m, 10m, 1h, etc.). If you changed the URL mid-retry, earlier retries still go to the old URL. You’ll need to wait for the next one. 4. Make sure your Cloudflare Worker is publicly accessible over HTTPS and not blocking external IPs (no allowlist or firewall rules). 5. Double-check that the JWKS URI in your prod webhook settings matches the one your Worker is using to validate JWTs. A mismatch will cause the request to fail and retry. Quick questions to help us debug: - Do you see any request attempts in the Dashboard (even failed ones)? - Is the JWKS URI correct in the webhook config? - Any IP/firewall rules that might block Kinde? Let us know what you find! We're here to help

19 replies

•Created by __maxom__ on 5/3/2025 in #💻┃support

Development environment question

Yes, feature flags follow a similar pattern.
And here is a documentation, you can get a detail info here about the topics we mentioned here

- https://docs.kinde.com/manage-users/about/
- https://docs.kinde.com/manage-users/roles-and-permissions/user-roles/
- https://docs.kinde.com/build/environments/environments/#switch-between-environments
- https://docs.kinde.com/releases/about/about-feature-flags/#feature-flag-use-cases

Let me know if any clarification needed. Thanks

7 replies

•Created by __maxom__ on 5/3/2025 in #💻┃support

Development environment question

Hi, Thanks for reaching out. Yes, this is expected behavior. Permissions and roles are defined at the 'Business' level in your Kinde account, which is the global level. Specifically: - Roles and permissions are defined at the business level, but applied to users at an organization level. - While environments cannot share data or configuration settings generally, roles and permissions are an exception since they are defined globally at the business level. This is why when you create roles/permissions in one environment, they appear in all environments - they are business-level configurations rather than environment-specific ones. I hope that helps, let me know if any futher clarification needed. Thanks.

7 replies

•Created by Paul E on 5/1/2025 in #💻┃support

Kinde Billing for non-recurring payments

You could handle it that way - I dont think that would create a jarring UI/UX experience.

Let me know if you have any further questions and I'll respond to them when I can next week.

7 replies

•Created by Straegge on 4/24/2025 in #💻┃support

Kinde in Cloudflare Pages Function Middleware

Hi, thanks again for your patience while I continue looking into this — just wanted to check in with a quick question to make sure we fully understand the flow on your end. After the user logs in through the React app (via Kinde), are they being redirected to a Cloudflare Pages URL using the redirect_uri — or is a different flow being used there?

10 replies

•Created by 0x9874 on 5/2/2025 in #💻┃support

Mac Application

Hi, there The error you're seeing — Expected: State not found — typically means the state parameter saved at the start of the OAuth flow can’t be validated at the callback stage. This usually happens because the state is stored in a cookie that’s scoped to a specific domain, and if the redirect doesn't come back through the browser (as with application:// schemes), the cookie never arrives — leading to that mismatch. At the moment, the Kinde SvelteKit SDK relies on browser-based redirects over HTTPS. That means custom schemes like application:// aren’t supported out of the box, since they bypass the browser’s ability to return the necessary session state. Instead of deep linking, use the loopback interface method, where you spin up a temporary local HTTP server in your app (e.g. http://127.0.0.1:PORT/callback), launch the system browser for login, and catch the redirect with your app. This keeps the OAuth flow secure and lets the app handle the callback properly without breaking the state check. Let me know if you’d like help setting that up, or if you want to explore manually implementing the Authorization Code + PKCE flow to have more control in your native context. Happy to support further

5 replies

•Created by Ricer on 5/2/2025 in #💻┃support

Random error when trying to authenticate - ExpressJS backend with DynamoDBStore + React frontend

Hey Ricer,

Thanks for reach out. to get to the bottom of this “random” protectRoute failure I’m going to need a few more details—especially around your SDK and session config—so we can reproduce the exact conditions. Could you share: 1. SDK versions - Exact version of @kinde-oss/kinde-node-express (you mentioned 1.6.0—please confirm) - Exact version of jwt-validator - Node.js version you’re running 2. DynamoDBStore configuration - The snippet where you initialize your session store (DynamoDB table name, TTL settings, region, any custom serializer) - Are you using the built‑in AWS SDK or pinning to a specific aws-sdk version? 3. protectRoute setup & errors - The code around your protectRoute (or verifier) middleware—especially how you call validateToken - Full stack trace or HTTP status/code you see when it fails (403? 500? socket timeout?) - Any console.log of req.headers or the raw token when it rejects 4. Repro steps & environment - Does this only happen after you change the React build? When you clear cookies? When you switch users? - Are you running locally (localhost), in Docker, or deployed to a cloud environment? - Browser you’re testing in and any proxy in‑between (CORS or reverse proxy)? With those details we can: - Check if it’s a caching issue (JWKs not refreshing after logout) - See if your DynamoDB session TTL is expiring too quickly or table permissions are flipping - Pinpoint whether your cookie/name/path/domain is colliding when you flip users in the same session Once you post those snippets and logs I’ll reproduce it on my end and we’ll get you a targeted fix (or point you to the upgrade where it’s already been resolved). Thanks

2 replies

•Created by Paul E on 5/1/2025 in #💻┃support

Kinde Billing for non-recurring payments

Hey Paul,
Thanks for your interest in Kinde's billing feature.

For now our focus is on subscription payment use-case, but support for one-time transactions (including % clips of the transactions) is on our radar.

Let me know if you have any further questions.

7 replies

•Created by 0x9874 on 5/2/2025 in #💻┃support

Mac Application

Hi there, Thanks for reaching out. You might want to check out Kinde’s documentation, particularly the section on the SvelteKit SDK — since you mentioned using SvelteKit, it could be quite helpful. It's possible there’s a setup issue with the redirect URIs in your OAuth flow. Make sure the URIs match exactly — even a small mismatch can cause problems. Also, double-check your URL and cookie settings to ensure everything is configured correctly. If the issue persists after reviewing these, it may be worth digging into SvelteKit’s settings related to cookies and redirects for more insights. Let me know if you have any questions — happy to help further

5 replies

•Created by David on 4/30/2025 in #💻┃support

API to rotate client secrets for an M2M app

Hello, David. I have informed the team about your suggestions. Features normally take some time to develop, test and publish, but they are considered. I will let you know if there is any update you should know of. Thank you!

4 replies

•Created by Paul E on 5/1/2025 in #💻┃support

Kinde Billing for non-recurring payments

Hi Paul, Thanks for reaching out — and great question! I’ll raise this with our billing team, and we’ll get back to you with more details on whether one-time payments like ticket purchases are supported or planned. Appreciate you sharing your use case!

7 replies

•Created by David on 4/30/2025 in #💻┃support

API to rotate client secrets for an M2M app

Hello, David. You are right, currently, client secret rotation for M2M applications can only be done through the Kinde dashboard - there is no API endpoint available for this functionality. Here's how you can rotate the client secret manually: 1. Go to Settings > Applications in Kinde
2. Select "View details" on your M2M application
3. Scroll to the "Admin actions" section
4. If you have a previous client secret, you'll need to delete it first
5. Select "Rotate" and follow the prompts I’ve followed up with my team to confirm whether there are any new updates I need to be aware of. If you have any additional questions or concerns that I can help with, please let me know. Sources: [1] Rotate client secret

4 replies

•Created by chossenger on 3/27/2025 in #💻┃support

Token request containing audience with trailing slash provisioned but missing scopes

Hey there, You are welcome. Please feel free to ask any questions. We are here to help you.

12 replies

•Created by Rinzarin on 4/19/2025 in #💻┃support

Error: State not Found

Great. Do let me know how it goes

10 replies

•Created by __maxom__ on 4/29/2025 in #💻┃support

Kinde Management API is_auto_membership_enabled

Hi, Thanks for reaching out.

Given this APIs and the explicit deprecation warning in the Update API: 1. For new implementations, use is_auto_membership_enabled when updating organizations to future-proof your code. 2. For creating organizations, since is_auto_membership_enabled is not documented in the create endpoint, you should continue using is_allow_registrations until the documentation is updated. In the meantime, I’ll check with the team for any updates and let you know as soon as possible. Thanks

2 replies

•Created by Kenneth on 4/4/2025 in #💻┃support

CORS Errors when using wildcards for allowed callback URLs

Hi, just a quick note to let you know we haven’t forgotten about your request. The team is still actively investigating, and I’ll make sure to update you as soon as we have any news. Thanks again for your patience — really appreciate it!

25 replies