Difference between M2M API and Back-end API
I'm following the Kinde docs (https://kinde.com/api/docs/#kinde-management-api) to use the Management API, and the first step is to add a machine to machine application for API access.
I'm a bit confused: what is the difference between using using a m2m application for API access vs the existing one (Back-end web) I had already created for my NextJS app? Since it also provides me with the domain, client ID/secret.
6 Replies
Great question @internetjohnny
The difference between a machine-to-machine (M2M) application and a back-end web application lies in their use cases and how they handle authentication.
A M2M application is used for server-to-server interactions where there is no user involved. It's typically used for tasks like cron jobs or interacting with third-party APIs. M2M applications use the Client Credentials Flow, where the application authenticates itself with the API using its Client ID and Client Secret, and receives an access token.
On the other hand, a back-end web application is used when you have a server-side rendered application, like a NextJS app, where users interact with the application. These applications use different authentication flows like Authorization Code Flow, where the user authenticates themselves and grants the application permissions.
While both types of applications provide you with a domain, client ID, and client secret, they are used in different contexts and have different authentication flows. So, for accessing the Kinde Management API, you would need to create a M2M application.
Hope that answers your question
It does for the most part. I just don't understand then why, when I go to Settings > API > Kinde Management API, it shows me both the M2M and Back end apps are available to be switched on.
I'm more curious than anything though 🙂
Do you also have a backend application setup with Kinde?
The Kinde Management API is designed to be flexible and cater to different use cases. The Machine to Machine (M2M) and Back end apps options are available to be switched on based on your specific needs.
Yes, I do. I have integrated Kinde with my NextJS project. Which is why I was wondering why I needed to set up a separate M2M application in order to access the Management API (instead of just using the credentials - client id and secret - already provided in my backend app
You can use backend app to interact with the Kinde API, you only need to enable the API in settings. M2M app is optional, in case you would want separation, or pure machine-to-machine setup.
Got it, thanks!