K
Kinde•6mo ago
jonericcook

Offline Usage of Kinde Auth

Hello, I will have a web app (react or nextjs) and a mobile app (ios and maybe later android). All the apps (mobile and web) will use Kinde auth and Kinde billing (when it released). I plan to have the user sign up on the web app and start a subscription (i dont want to deal with In-App Purchases in the apple app store). Once everything is done (user is signed up and they have an active subscription) I want them to be able to use their mobile app offline. I found this https://kinde.com/docs/authentication-and-access/user-auth-applications/#offline-scopes-and-refresh-tokens but wanted to come here and confirm my desired behavior is possible. Essentially, I want to allow the user to use the app offline for a set amount of time (maybe 5-7 days) and after that time I will force them to get an internet connection and re-authenticate. If in that window of time they canceled their subscription I want to block them from using the app.
Kinde Docs
Manage authentication across multiple applications - Authentication...
Our developer tools provide everything you need to get started with Kinde.
3 Replies
onderay
onderay•6mo ago
👋 @jonericcook Yes, your desired behavior is possible with Kinde. For offline access, you can use the offline scope in your authentication request. This will provide you with a refresh token that can be used to maintain long-running sessions. This works both in back-end apps and in web apps. Here's an example of how to get a refresh token: 
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" \
    -d "response_type=code&client_id=your_client_id&redirect_uri=your_redirect_uri&scope=offline%20email%20openid%20profile&grant_type=authorization_code" \
    https://<yoursubdomain>.kinde.com/oauth2/auth
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" \
    -d "response_type=code&client_id=your_client_id&redirect_uri=your_redirect_uri&scope=offline%20email%20openid%20profile&grant_type=authorization_code" \
    https://<yoursubdomain>.kinde.com/oauth2/auth
You can set the refresh token's lifetime to your desired offline period (5-7 days). After this period, the user will need to re-authenticate. Once we Billing out, you will be able to check in the token if they still have access.
jonericcook
jonericcook•6mo ago
@Andre @ Kinde "This works both in back-end apps and in web apps." does this also mean it works in mobile apps?
onderay
onderay•6mo ago
Correct
Want results from more Discord servers?
Add your server
More Posts
Is there a way for the login/signup happen in a modal rather than a full redirect?Hello, I've got Kinde up and running on a side project, I was wondering if instead of redirecting I Import error with Kinde TypeScript SDK in Next.js 14 project using PNPMHello everyone, I've recently integrated the Kinde auth solution into my Next.js 14 project, utilizProblem with the SvelteKit SDK.Hi! I tried to integrate Kinde with my exiting Sveltekit 2 project, I have followed the official docHaving problems with logout URLsI have them configured in my settings, but I'm still getting sent to the Kinde logout page. ScreenshMFA Endpoints to Change User Preferencesright now the only way to set up MFA is the first time they login after the MFA preferences are saveRedirected to a page displaying null after loginI have recently migrated our startup from using clerkJs to kinde auth. I have integrated all of the How to specify org when creating a user using kinde management apiI want to create two organisations for my app Admins and Users. I want to create users only via api Pro Plan bill due in -28 dayswhat