K
Kinde6mo ago
CABZZ

NextJS Kinde Management API troubles

Hello, I have a nextjs project using the @kinde-oss/kinde-auth-nextjs package and I am having trouble using the management api. I followed the docs by adding the credentials to env file and enabled the management api for the project doing the following: Navigate to Settings → APIs → Kinde Management API → Applications and enable your Next.js app. Then I implemented the following code to retrieve a Kinde user by its id: 
export const getKindeUser = async (id: string) => {
    const client = await createKindeManagementAPIClient();
    const user = await client.usersApi.getUserData({ id });

    return user;
}
export const getKindeUser = async (id: string) => {
    const client = await createKindeManagementAPIClient();
    const user = await client.usersApi.getUserData({ id });

    return user;
}
The problem is that the response of getUserData() is always HTTP 403 and I don't know how to resolve this. Can anyone help me with this? Thank you, Joël
10 Replies
viv (kinde)
viv (kinde)6mo ago
Hey @CABZZ - a few things you could check is: 1. your .env file is pointing at the correct app, includes all the necessary credentials / URLs 2. are you using custom domain? 3. the value of KINDE_AUDIENCE - matches the one that is in your settings 4. Is createKindeManagementAPIClient returning what you'd expect? 5. I believe there was a bug with createKindeManagementAPIClient but it was 6 months back - have you updated your app since? Thanks!
CABZZ
CABZZ6mo ago
@viv (kinde) 1. .env file contains the following props: KINDE_CLIENT_ID, KINDE_CLIENT_SECRET, KINDE_ISSUER_URL, KINDE_POST_LOGIN_REDIRECT_URL, KINDE_POST_LOGOUT_REDIRECT_URL, KINDE_SITE_URL 2. Yes. 3. I am not familiar with KINDE_AUDIENCE. Is it in the docs? 4. createKindeManagementAPIClient is returning what I expect but the getUsersData isn't 5. I use the latest version of the package 2.2.3
viv (kinde)
viv (kinde)6mo ago
On num 2.- so with the mgmt api, you should also send across Kinde audience: https://kinde.com/docs/build/register-an-api/ - if you go to applications > {your app} > apis - you should see a value under audience (also the value of your key) which you've toggled on previously that would look something like {domain}/api and send this across in the request body. As you're using custom domain, you'd also need to ensure that this is the kinde domain value ie https://domain.kinde.com/api rather than {custom_domain}/api. I just gave it a test and a missing audience gave me a 403 so that could be what you're encountering also. Please let me know if this helps resolve? Thanks!
Kinde Docs
Register and manage APIs - Build on Kinde - Help center
Our developer tools provide everything you need to get started with Kinde.
CABZZ
CABZZ6mo ago
@viv (kinde) I'm not sure I understand where to set the audience in the request. Also, would it matter I do this in an endpoint? so there is no user authenticated.
viv (kinde)
viv (kinde)6mo ago
Hi @CABZZ - would you be able to try sending it across in the request body when you are getting the access token (before you send the token across to an endpoint)? Sorry for the confusion but would you be able to clarify a bit more about Also, would it matter I do this in an endpoint? so there is no user authenticated. ? Thank you!
CABZZ
CABZZ5mo ago
@viv (kinde) alright so what I am trying to do is use a webhook from brevo, an external application. Brevo sends a request to my nextjs application api endpoint on /api/brevo/webhook/[id]. When handling this request I need to look up some information from a Kinde user, this is why I wanted to use the management api, to get that information. So I believe there is no place where I am getting a access token. The code I have send in my original post is all I got related to Kinde. I hope that clarifies my previous question.
viv (kinde)
viv (kinde)5mo ago
Ahh gotcha, would you be able to share a little code from the getUserData function? There are a few options to get info about the Kinde user using the management api - https://kinde.com/api/docs/#get-user (get user info by sending user id) - client credentials flow - https://kinde.com/api/docs/#get-user-profile (Contains the id, names and email of the currently logged in user.) - auth code w/PKCE flow Both of these would require you to get the access token first, then send the request across to that endpoint to retrieve information. Otherwise, with that package, you should also be able to use getIdToken to get the id token & read that for more info about the user. Would these methods resolve your issue? Thanks!
CABZZ
CABZZ5mo ago
The getUserData function is a function from the @kinde-oss/kinde-auth-nextjs package, its not my own. It's Kinde code... And no these methods would not resolve the issue @viv (kinde) 😄
Daniel_Kinde
Daniel_Kinde5mo ago
Hi @CABZZ , hope you're good? I have an alternative approach for you, we have just deployed a new dedicated management SDK which is aimed to streamline the usage of the API and make things simpler when it comes to handling tokens. This SDK will manage the M2M access token for you so you don't have to worry about it at all, plus has a simpler interface. https://github.com/kinde-oss/management-api-js
GitHub
GitHub - kinde-oss/management-api-js: javascript package for intera...
javascript package for interacting with the Kinde Management API - kinde-oss/management-api-js
CABZZ
CABZZ5mo ago
Ah cool, ill check it out when i have the time. The feature I was working on was cancelled so dont need it anymore really 😅
Want results from more Discord servers?
Add your server