NextJS + FastAPI
Hi there, I'm working on a project where we have a NextJS frontend which handles login and register on the frontend using the super easy Next SDK. The problem starts to form when we introduce the API that we need to make calls to.
I want to pass the JWT from the frontend over to the API and am doing so in the authorization header. From here I can use the JWK to verify the token, BUT I can't seem to figure out how to fetch additional data from Kinde such as roles, etc.
So my question is, in order to be able to fetch said additional data, would I need to handle all auth on the API side (Preferably do not want to do this ðŸ˜) or is there some sort of python SDK I can use to authorize, get roles, and get permissions on the API side using the JWT from the frontend?
15 Replies
Thanks so much - I actually didn't see any information on manually setting the access_token anywhere in the docs. Going to implement this right now, will be back if I have more issues
This is the error i'm getting
Like so?
What should I put for the request URL? Currently I am authenticating in my NextJS app
So from what I'm getting, do I have to do auth on the backend If I want to access permissions?
Instead of from my NextJS app
@Sam - Insider lets say I don't plan on using perms and roles in Kinde, should I just use JWT auth and query my own database using the sub key?
Okkk got that
And otherwise is it impossible to set the access_token in the client manually as we tried above?
Let me try rephrase my question. Is it possible to have 2 applications which can validate tokens generated by each other AND also get user information from the kinde database (permissions) after validating those tokens?
@Sam - Insider let me know if this is possible
Ok so I have a token generated by NextJS
How would I pass that token to my python app?
I have a kinde SDK setup in python just can't figure out how to give it the token
Right, but passing the token from one SDK to another should also be covered by the API
There’s no function to pass in a token received via API request to the kinde client
Next is the front end, python is the backend
Right but how I do read that JWT inside of the python SDK?
Once I’ve validated, how do I get permissions, etc from kinde?
This is my main issue right now, after validating not sure how to fetch that info - lmk if it’s possible all
hey pls
You must correctly set all the env variables inside your .env file. This error states that you're missing the issuer_url. Go to your dashboard -> application -> get the env var there and paste them inside your .env file
Yes
But it still fails
I’ve played around with this code and it seems it’s not possible to manually set tokens
In theory if you've added the claim on what you want to appear in your token then you should get these info but if you're decoding the access token you should get at least the perms