K
Kinde7d ago
dig5549

Retrieve user data from access token

I have access token which is generated by react SDK. My backend is implemented in python. I'm planning to use jwt based authentication but I couldn't find way to retrieve user data from access token which is generated by react SDK. Any way to retrieve user data from access token? Also I want to know a way to retrieve access token for connected apps under my situation. Sample Frontend: 
const { user, isLoading, isAuthenticated, logout, getToken } = useKindeAuth()
  const router = useRouter()

  useEffect(() => {
    if (!isLoading && !isAuthenticated) {
      router.push('/auth/signin')
    }
  }, [isAuthenticated, isLoading, router])

  const fetchData = async () => {
    try {
      const accessToken = await getToken()
      const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/emails`, {
        headers: {
          Authorization: `Bearer ${accessToken}`
        }
      })
      const result = await response.json()
    } catch (err) { xx } finally { xx }
  }
const { user, isLoading, isAuthenticated, logout, getToken } = useKindeAuth()
  const router = useRouter()

  useEffect(() => {
    if (!isLoading && !isAuthenticated) {
      router.push('/auth/signin')
    }
  }, [isAuthenticated, isLoading, router])

  const fetchData = async () => {
    try {
      const accessToken = await getToken()
      const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/emails`, {
        headers: {
          Authorization: `Bearer ${accessToken}`
        }
      })
      const result = await response.json()
    } catch (err) { xx } finally { xx }
  }
Backend(python, fastapi) 
async def verify_token(request: Request):
    auth_header = request.headers.get("Authorization")    
    token = auth_header.split(" ")[1]
    kinde_client = get_kinde_client() 
    signing_key = kinde_client.jwks_client.get_signing_key_from_jwt(token)
    
    try:
        decoded_token = jwt.decode(
            jwt=token,
            key=signing_key.key,
            algorithms=["RS256"],
            options={ xxx }
        )
        print(f"decoded_token: {decoded_token}")

        kinde_client.configuration.access_token = token
        details = kinde_client.get_user_details() ###. THIS WONT WORK ###
        print(f"details: {details}")
    ....


@app.get("/backend/api")
async def api(
    user = Depends(verify_token)
):
    try:
    ...
async def verify_token(request: Request):
    auth_header = request.headers.get("Authorization")    
    token = auth_header.split(" ")[1]
    kinde_client = get_kinde_client() 
    signing_key = kinde_client.jwks_client.get_signing_key_from_jwt(token)
    
    try:
        decoded_token = jwt.decode(
            jwt=token,
            key=signing_key.key,
            algorithms=["RS256"],
            options={ xxx }
        )
        print(f"decoded_token: {decoded_token}")

        kinde_client.configuration.access_token = token
        details = kinde_client.get_user_details() ###. THIS WONT WORK ###
        print(f"details: {details}")
    ....


@app.get("/backend/api")
async def api(
    user = Depends(verify_token)
):
    try:
    ...
3 Replies
Ages
Ages5d ago
Hi @dig5549 , Thank you for reaching out. I understand that you're trying to retrieve user data from an access token generated by the React SDK and you’re implementing JWT-based authentication in your Python FastAPI backend. It seems that you're looking for a way to decode the access token and retrieve user details. Let me have a look at this in more detail. I'll get back to you as soon as I can with more specific guidance. In the meantime, if you have any additional questions, feel free to share. Best regards, Ages
dig5549
dig5549OP5d ago
Yes, that's what i want to ask. I have conducted additional research on this. From my research, I understand that the python sdk only allows user data to be retrieved at the time the callback is processed on the backend. As an alternative, it is possible to retrieve user data from the frontend api https://docs.kinde.com/kinde-apis/frontend/#tag/oauth/get/oauth2/v2/user_profile Please let me know if my understanding is correct. If it is, it would be great if the python sdk can also retrieve user data from the user's access token. As a more urgent request, I would like to ask you to check this one. https://discord.com/channels/1070212618549219328/1317584602230947931/1317584602230947931 @Ages
Kinde docs
Kinde Frontend API
The frontend API is for managing the currently signed-in user. It includes getting their profile and revoking tokens
Ages
Ages2d ago
Hi @dig5549 , Your understanding is correct—the Python SDK primarily retrieves user data at the time of callback processing on the backend. For user data retrieval via the frontend, using the endpoint you referenced is indeed a valid approach: Frontend API - User Profile. Regarding your suggestion to extend the Python SDK functionality to retrieve user data from an access token, I’ll pass this feedback along to our team for consideration. To keep our conversation organized, I kindly request that we consolidate all further discussions in the thread you mentioned here: Support Thread. This will help us address your questions more efficiently. Please feel free to reach out there, and I’ll ensure we continue assisting you promptly. Best regards, Ages
Kinde docs
Kinde Frontend API
The frontend API is for managing the currently signed-in user. It includes getting their profile and revoking tokens
Want results from more Discord servers?
Add your server