K
Kinde3mo ago
dig

Retrieve user data from access token

I have access token which is generated by react SDK. My backend is implemented in python. I'm planning to use jwt based authentication but I couldn't find way to retrieve user data from access token which is generated by react SDK. Any way to retrieve user data from access token? Also I want to know a way to retrieve access token for connected apps under my situation. Sample Frontend: 
const { user, isLoading, isAuthenticated, logout, getToken } = useKindeAuth()
  const router = useRouter()

  useEffect(() => {
    if (!isLoading && !isAuthenticated) {
      router.push('/auth/signin')
    }
  }, [isAuthenticated, isLoading, router])

  const fetchData = async () => {
    try {
      const accessToken = await getToken()
      const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/emails`, {
        headers: {
          Authorization: `Bearer ${accessToken}`
        }
      })
      const result = await response.json()
    } catch (err) { xx } finally { xx }
  }
const { user, isLoading, isAuthenticated, logout, getToken } = useKindeAuth()
  const router = useRouter()

  useEffect(() => {
    if (!isLoading && !isAuthenticated) {
      router.push('/auth/signin')
    }
  }, [isAuthenticated, isLoading, router])

  const fetchData = async () => {
    try {
      const accessToken = await getToken()
      const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/emails`, {
        headers: {
          Authorization: `Bearer ${accessToken}`
        }
      })
      const result = await response.json()
    } catch (err) { xx } finally { xx }
  }
Backend(python, fastapi) 
async def verify_token(request: Request):
    auth_header = request.headers.get("Authorization")    
    token = auth_header.split(" ")[1]
    kinde_client = get_kinde_client() 
    signing_key = kinde_client.jwks_client.get_signing_key_from_jwt(token)
    
    try:
        decoded_token = jwt.decode(
            jwt=token,
            key=signing_key.key,
            algorithms=["RS256"],
            options={ xxx }
        )
        print(f"decoded_token: {decoded_token}")

        kinde_client.configuration.access_token = token
        details = kinde_client.get_user_details() ###. THIS WONT WORK ###
        print(f"details: {details}")
    ....


@app.get("/backend/api")
async def api(
    user = Depends(verify_token)
):
    try:
    ...
async def verify_token(request: Request):
    auth_header = request.headers.get("Authorization")    
    token = auth_header.split(" ")[1]
    kinde_client = get_kinde_client() 
    signing_key = kinde_client.jwks_client.get_signing_key_from_jwt(token)
    
    try:
        decoded_token = jwt.decode(
            jwt=token,
            key=signing_key.key,
            algorithms=["RS256"],
            options={ xxx }
        )
        print(f"decoded_token: {decoded_token}")

        kinde_client.configuration.access_token = token
        details = kinde_client.get_user_details() ###. THIS WONT WORK ###
        print(f"details: {details}")
    ....


@app.get("/backend/api")
async def api(
    user = Depends(verify_token)
):
    try:
    ...
7 Replies
Ages
Ages3mo ago
Hi @dig5549 , Thank you for reaching out. I understand that you're trying to retrieve user data from an access token generated by the React SDK and you’re implementing JWT-based authentication in your Python FastAPI backend. It seems that you're looking for a way to decode the access token and retrieve user details. Let me have a look at this in more detail. I'll get back to you as soon as I can with more specific guidance. In the meantime, if you have any additional questions, feel free to share. Best regards, Ages
dig
digOP3mo ago
Yes, that's what i want to ask. I have conducted additional research on this. From my research, I understand that the python sdk only allows user data to be retrieved at the time the callback is processed on the backend. As an alternative, it is possible to retrieve user data from the frontend api https://docs.kinde.com/kinde-apis/frontend/#tag/oauth/get/oauth2/v2/user_profile Please let me know if my understanding is correct. If it is, it would be great if the python sdk can also retrieve user data from the user's access token. As a more urgent request, I would like to ask you to check this one. https://discord.com/channels/1070212618549219328/1317584602230947931/1317584602230947931 @Ages
Kinde docs
Kinde Frontend API
The frontend API is for managing the currently signed-in user. It includes getting their profile and revoking tokens
Ages
Ages3mo ago
Hi @dig , Your understanding is correct—the Python SDK primarily retrieves user data at the time of callback processing on the backend. For user data retrieval via the frontend, using the endpoint you referenced is indeed a valid approach: Frontend API - User Profile. Regarding your suggestion to extend the Python SDK functionality to retrieve user data from an access token, I’ll pass this feedback along to our team for consideration. To keep our conversation organized, I kindly request that we consolidate all further discussions in the thread you mentioned here: Support Thread. This will help us address your questions more efficiently. Please feel free to reach out there, and I’ll ensure we continue assisting you promptly.
Kinde docs
Kinde Frontend API
The frontend API is for managing the currently signed-in user. It includes getting their profile and revoking tokens
Ages
Ages2mo ago
Hi @dig , Could you try the following steps to retrieve user data from an access token. You can decode the token to extract the user details, Here’s how you can decode the JWT in Python:
import jwt def decode_access_token(token: str, secret_key: str): try: decoded_token = jwt.decode(token, secret_key, algorithms=["HS256"]) return decoded_token except jwt.ExpiredSignatureError: raise Exception("Token has expired") except jwt.InvalidTokenError: raise Exception("Invalid token")
Make sure to replace secret_key with the appropriate key used to sign the JWT. Verify the Token: Ensure that the token is valid and hasn't expired. You can use the decode_access_token function to verify the token. Retrieve User Data: After decoding the token, you can access the user details embedded in it. For example:
decoded_token = decode_access_token(token, secret_key) user_id = decoded_token.get("user_id") user_email = decoded_token.get("email") # You can retrieve other user details as needed
Key Considerations: - Token Signing Algorithm: Ensure that the algorithm used to sign the JWT matches the one specified in your decoding function (e.g., HS256). - Secret Key: The secret_key used for decoding should be the same key that was used to sign the JWT. - Error Handling: Implement appropriate error handling to manage scenarios such as token expiration or invalid tokens. For more detailed information on handling JWTs and integrating with Kinde, you can refer to the official documentation: Kinde React SDK Documentation Kinde Python SDK Documentation By following these steps, you should be able to retrieve user data from the access token in your Python FastAPI backend. Let me know if this helps or if you have any further questions
Kinde docs
React SDK
Our developer tools provide everything you need to get started with Kinde.
Kinde docs
Python SDK
Our developer tools provide everything you need to get started with Kinde.
Ages
Ages2mo ago
Hi @dig , I hope you've had a chance to try the steps I shared for decoding the access token in Python. Please let me know if you've encountered any issues or have any further questions. Otherwise, we will proceed with closing this ticket. Feel free to reach out if you need any further assistance.
dig
digOP2mo ago
This feature is required so once I could confirm this func is supported, I'll try @Ages https://discord.com/channels/1070212618549219328/1317584602230947931
Zaki
Zaki2mo ago
Hi @dig, just checking in—any update from your side?

Did you find this page helpful?