K
Kinde2mo ago
__maxom__

Kinde Management API with custom domain

Hi Kinde team, Wanted to check if it is possible to use the Kinde Management API with a custom domain. I've tried creating an API but I'm unable to add any scopes to it. There is a default Kinde Management API with the Audience https://<app>.kinde.com/api I have enabled custom domain and I was wondering if we can use https://customdomain/api instead ?
5 Replies
__maxom__
__maxom__OP2mo ago
Error I get 
{"status":403,"statusText":"Forbidden","message":{"errors":[{"code":"INVALID_CREDENTIALS","message":"Invalid credentials used to access API"},{"code":"MISSING_AUDIENCE","message":"Missing or incorrect Management API audience"}]}}
{"status":403,"statusText":"Forbidden","message":{"errors":[{"code":"INVALID_CREDENTIALS","message":"Invalid credentials used to access API"},{"code":"MISSING_AUDIENCE","message":"Missing or incorrect Management API audience"}]}}
const response = await fetch(this.KINDE_OAUTH_TOKEN_URI, {
      method: "POST",
      headers: {
        "content-type": "application/x-www-form-urlencoded",
      },
      body: new URLSearchParams({
        audience: this.KINDE_MANAGEMENT_API,
        grant_type: "client_credentials",
        client_id: this.KINDE_M2M_CLIENT_ID,
        client_secret: this.KINDE_M2M_CLIENT_SECRET,
      }),
    });
const response = await fetch(this.KINDE_OAUTH_TOKEN_URI, {
      method: "POST",
      headers: {
        "content-type": "application/x-www-form-urlencoded",
      },
      body: new URLSearchParams({
        audience: this.KINDE_MANAGEMENT_API,
        grant_type: "client_credentials",
        client_id: this.KINDE_M2M_CLIENT_ID,
        client_secret: this.KINDE_M2M_CLIENT_SECRET,
      }),
    });
KINDE_OAUTH_TOKEN_URI (/oauth2/token) with custom domain works but KINDE_MANAGEMENT_API with custom domain does not work. If I create an API with the custom domain, I cannot assign any scopes until I upgrade to the plus or scale plan but I'm not sure if it will offer the scopes provided in the default API
TotalScrub
TotalScrub2mo ago
I found with the Management API even without a custom domain I can't add scopes. It was a while ago so I can't remember the exact error I got, but I believe it was that error message or something similar. Not adding scopes to the Management API fixed it for me. It still respected the scopes that were configured against the API (i.e. I would get failures if I tried to call a Kinde API endpoint that I hadn't configured permissions to) Maybe try without adding scopes and see if that works?
Claire Mahoney
Claire Mahoney2mo ago
Hi, thanks for reaching out! Even with a custom domain configured, you will still need to use your Kinde domain (https://<your_subdomain>.kinde.com) to access the Kinde Management API and machine-to-machine applications. Regarding API scopes, custom scopes can only be added if you are on the Kinde Plus or Scale plan. Let me know if anything needs further clarification!
__maxom__
__maxom__OP2mo ago
If I create a new API with the custom domain, I can get the token without adding the scopes but I get unauthorized errors when trying to access the management API. It does make sense because it does not have the scopes in it (similar to the scopes present in the one Kinde provides in the default management API). Thanks for your response though. Appreciate it. Will continue with the Kinde domain itself. Thanks
Claire Mahoney
Claire Mahoney2mo ago
You're very welcome! Glad I could help clarify things. If there's anything else you need or if you have any feedback for Kinde, feel free to let me know — happy to help!

Did you find this page helpful?