K
Kinde5w ago
ATOM

React Kinde with FastAPI python

I have react application and I'm using there react sdk for kinde with provider. Now i have access token from react app My goal is to grab this access token from react app pass it into Headers and make an API call to my FastAPI python backend. How i can validate this access token on my backend ?
3 Replies
Claire Mahoney
Claire Mahoney5w ago
Hi there, Thanks for your question. Here's how you can handle access token validation between your React frontend and FastAPI backend using Kinde: --- Frontend – React: Use the Kinde React SDK to retrieve the access token and include it in the Authorization header when making API requests to your backend: 
const { getAccessToken } = useKindeAuth();
const fetchData = async () => {
try {
const accessToken = await getAccessToken();
const res = await fetch('<your-api-endpoint>', {
headers: {
Authorization: Bearer ${accessToken},
},
});
const { data } = await res.json();
console.log({ data });
} catch (err) {
console.error(err);
}
};
const { getAccessToken } = useKindeAuth();
const fetchData = async () => {
try {
const accessToken = await getAccessToken();
const res = await fetch('<your-api-endpoint>', {
headers: {
Authorization: Bearer ${accessToken},
},
});
const { data } = await res.json();
console.log({ data });
} catch (err) {
console.error(err);
}
};
--- Backend – FastAPI (Python): To validate the token on your FastAPI server, follow these steps: 1. Install the Kinde SDK: 
pip install kinde-python-sdk
pip install kinde-python-sdk
2. Configure the Kinde client: 
from kinde_sdk import Configuration
from kinde_sdk.kinde_api_client import GrantType, KindeApiClientconfiguration = Configuration(host=KINDE_HOST)
kinde_api_client_params = {
"configuration": configuration,
"domain": KINDE_HOST,
"client_id": KINDE_CLIENT_ID,
"client_secret": KINDE_CLIENT_SECRET,
"grant_type": GRANT_TYPE,
"callback_url": KINDE_REDIRECT_URL,
}
kinde_client = KindeApiClient(**kinde_api_client_params)
from kinde_sdk import Configuration
from kinde_sdk.kinde_api_client import GrantType, KindeApiClientconfiguration = Configuration(host=KINDE_HOST)
kinde_api_client_params = {
"configuration": configuration,
"domain": KINDE_HOST,
"client_id": KINDE_CLIENT_ID,
"client_secret": KINDE_CLIENT_SECRET,
"grant_type": GRANT_TYPE,
"callback_url": KINDE_REDIRECT_URL,
}
kinde_client = KindeApiClient(**kinde_api_client_params)
3. Validate the access token: 
if kinde_client.is_authenticated_token(access_token):
# Token is valid – proceed with your logic
if kinde_client.is_authenticated_token(access_token):
# Token is valid – proceed with your logic
--- Additional Notes: - Make sure your API is registered in the Kinde dashboard. - Define an audience for your API – this ensures the token includes the correct aud claim. - When using the React SDK, the audience is typically set automatically. - Keep in mind: the kinde_client instance stores the access token internally, so you’ll need to create one per user session. Let me know if you'd like help setting up the audience or if you run into any issues during integration.
ATOM
ATOMOP4w ago
in which format it's accept access token in kinde_client.is_authenticated_token?
Claire Mahoney
Claire Mahoney4w ago
Hi, The is_authenticated_token method expects the access token in raw JWT string format. If you're using the React SDK, you'll receive the correct format automatically when calling getAccessToken(). You can refer to the documentation here:
🔗 https://docs.kinde.com/developer-tools/sdks/frontend/react-sdk/#test-sign-up Here’s an example of what the token might look like: 
eyJhbGciOiJIUzI1...
eyJhbGciOiJIUzI1...
This is the raw JWT string you should send from the React frontend to your Python backend. On the backend, you can extract the token from the Authorization header and pass it directly to is_authenticated_token(): 
# Example in Python
access_token = request.headers.get('Authorization').replace('Bearer ', '')
if kinde_client.is_authenticated_token(access_token):
    # Continue processing
# Example in Python
access_token = request.headers.get('Authorization').replace('Bearer ', '')
if kinde_client.is_authenticated_token(access_token):
    # Continue processing
The token includes standard JWT claims like aud, exp, and iss, which Kinde validates internally when you call this method. Let me know if you need help implementing this or debugging a specific case!

Did you find this page helpful?