James
KKinde
•Created by James on 3/15/2024 in #💻┃support
React-admin front-end and Next edge-runtime back-end - which SDKs/applications and how to auth API?
Yes, as well as a React front-end, there are also direct consumers of my REST APIs, so they each need to authenticateb to get an audience/scope too. I've implemented support for an x-api-key auth in my Nezt middleware that creates a JWT, but it occurred to me that this is something that Kinde could support as an extension of the M2M model, as you have almost all the pièces to offer a more secure oauth version with audience permissions, etc.
9 replies
KKinde
•Created by James on 3/15/2024 in #💻┃support
React-admin front-end and Next edge-runtime back-end - which SDKs/applications and how to auth API?
Thanks @Andre @ Kinde - I'm already using using the audience claim between my front-end and back-end. But I was more referring to the authentication of 3rd party M2M consumers of my APIs - am I correct assuming that Kinde doesn't currently support this use case (as there's only à single Client ID & secret provided)? If so, support for managing additional 3rd party M2M creds (oauth or api key) would be an awesome addition! Is it on the roadmap?
9 replies
KKinde
•Created by James on 3/15/2024 in #💻┃support
React-admin front-end and Next edge-runtime back-end - which SDKs/applications and how to auth API?
Thanks @Andre @ Kinde - I've gone ahead and rolled my own Next middleware that verifies & decodes the front-end Kinde token as you suggest and all is working well.
Two open questions I still have from your docs though
- If I also implement your Flutter SDK for a mobile app, should I create another Kinde application for that or should I re-use the same one as my React front-end?
- Is the M2M auth flow only applicable to accessing your Kinde management API or can it also be used to manage access to my own APIs? My understanding is that it's just the former, but I just wanted to double check!
Thanks again
9 replies