Ages Comments - Answer Overflow

Topics

Ages

•Created by Pranay on 3/6/2025 in #💻┃support

Kinde, Supabase, and React Native

Hi Pranay, I’ll take a look on my side and test using the token issued by Kinde directly in Supabase. In the meantime, as a temporary solution, you might consider setting up a server-side proxy. This proxy would: - Validate the JWT: Use Kinde’s public key (or JWKS endpoint) to verify the token. - Forward Requests: Once validated, forward the request to Supabase with a secure server-side credential. This approach lets you bridge the gap while you work on integrating external JWT validation directly in Supabase via its custom JWT settings. Please feel free to ask if you have any questions or need further clarification on this temporary setup

7 replies

•Created by sassydinosaur on 3/10/2025 in #💻┃support

Getting 500 errors suddenly whenever redirecting to /api/auth/login on nextjs 14+

Hi there, Thanks for sharing the details. To help us further, could you please provide screenshots of your configuration settings from both your local environment and your AWS (SST) deployment? Also, are you using a custom domain in your deployment? In the meantime, as a temporary workaround, you might try wrapping the call to the auth handler in a try/catch block to ensure a response is always returned. For example:

import { NextResponse } from 'next/server'
import { kindeAuth } from '@kinde-oss/kinde-auth-nextjs'

export async function GET(request) {
  try {
    const response = await kindeAuth(/* your configuration object */)(request)
    if (!response) {
      console.error('kindeAuth did not return a response')
      return NextResponse.error()
    }
    return response
  } catch (error) {
    console.error('Error in /api/auth/login:', error)
    return NextResponse.error()
  }
}

import { NextResponse } from 'next/server'
import { kindeAuth } from '@kinde-oss/kinde-auth-nextjs'

export async function GET(request) {
  try {
    const response = await kindeAuth(/* your configuration object */)(request)
    if (!response) {
      console.error('kindeAuth did not return a response')
      return NextResponse.error()
    }
    return response
  } catch (error) {
    console.error('Error in /api/auth/login:', error)
    return NextResponse.error()
  }
}

This can help catch errors and ensure that a valid response is returned even if something goes wrong. Once we see your configuration screenshots and learn more about your setup (including whether you’re using a custom domain), we can provide more targeted guidance.

5 replies

•Created by Pranay on 3/7/2025 in #💻┃support

jwtVerify from node express needs an audience

Hi Pranay, It seem the error occurs because the audience parameter in your login request isn’t whitelisted in your Kinde Dashboard settings. If you're accessing Kinde’s APIs via machine-to-machine (M2M) authentication, you should use {your_domain}.kinde.com/api as the audience. However, if you're using a custom domain for authentication, you'll need to add your custom domain as an API under Settings > API and then whitelist it in your application settings. Please try this update and let us know if you need further assistance

5 replies

•Created by Pranay on 3/7/2025 in #💻┃support

jwtVerify from node express needs an audience

Hi Pranay, Thanks for the detailed reproduction steps. Based on the error message, it does appear that the audience you’re providing might not be whitelisted for your OAuth 2.0 client. I’m going to discuss this with my team to confirm if whitelisting the audience is required and get back to you with a definitive solution.

5 replies

•Created by RavS94 on 3/9/2025 in #💻┃support

How to actually get started with Expo?

Hi there, It sounds like the confusion is coming from mixing two different SDKs: - @kinde-oss/react-native-sdk-0-7x is built for native React Native projects. - @kinde/expo is tailored for Expo-managed projects. Since you’re using Expo, the recommended approach is to use @kinde/expo. Here’s a temporary solution to get you started: 1. Install the Expo SDK:

   npm install @kinde/expo

   npm install @kinde/expo

2. Wrap Your App with the Kinde Provider: In your App.js (or main entry file), set up the provider like this:

   import { KindeAuthProvider } from '@kinde/expo';
   
   export default function App() {
     return (
       <KindeAuthProvider
         config={{
           domain: "your-app.kinde.com",   // Your Kinde domain
           clientId: "your-client-id",       // Your Kinde client ID
           scopes: "openid profile email offline", // Default scopes
         }}
       >
         {/* Your app components go here */}
       </KindeAuthProvider>
     );
   }

   import { KindeAuthProvider } from '@kinde/expo';
   
   export default function App() {
     return (
       <KindeAuthProvider
         config={{
           domain: "your-app.kinde.com",   // Your Kinde domain
           clientId: "your-client-id",       // Your Kinde client ID
           scopes: "openid profile email offline", // Default scopes
         }}
       >
         {/* Your app components go here */}
       </KindeAuthProvider>
     );
   }

3. Implement Authentication with the Provided Hook: Use the useKindeAuth hook to handle login, registration, and logout in your components:

   import { useKindeAuth } from '@kinde/expo';
   import { Button, View } from 'react-native';
   
   export default function Authentication() {
     const kinde = useKindeAuth();
   
     return !kinde.isAuthenticated ? (
       <View>
         <Button title="Sign In" onPress={() => kinde.login({})} />
         <Button title="Sign Up" onPress={() => kinde.register({})} />
       </View>
     ) : (
       <Button title="Logout" onPress={() => kinde.logout({ revokeToken: true })} />
     );
   }

   import { useKindeAuth } from '@kinde/expo';
   import { Button, View } from 'react-native';
   
   export default function Authentication() {
     const kinde = useKindeAuth();
   
     return !kinde.isAuthenticated ? (
       <View>
         <Button title="Sign In" onPress={() => kinde.login({})} />
         <Button title="Sign Up" onPress={() => kinde.register({})} />
       </View>
     ) : (
       <Button title="Logout" onPress={() => kinde.logout({ revokeToken: true })} />
     );
   }

I hope this clears up the confusion and gets you moving forward with your Expo project. Let me know if you have any other questions

2 replies

•Created by Tito on 2/25/2025 in #💻┃support

<appname> Wants to Use "kinde.com" to Sign In popup in ios expo

Hi Tito, To clarify: 1. The native flow with token exchange via our API is available on our standard plans. An Enterprise plan is only required if you need advanced customizations or additional security features beyond the basic native integration. 2. We’ve consolidated our native flow examples into our main SDK documentation and repositories. For an Expo project, you can review our native integration guide here:
Expo & React Native SDK Documentation
This guide includes code snippets and details on the native sign-in flow along with token exchange. Additionally, are you able explore our React Native SDK repository on GitHub - Kinde React Native SDK ? I hope these resources help. If you have any more questions or need further assistance, please don’t hesitate to ask.

7 replies

•Created by sassydinosaur on 3/10/2025 in #💻┃support

Getting 500 errors suddenly whenever redirecting to /api/auth/login on nextjs 14+

Hi there, Thanks for providing the error details. To help us diagnose the issue more effectively, could you please let us know: 1. Which version of the Kinde SDK are you currently using? 2. Are you deploying your app to a staging or production environment? This information will help us pinpoint the problem. Thanks

5 replies

•Created by arundquist on 1/19/2025 in #💻┃support

NEXT_PUBLIC_KINDE_AUTH_API_PATH and kinde middleware

Hi, could you please check it now and let me know if the issue still persists? Also, please keep in mind that upgrading to the latest version might help resolve any potential issues.

8 replies

•Created by bl0ckchain_brat on 3/9/2025 in #💻┃support

Feature flag is not working

Hi, thanks for sharing! Could you please confirm which version of the Next.js SDK you're using?

5 replies

•Created by Martin on 3/7/2025 in #💻┃support

React v5 migration

Thank you for your feedback Martin! We appreciate you taking the time to share your experience. We'll review the issues you've encountered and get back to you as soon as possible. If you have any additional details that might help with the investigation, please feel free to share them. Thanks again!

3 replies

•Created by Pranay on 3/7/2025 in #💻┃support

jwtVerify from node express needs an audience

Hi Pranay, The error you're encountering—"Cannot destructure property 'audience' of 't' as it is undefined"—is typically triggered when the verifier expects an audience claim in the token but doesn't find one. This means that either the token generated by your client doesn’t include the expected aud claim, or the verifier isn’t being provided with the correct options to validate it. In fact, similar issues have been discussed in community forums. For instance, users on Answer Overflow have noted that when the token’s aud claim is missing or empty (even though it appears correctly when generated via the Kinde portal), the jwtVerify middleware fails because it tries to destructure an undefined audience field. They suggest double-checking your API configuration in the Kinde dashboard to ensure the audience is correctly set and that your client requests the token with the proper audience parameter. Additionally, verify that you’re using the latest version of the SDK, as updates may include fixes or better error messages for these scenarios. For more context, you can refer to discussions like this one: https://www.answeroverflow.com/m/1342410814795157575 I hope this helps clarify the issue. If you need further assistance or additional troubleshooting steps, please let me know

5 replies

•Created by __maxom__ on 2/16/2025 in #💻┃support

@kinde-oss/kinde-auth-react compatibility with React 19

Hi, Thanks for your patience. A new version of @kinde-oss/kinde-auth-react (5.0.2) has been released, which is compatible with React 19. Kindly check it out and let us know if you need any further assistance.

5 replies

•Created by Pranay on 3/6/2025 in #💻┃support

Kinde, Supabase, and React Native

Hi Pranay, Thanks for reaching out. Based on your description, while your previous approach of manually checking the logged-in user on each server action can work, it’s not the most robust or secure solution for production. For your React Native app, the recommended approach is to leverage the JWT token issued by Kinde. Here’s how you can streamline your integration: 1. Set up Row Level Security on your Supabase tables. With RLS enabled, you can define policies that automatically verify that a request’s JWT token (typically the sub claim) matches the intended user. This offloads security checks to the database layer and minimizes manual intervention. 2. After a user authenticates via Kinde, you’ll receive a JWT token. Pass this token to your Supabase client. Supabase can then validate the token against your RLS policies, ensuring that only authorized users can access or modify data. 3. This approach is more secure and maintainable compared to manually checking user credentials on every server action. It also aligns with best practices by using built-in security features provided by Supabase and Kinde. In summary, yes—the main way to move forward is via the JWT token. By enabling RLS and configuring your Supabase client to use the JWT from Kinde, you’ll achieve a more robust and secure integration. Let me know if you need any further details or have additional questions

7 replies

•Created by scottwbk on 3/5/2025 in #💻┃support

Playwright based authentication errors - in vercel preview environment

Hi Scott, Thanks for providing the additional details.

The error indicating a state mismatch (e.g., "Received: … | Expected: …") typically points to an issue with how cookies or session data are maintained between requests. In automated tests with Playwright—especially in a Vercel preview environment—it’s important to ensure that your testing setup is using a persistent browser context. This guarantees that cookies and session storage are retained throughout the authentication flow. Without this, the state parameter used during the initial authentication request might not be preserved, leading to the mismatch error. The CORS error you're seeing suggests that the OAuth endpoint at https://flowt-dev.us.kinde.com isn’t allowing requests from your Vercel preview URL (https://flowt-by77214to-flowt.vercel.app). Please verify that your OAuth client configuration in the Kinde dashboard includes your Vercel preview URL as an allowed origin and as part of the authorized redirect URIs. Adjusting these settings should resolve the preflight CORS issue.
Regarding the version upgrade issue from 2.5.1 to 2.5.3, the module resolution error you encountered might be due to compatibility issues with your current environment or test setup. If the 2.5.1 version is working reliably (aside from the testing-specific issues), you might consider staying on that version.
I hope these suggestions help resolve the issues. If you need any further assistance or have more questions, feel free to reach out.

5 replies

•Created by MALEV0L3NT on 3/4/2025 in #💻┃support

Give administrator access to all orgs

Thanks for clarifying. Will the Admin create the org? How will the org be created by you or by automation?

9 replies

•Created by scottwbk on 3/5/2025 in #💻┃support

Playwright based authentication errors - in vercel preview environment

Hi, Thanks for bringing this issue to our attention. I see you’re encountering a state mismatch error during authentication in the Vercel preview environment when running your Playwright tests. To help diagnose and resolve this, could you please provide some additional details? - Which version of the Kinde SDK are you currently using? - Is the error occurring every time you run your Playwright tests, or does it happen intermittently? - Have you noticed any discrepancies between your local development environment and the Vercel preview (e.g., environment variables, session storage, or caching settings)? - Does the authentication flow work as expected when not using Playwright? For example, if you manually sign in via the preview URL, does it complete without a state mismatch? - Are there any customizations in your authentication or state management setup that might be affecting the state parameter between requests? This will help us pinpoint the cause of the state mismatch error and offer a more targeted solution. Looking forward to your response.

5 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

I think it might be best to go with search on email, which should then return the user id you need to add to the specific org

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

Yeah, I think with getting users you would then have to search through to see if a user with that email exists, which could be a problem if the number of users gets too large

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

Then if the user needs to be added to an org you can use this API endpoint https://docs.kinde.com/kinde-apis/management/#tag/organizations/post/api/v1/organizations/{org_code}/users

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

I think Maxim is looking to grab the user based on an inputted email address so something like detecting if an email address is already in use

I think in this case you can use https://docs.kinde.com/kinde-apis/management/#tag/search to grab a user via their email if they exist

93 replies