Xytric
KKinde
•Created by Wesley (ByteGrad + Kinde) on 3/17/2024 in #💻┃support
Next.js with separate backend - which SDK to use?
I verify the audience, signing algorithm (RS256) and the issuer claims. You could even take it a step further and include non-standard claims as Kinde also sends along permissions in the access token (and more parameters if configured in the applications’ token settings). This is useful for restricting certain API routes for users which for example have an admin role or are in a specific organisation. Though if you only need simple protection theres a jwtVerify function middleware in their Express sdk which protects routes and provides a user id in the request. https://kinde.com/docs/developer-tools/express-sdk/#verify-jwt
5 replies
KKinde
•Created by Wesley (ByteGrad + Kinde) on 3/17/2024 in #💻┃support
Next.js with separate backend - which SDK to use?
Use nextjs for user facing authentication, send requests as an authenticated user with the raw access tokens as bearer token to your backend for requests (getAccessTokenRaw from kindeserversession or from the use browser client hook), then, on your server simply verify the token using kindes jwks url. You can use your own simple middleware to do this (use a library like jose for node). I believe kinde has examples on this. I am currently using this using golang instead of node for the backend and it works great.
5 replies