AlexanderO
KKinde
•Created by AlexanderO on 4/18/2024 in #💻┃support
How to protect APIs for SaaS with API-first approach?
Let's assume we have main API backend with business logic and access to database. Also we have Next.js application (with React Server Components) which act as client to this API (without database access). Kinde is connected with Next.js client. Customer can use this API via our Next.js client or directly. I can create new M2M application per each user and share client id and client secret of this application with my customer. Or I can generate API key instead. Anyway, how to link this application or API keys to users and get related user by application id or API key (do request to Kinde from auth middleware on API backend side)?.. Can I implement it somehow via Kinde? Or must I create new microservice and add relations between Kinde users with application ids or API keys there?
7 replies