__maxom__ Comments - Answer Overflow

Topics

__maxom__

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

Additionally, my API layer interacts with the Kinde Management API with M2M tokens to perform actions. If I perform my DB operations for Kinde events from my API layer but also have webhooks enabled, then there would effectively be 2 write operations to my DB for the same event. To your point:

Webhooks are useful for actions that occur outside your application, e.g.  if you delete a user directly from within Kinde, webhooks offer the ability to keep your database in sync / trigger other processes e.g. deprovisioning (effectively like an inverted API). They're also useful for triggering processes in integrated applications (e.g. provisioning a user on another service on user creation) / updating a CRM.

Webhooks are useful for actions that occur outside your application, e.g.  if you delete a user directly from within Kinde, webhooks offer the ability to keep your database in sync / trigger other processes e.g. deprovisioning (effectively like an inverted API). They're also useful for triggering processes in integrated applications (e.g. provisioning a user on another service on user creation) / updating a CRM.

If webhooks are enabled and an action occurs inside my application, that will also trigger the webhook. So there is still overlap of functionality in this scenario. It feels like I either implement the DB operations based on API responses/callbacks from my API or use webhooks but not together. Is there a way to disable webhooks to create events if the call is from my management API but trigger them for actions outside of my application ? Similar to the error in this thread but provide it as a feature to end users. Because if I disable webhooks, I can manage the actions from my application API's but I lose the ability to manage outside actions. If I enable webhooks, I might face a similar issue discussed in this thread (do not know if/when this will happen again) So I think this is the help with direction I needed. Not sure if I have made it clearer or confused you with these messages

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

Also, I have a question regarding the callback especially after signup. In order to create a user in my DB, how do I identify if the event was a login or a signup. On both Signup and on login (with Google social provider signin), my onSuccess user object looks like:

{
    "id": "kp_xxxx",
    "givenName": "Name",
    "email": "email",
    "picture": "url"
}

{
    "id": "kp_xxxx",
    "givenName": "Name",
    "email": "email",
    "picture": "url"
}

My state is kinde:undefined

{}

{}

My context is:

{
    "isAuthenticated": false,
    "isLoading": true
}

{
    "isAuthenticated": false,
    "isLoading": true
}

My onError error is

{
    "error": "ERR_CODE_EXCHANGE",
    "errorDescription": "Token exchange failed: 500 - {\"error\":\"server_error\",\"error_description\":\"The authorization server encountered an unexpected condition that prevented it from fulfilling the request.\"}"
}

{
    "error": "ERR_CODE_EXCHANGE",
    "errorDescription": "Token exchange failed: 500 - {\"error\":\"server_error\",\"error_description\":\"The authorization server encountered an unexpected condition that prevented it from fulfilling the request.\"}"
}

state is

{
    "kinde": {
        "event": "login"
    }
}

{
    "kinde": {
        "event": "login"
    }
}

contex is

{
    "isAuthenticated": false,
    "isLoading": true
}

{
    "isAuthenticated": false,
    "isLoading": true
}

These values are same for both signup and login with Google (I've not tested email only auth flow btw and Google would be the preferred option anyways) How can I differentiate these events to write to my db only if it is a signup event ? On every auth attempt, do I have to check my DB every time if a user exists and if not create ? The webhooks are working fine for user events

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

Hi David, Thanks for your response. I've started implementing the changes to sync with DB from my application API's. Also my question around reliability of webhooks was mostly towards incidents where events are not being emitted similar to what happened in this chat and not in the scenarios of if the webhooks are actually working. When they work they are great. In retrospect, I should have reworded it better. My question was what checks and balances do you have in place to identify these issues like webhooks not emitting events and what remedies are in place to fix it with minimal downtime ? In this scenario, it looks like the faulty code made its way to prod without being detected in unit/integration tests/your review processes

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

Hi David, Thanks for the update. As of around UTC time 2025-04-01T11:48:38.823038+00:00 where I tested organization creation, orgainzation.deleted is not yet working. I will wait for some more time to test this out. Based on this experience, I have an application design question for you guys. Kinde is the centre of my application to store the true information about users and orgs. My application is heavily dependant on Kinde providing me the necessary information as all my db tables are dependant on the user kp id and the org's org code . Up until now I had a decoupled process where user and org interactions from my application for the scenarios of creating/updating/deleting users/organizations is separate from the processes of populating my DB i.e., the calls to populate/update/delete rows of the users and orgs tables in my DB to keep it in sync with Kinde was via webhooks instead of my application API's With this issue, I'm sort of rethinking my choices as keeping my DB in sync with Kinde is like the most crucial part of my application working. Now due to my choice of offloading auth functionality to Kinde and its core dependancy to my application, is it wise for me to depend on Kinde webhooks (keeping in mind that in IT, there is always an assumption that things will fail, only a matter of when, similar to this issue) for populating the users and orgs table ? Is it better to handle these DB operations from my application API based on Kinde responses so that my DB is always in sync and I can deterministically handle errors instead of depending on webhooks ? I feel I need to change my implementation to leverage this approach instead of webhooks. This leads me to the question of how reliable are Kinde webhooks and what is the best use for them. Need some design suggestion around approach as Kinde is core to my application and I should have a deterministic way of handling things. Thanks for the help.

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

This is Hono on CF Workers

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

In the console output you can see that the organization.created event timestamp is 2025-03-31T12:28:00.778346+00:00. This matches closely with the first request in the output. The second request in the output is a similar test of create + delete but you only see one event which was for create (The logs shared in my previous messages relate to the first request in the output) Below are my console outputs for ngrok:

Session Status                online                                                                 
Account                       Email                                     
Version                       3.22.0
Region                        Australia (au)                                      Latency                       16ms                                                Web Interface                 http://127.0.0.1:4040                               Forwarding                    https://01b8-159-196-168-111.ngrok-free.app -> http://localhost:8787   
                                            
Connections                   ttl     opn     rt1     rt5     p50     p90         
                              5       0       0.00    0.00    5.10    5.19                           
HTTP Requests                     
-------------                                                                 
23:28:01.174 AEDT POST /webhooks/kinde                   200 OK                   
23:25:56.271 AEDT POST /webhooks/kinde                   200 OK                   
23:23:18.636 AEDT GET  /apple-touch-icon.png             404 Not Found
23:23:18.636 AEDT GET  /apple-touch-icon-precomposed.png 404 Not Found
23:23:18.814 AEDT GET  /apple-touch-icon.png             404 Not Found 
23:23:18.636 AEDT GET  /favicon.ico                      404 Not Found

Session Status                online                                                                 
Account                       Email                                     
Version                       3.22.0
Region                        Australia (au)                                      Latency                       16ms                                                Web Interface                 http://127.0.0.1:4040                               Forwarding                    https://01b8-159-196-168-111.ngrok-free.app -> http://localhost:8787   
                                            
Connections                   ttl     opn     rt1     rt5     p50     p90         
                              5       0       0.00    0.00    5.10    5.19                           
HTTP Requests                     
-------------                                                                 
23:28:01.174 AEDT POST /webhooks/kinde                   200 OK                   
23:25:56.271 AEDT POST /webhooks/kinde                   200 OK                   
23:23:18.636 AEDT GET  /apple-touch-icon.png             404 Not Found
23:23:18.636 AEDT GET  /apple-touch-icon-precomposed.png 404 Not Found
23:23:18.814 AEDT GET  /apple-touch-icon.png             404 Not Found 
23:23:18.636 AEDT GET  /favicon.ico                      404 Not Found

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

Console Output:

npm run dev
Creating a new org
Request:
{
  "name": "Test",
  "handle": "test_ye22i9no",
  "feature_flags": {},
  "is_allow_registrations": true,
  "sender_name": "Test"
}
Retrieving Kinde Management API Token from Cache
Token is still valid, returning cached token
Response:
{
  "status": 200,
  "statusText": "OK",
  "message": {
    "code": "OK",
    "message": "Success",
    "organization": {
      "code": "org_4b95653655381"
    }
  }
}
[wrangler:inf] POST /v1/org 200 OK (575ms)
{
  "data": {
    "organization": {
      "code": "org_4b95653655381",
      "external_id": null,
      "handle": "test_ye22i9no",
      "name": "Test"
    }
  },
  "event_id": "event_0195ec2c4c07a60a4157668e4d8058ce",
  "event_timestamp": "2025-03-31T12:28:00.778346+00:00",
  "source": "api",
  "timestamp": "2025-03-31T12:28:01.139717285Z",
  "type": "organization.created"
}
[wrangler:inf] POST /webhooks/kinde 200 OK (94ms)
Deleting org with id: org_4b95653655381
Retrieving Kinde Management API Token from Cache
Token is still valid, returning cached token
Response:
{
  "status": 200,
  "statusText": "OK",
  "message": {
    "code": "ORGANIZATION_DELETED",
    "message": "Organization successfully deleted"
  }
}
[wrangler:inf] DELETE /v1/org/org_4b95653655381 200 OK (143ms)
╭───────────────────────────╮
│  [b] open a browser       │
│  [d] open devtools        │
│  [l] turn off local mode  │
│  [c] clear console        │
│  [x] to exit              │
╰───────────────────────────╯

npm run dev
Creating a new org
Request:
{
  "name": "Test",
  "handle": "test_ye22i9no",
  "feature_flags": {},
  "is_allow_registrations": true,
  "sender_name": "Test"
}
Retrieving Kinde Management API Token from Cache
Token is still valid, returning cached token
Response:
{
  "status": 200,
  "statusText": "OK",
  "message": {
    "code": "OK",
    "message": "Success",
    "organization": {
      "code": "org_4b95653655381"
    }
  }
}
[wrangler:inf] POST /v1/org 200 OK (575ms)
{
  "data": {
    "organization": {
      "code": "org_4b95653655381",
      "external_id": null,
      "handle": "test_ye22i9no",
      "name": "Test"
    }
  },
  "event_id": "event_0195ec2c4c07a60a4157668e4d8058ce",
  "event_timestamp": "2025-03-31T12:28:00.778346+00:00",
  "source": "api",
  "timestamp": "2025-03-31T12:28:01.139717285Z",
  "type": "organization.created"
}
[wrangler:inf] POST /webhooks/kinde 200 OK (94ms)
Deleting org with id: org_4b95653655381
Retrieving Kinde Management API Token from Cache
Token is still valid, returning cached token
Response:
{
  "status": 200,
  "statusText": "OK",
  "message": {
    "code": "ORGANIZATION_DELETED",
    "message": "Organization successfully deleted"
  }
}
[wrangler:inf] DELETE /v1/org/org_4b95653655381 200 OK (143ms)
╭───────────────────────────╮
│  [b] open a browser       │
│  [d] open devtools        │
│  [l] turn off local mode  │
│  [c] clear console        │
│  [x] to exit              │
╰───────────────────────────╯

As you can see there is no [wrangler:inf] POST /webhooks/kinde 200 OK after the DELETE

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

No description

17 replies

•Created by __maxom__ on 3/30/2025 in #💻┃support

Webhooks organization.deleted event has stopped working

I’m currently writing the code to sync kinde events with my db. For this, I have created multiple dummy orgs and deleted them using the kinde management API. I’m not seeing any delivery logs. This is a new webhook that i have created. Previously to test the webhooks functionality I used another dummy endpoint using ngrok and in those tests, the organisations events worked fine.

17 replies

•Created by __maxom__ on 3/19/2025 in #💻┃support

Kinde Management API with custom domain

Thanks

8 replies

•Created by __maxom__ on 3/19/2025 in #💻┃support

Kinde Management API with custom domain

If I create a new API with the custom domain, I can get the token without adding the scopes but I get unauthorized errors when trying to access the management API. It does make sense because it does not have the scopes in it (similar to the scopes present in the one Kinde provides in the default management API). Thanks for your response though. Appreciate it. Will continue with the Kinde domain itself.

8 replies

•Created by __maxom__ on 3/19/2025 in #💻┃support

Kinde Management API with custom domain

const response = await fetch(this.KINDE_OAUTH_TOKEN_URI, {
      method: "POST",
      headers: {
        "content-type": "application/x-www-form-urlencoded",
      },
      body: new URLSearchParams({
        audience: this.KINDE_MANAGEMENT_API,
        grant_type: "client_credentials",
        client_id: this.KINDE_M2M_CLIENT_ID,
        client_secret: this.KINDE_M2M_CLIENT_SECRET,
      }),
    });

const response = await fetch(this.KINDE_OAUTH_TOKEN_URI, {
      method: "POST",
      headers: {
        "content-type": "application/x-www-form-urlencoded",
      },
      body: new URLSearchParams({
        audience: this.KINDE_MANAGEMENT_API,
        grant_type: "client_credentials",
        client_id: this.KINDE_M2M_CLIENT_ID,
        client_secret: this.KINDE_M2M_CLIENT_SECRET,
      }),
    });

KINDE_OAUTH_TOKEN_URI (/oauth2/token) with custom domain works but KINDE_MANAGEMENT_API with custom domain does not work. If I create an API with the custom domain, I cannot assign any scopes until I upgrade to the plus or scale plan but I'm not sure if it will offer the scopes provided in the default API

8 replies

•Created by __maxom__ on 3/19/2025 in #💻┃support

Kinde Management API with custom domain

Error I get

{"status":403,"statusText":"Forbidden","message":{"errors":[{"code":"INVALID_CREDENTIALS","message":"Invalid credentials used to access API"},{"code":"MISSING_AUDIENCE","message":"Missing or incorrect Management API audience"}]}}

{"status":403,"statusText":"Forbidden","message":{"errors":[{"code":"INVALID_CREDENTIALS","message":"Invalid credentials used to access API"},{"code":"MISSING_AUDIENCE","message":"Missing or incorrect Management API audience"}]}}

8 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

Thanks Peter

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

This or get users

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

I’m still confused by your last couple responses but all good. I understand what I need to do to cater to my scenario. Thanks you all with the support

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

are you referring to how to login a user to a different org ?

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

Sorry I’m a bit confused with this response. How does it relate to the issue in this thread ? The sub in the token would be of the user who is trying to add members right and not of the users we want to add

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

I’ll probably do a db interaction first and then do kinde api checks as fallback

93 replies

•Created by __maxom__ on 3/1/2025 in #💻┃support

Adding an existing Kinde user to a new organisation

As I populate my db using webhooks, I’m just afraid there could be scenarios where my db is out of sync sometimes with Kinde as interacting with Kinde is mainly apis and populating my db with users is using webhooks. So that is why I was trying to rely on Kinde apis to do my checks and balances

93 replies