Based on the information provided, it seems you can use the Kinde Python SDK to handle authorization, retrieve roles, and get permissions on the API side using the JWT from the frontend. You don't need to handle all auth on the API side.
Here's how you can use the Python SDK to achieve this:
- First, install the Kinde Python SDK:
pip install kinde-python-sdk
- Initialize the Kinde API client in your Python backend:
from kinde_sdk import Configuration
from kinde_sdk.kinde_api_client import GrantType, KindeApiClient
configuration = Configuration(host=KINDE_HOST)
kinde_api_client_params = {
"configuration": configuration,
"domain": KINDE_HOST,
"client_id": KINDE_CLIENT_ID,
"client_secret": KINDE_CLIENT_SECRET,
"grant_type": GRANT_TYPE,
"callback_url": KINDE_REDIRECT_URL
}
kinde_client = KindeApiClient(**kinde_api_client_params)- Once you have the JWT from the frontend, you can use it to get user information, permissions, and organization details:
# Assuming you've set the JWT as the access token
kinde_client.configuration.access_token = jwt_from_frontend
# Get user details
user_details = kinde_client.get_user_details()
# Get user permissions
permissions = kinde_client.get_permissions()
# Get user's organization
organization = kinde_client.get_organization()
These methods will allow you to retrieve additional data from Kinde using the JWT from the frontend without having to handle all auth on the API side.
Remember to properly secure your API endpoints and validate the JWT before using it. The Kinde Python SDK should handle token validation internally when you use its methods.
For more detailed information on using the Kinde Python SDK, you can refer to the full documentation.
Thanks so much - I actually didn't see any information on manually setting the access_token anywhere in the docs. Going to implement this right now, will be back if I have more issues
This is the error i'm getting
What should I put for the request URL? Currently I am authenticating in my NextJS app
So from what I'm getting, do I have to do auth on the backend If I want to access permissions?
Instead of from my NextJS app
@Sam - Insider lets say I don't plan on using perms and roles in Kinde, should I just use JWT auth and query my own database using the sub key?
And otherwise is it impossible to set the access_token in the client manually as we tried above?
Let me try rephrase my question. Is it possible to have 2 applications which can validate tokens generated by each other AND also get user information from the kinde database (permissions) after validating those tokens?
@Sam - Insider let me know if this is possible
Don't see why not, as long as their a different application
Ok so I have a token generated by NextJS
How would I pass that token to my python app?
I have a kinde SDK setup in python just can't figure out how to give it the token
kinde does the auth, but you need to do that as its oth of your implemeantations
I might look into protocol handlers or exposing a local port or something
Right, but passing the token from one SDK to another should also be covered by the API
There’s no function to pass in a token received via API request to the kinde client
why would the nextjs sdk communicate with a python sdk when they're two completely different environments?
Next is the front end, python is the backend
Right but how I do read that JWT inside of the python SDK?
Once I’ve validated, how do I get permissions, etc from kinde?
This is my main issue right now, after validating not sure how to fetch that info - lmk if it’s possible all
You must correctly set all the env variables inside your .env file. This error states that you're missing the issuer_url. Go to your dashboard -> application -> get the env var there and paste them inside your .env file
I’ve played around with this code and it seems it’s not possible to manually set tokens
In theory if you've added the claim on what you want to appear in your token then you should get these info but if you're decoding the access token you should get at least the perms
