Kinde

Simple, powerful authentication you can integrate in minutes. A new era for truly secure, developer oriented authentication. https://kinde.com/

RBAC is an access management protocol for assigning permissions. Groups of users are categorized into roles, under which they can access specific privileges within your org. It’s easy to set-up, scalable, and sets of permissions can be automatically applied to new users. We put together a short intro video to how you can use role-based access control in your Kinde application, see it here: https://lnkd.in/gSEB3JUc

👥 Multiple identities per user Congregate email, phone, social, and enterprise identities under a single user profile. Add trusted SSO providers that can automatically populate a profile with new identities. Learn more in the Kinde Docs: https://lnkd.in/g8MWqFpn

🤝 The Kinde & Supabase integration grows ever stronger https://lnkd.in/g5mainir

There are now 22 Kinde SDKs (and one more community-led ⚡️)

🤝 Supabase & Kinde You can combine Supabase RLS with Kinde Auth for end-to-end application security. Access the guides YouTube: https://lnkd.in/gFaBimgQ Written: https://lnkd.in/gF8_yihR

🙋 What are connected apps? (M2M) Many applications connect to third parties to perform a valuable action. Calendly connects to your Google Calendar to check your meetings and update your availability accordingly. When you create a Calendly account, they take you to Google and ask for authorization to take actions on your behalf, like viewing a calendar and creating a meeting. Once that connection is opened, it can pose a security risk. To mitigate that risk, Google closes the connection off directly after it is made. Now, whenever an action is to be taken, a machine-to-machine token transfer is required to verify the connection and the identity of the other parties involved; Calendly, and you. Managing connections Kinde Connected Apps maintain the connection between your application and the third party. Your user authorizes a connection to the third party and dictates what your application is allowed to do. When an action is triggered, a request is sent to the third party, and Kinde provides a token to verify that your user, and your application, are allowed to trigger that action. Kinde’s token management continues in perpetuity until the connection is deliberately closed. To add one, see the Kinde docs: https://lnkd.in/gAF2Gxy6

⚡️ Custom authentication options per org is GA Customize the primary authentication methods per organization; social logins, enterprise SSO, passwordless email or phone, password or username. Available for all Kinde Scale customers. MFA and custom domains per org features are on the way.

M2M Permissions (API Scopes) is now GA ⚡️ Implement custom API scopes to manage data access via M2M tokens, enhancing security with precise access control. Ensure only authorized machines can access specific API functionalities.

Advanced client secret rotation is GA ⚡️ When rotating your client secret, you can temporarily keep your existing secret live to prevent any breaking changes. View the doc: https://lnkd.in/gUqwQhPA