Skip to main content

Overview

Kinde is an authentication and user management platform for modern SaaS applications. It supports social logins, email/SMS, passwordless, and MFA out of the box. This guide shows how to integrate Kinde with InsForge by signing a separate JWT server-side, since Kinde does not support custom JWT signing keys.
  • Live Demo — A sample app using Kinde authentication with InsForge
  • Source Code — GitHub repository for the sample app

Prerequisites

  • An InsForge project (self-hosted or cloud)
  • A Kinde account and application

Step 1: Create a Kinde Application

  1. Log in to your Kinde Dashboard
  2. Select Add application
  3. Name your application and choose Back-end web as the type
  4. Select Next.js from the SDK list
  5. Configure callback URLs:
    • Allowed callback URL: http://localhost:3000/api/auth/kinde_callback
    • Allowed logout redirect URL: http://localhost:3000
  6. Enable desired authentication methods (Email, Google, etc.) under Authentication
  7. Under App Keys, note down the Domain, Client ID, and Client Secret

Step 2: Set Up Your InsForge Project

Create a new project or link an existing one:
Then get your project credentials:
Note down the URL and Anon Key from the InsForge dashboard. You’ll use the JWT Secret from the CLI output in a later step to sign tokens for InsForge.

Step 3: Set Up Your Application

Install the required dependencies:
Add environment variables to .env.local:
Create the Kinde auth API route at app/api/auth/[kindeAuth]/route.js:

Step 4: Set Up InsForge Integration

Ask your agent to complete the following steps:

1. Create the InsForge client utility

This creates a server-side utility (lib/insforge.ts) that gets the Kinde user via getKindeServerSession(), signs a JWT with the InsForge secret, and passes it as edgeFunctionToken.

2. Create the database schema

This creates the requesting_user_id() helper function (since Kinde user IDs are strings, not UUIDs) and a todos table with Row Level Security policies.

3. Build the todo list page

This creates a page that uses the InsForge client to manage todos. RLS ensures users only see their own data.

Step 5: Run Your Application

Open http://localhost:3000 and sign up with a new user through Kinde.
Since authentication is handled entirely by Kinde, you will not see any users in the InsForge dashboard under Auth > Users. User records are managed in the Kinde Dashboard — check Users there to confirm the sign-up was successful.
InsForge Auth Users — empty because Kinde manages users