Kinde Webhooks API
Create, list, update, and delete webhook endpoints that receive Kinde events (user, organization, and other lifecycle events), enumerate the available event types, and retrieve individual delivered events.
Create, list, update, and delete webhook endpoints that receive Kinde events (user, organization, and other lifecycle events), enumerate the available event types, and retrieve individual delivered events.
openapi: 3.0.0
info:
title: Kinde Management API
version: '1'
description: The Kinde Management API programmatically manages a Kinde business - users, organizations,
roles, permissions, feature flags, applications, connections, APIs and scopes, subscribers, properties,
webhooks, and billing. Base URL is subdomain-scoped to your business (https://{subdomain}.kinde.com/api/v1).
Authenticated with a Bearer JWT access token obtained via the OAuth2 client_credentials flow from
a machine-to-machine (M2M) application. This document is grounded in the official Kinde Management
API specification (https://api-spec.kinde.com/kinde-management-api-spec.yaml).
contact:
name: Kinde Support Team
email: support@kinde.com
url: https://docs.kinde.com
termsOfService: https://docs.kinde.com/trust-center/agreements/terms-of-service/
servers:
- url: https://{subdomain}.kinde.com
variables:
subdomain:
default: your_kinde_subdomain
description: The subdomain generated for your business on Kinde.
tags:
- name: API Keys
- name: APIs
- name: Applications
- name: Billing Entitlements
- name: Billing Agreements
- name: Billing Meter Usage
- name: Business
- name: Industries
- name: Timezones
- name: Callbacks
- name: Connected Apps
- name: Connections
- name: Directories
- name: Environments
- name: Environment variables
- name: Feature Flags
- name: Identities
- name: Organizations
- name: MFA
- name: Permissions
- name: Properties
- name: Property Categories
- name: Roles
- name: Search
- name: Subscribers
- name: Users
- name: Webhooks
components:
securitySchemes:
kindeBearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: Requires an access token obtained using the OAuth2 client_credentials flow from an
authorized M2M application.
security:
- kindeBearerAuth: []
paths:
/api/v1/api_keys:
get:
tags:
- API Keys
summary: Get API keys
operationId: getApiKeys
description: "Returns a list of API keys.\n\n<div>\n <code>read:api_keys</code>\n</div>"
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 50 if parameter not sent.
schema:
type: integer
- name: starting_after
in: query
description: The ID of the API key to start after.
schema:
type: string
- name: key_type
in: query
description: Filter by API key type (organization or user).
schema:
type: string
- name: status
in: query
description: Filter by API key status (active, inactive, revoked).
schema:
type: string
- name: user_id
in: query
description: Filter by user ID to get API keys associated with a specific user.
schema:
type: string
- name: org_code
in: query
description: Filter by organization code to get API keys associated with a specific organization.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- API Keys
summary: Create API key
operationId: createApiKey
description: "Create a new API key.\n\n<div>\n <code>create:api_keys</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/api_keys/{key_id}:
get:
tags:
- API Keys
summary: Get API key
operationId: getApiKey
description: "Retrieve API key details by ID.\n\n<div>\n <code>read:api_keys</code>\n</div>"
parameters:
- name: key_id
in: path
required: true
description: The ID of the API key.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
put:
tags:
- API Keys
summary: Rotate API key
operationId: rotateApiKey
description: "Rotate an API key to generate a new key while maintaining the same permissions and\
\ associations.\n\n<div>\n <code>update:api_keys</code>\n</div>"
parameters:
- name: key_id
in: path
required: true
description: The ID of the API key to rotate.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- API Keys
summary: Delete API key
operationId: deleteApiKey
description: "Delete an API key.\n\n<div>\n <code>delete:api_keys</code>\n</div>"
parameters:
- name: key_id
in: path
required: true
description: The ID of the API key.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/api_keys/verify:
post:
tags:
- API Keys
summary: Verify API key
operationId: verifyApiKey
description: Verify an API key (public endpoint, no authentication required).
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis:
get:
tags:
- APIs
summary: Get APIs
operationId: getAPIs
description: "Returns a list of your APIs. The APIs are returned sorted by name.\n\n<div>\n <code>read:apis</code>\n\
</div>"
parameters:
- name: expand
in: query
description: 'Additional data to include in the response. Allowed value: "scopes".'
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- APIs
summary: Create API
operationId: addAPIs
description: "Register a new API. For more information read [Register and manage APIs](https://docs.kinde.com/developer-tools/your-apis/register-manage-apis/).\n\
\n<div>\n <code>create:apis</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}:
get:
tags:
- APIs
summary: Get API
operationId: getAPI
description: "Retrieve API details by ID.\n\n<div>\n <code>read:apis</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
summary: Delete API
operationId: deleteAPI
description: "Delete an API you previously created.\n\n<div>\n <code>delete:apis</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/scopes:
get:
tags:
- APIs
summary: Get API scopes
operationId: getAPIScopes
description: "Retrieve API scopes by API ID.\n\n<div>\n <code>read:api_scopes</code>\n</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- APIs
summary: Create API scope
operationId: addAPIScope
description: "Create a new API scope.\n\n<div>\n <code>create:api_scopes</code>\n</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/scopes/{scope_id}:
get:
tags:
- APIs
summary: Get API scope
operationId: getAPIScope
description: "Retrieve API scope by API ID.\n\n<div>\n <code>read:api_scopes</code>\n</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
- name: scope_id
in: path
required: true
description: Scope ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
patch:
tags:
- APIs
summary: Update API scope
operationId: updateAPIScope
description: "Update an API scope.\n\n<div>\n <code>update:api_scopes</code>\n</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
- name: scope_id
in: path
required: true
description: Scope ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
summary: Delete API scope
operationId: deleteAPIScope
description: "Delete an API scope you previously created.\n\n<div>\n <code>delete:apis_scopes</code>\n\
</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
- name: scope_id
in: path
required: true
description: Scope ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/applications:
patch:
tags:
- APIs
summary: Authorize API applications
operationId: updateAPIApplications
description: "Authorize applications to be allowed to request access tokens for an API\n\n<div>\n\
\ <code>update:apis</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/apis/{api_id}/applications/{application_id}/scopes/{scope_id}:
post:
tags:
- APIs
summary: Add scope to API application
operationId: addAPIApplicationScope
description: "Add a scope to an API application.\n\n<div>\n <code>create:api_application_scopes</code>\n\
</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
- name: application_id
in: path
required: true
description: Application ID
schema:
type: string
- name: scope_id
in: path
required: true
description: Scope ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- APIs
summary: Delete API application scope
operationId: deleteAPIApplicationScope
description: "Delete an API application scope you previously created.\n\n<div>\n <code>delete:apis_application_scopes</code>\n\
</div>"
parameters:
- name: api_id
in: path
required: true
description: API ID
schema:
type: string
- name: application_id
in: path
required: true
description: Application ID
schema:
type: string
- name: scope_id
in: path
required: true
description: Scope ID
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications:
get:
tags:
- Applications
summary: Get applications
operationId: getApplications
description: "Get a list of applications / clients.\n\n<div>\n <code>read:applications</code>\n\
</div>"
parameters:
- name: sort
in: query
description: Field and order to sort the result by.
schema:
type: string
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
- name: next_token
in: query
description: A string to get the next page of results if there are more results.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- Applications
summary: Create application
operationId: createApplication
description: "Create a new client.\n\n<div>\n <code>create:applications</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}:
get:
tags:
- Applications
summary: Get application
operationId: getApplication
description: "Gets an application given the application's ID.\n\n<div>\n <code>read:applications</code>\n\
</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
patch:
tags:
- Applications
summary: Update Application
operationId: updateApplication
description: "Updates a client's settings. For more information, read [Applications in Kinde](https://docs.kinde.com/build/applications/about-applications)\n\
\n<div>\n <code>update:applications</code>\n</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- Applications
summary: Delete application
operationId: deleteApplication
description: "Delete a client / application.\n\n<div>\n <code>delete:applications</code>\n</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/connections:
get:
tags:
- Applications
summary: Get connections
operationId: GetApplicationConnections
description: "Gets all connections for an application.\n\n<div>\n <code>read:application_connections</code>\n\
</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier/client ID for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/connections/{connection_id}:
post:
tags:
- Applications
summary: Enable connection
operationId: EnableConnection
description: "Enable an auth connection for an application.\n\n<div>\n <code>create:application_connections</code>\n\
</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier/client ID for the application.
schema:
type: string
- name: connection_id
in: path
required: true
description: The identifier for the connection.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- Applications
summary: Remove connection
operationId: RemoveConnection
description: "Turn off an auth connection for an application\n\n<div>\n <code>delete:application_connections</code>\n\
</div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier/client ID for the application.
schema:
type: string
- name: connection_id
in: path
required: true
description: The identifier for the connection.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/properties:
get:
tags:
- Applications
summary: Get property values
operationId: getApplicationPropertyValues
description: "Gets properties for an application by client ID.\n\n<div>\n <code>read:application_properties</code>\n\
</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/properties/{property_key}:
put:
tags:
- Applications
summary: Update property
operationId: updateApplicationsProperty
description: "Update application property value.\n\n<div>\n <code>update:application_properties</code>\n\
</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{application_id}/tokens:
patch:
tags:
- Applications
summary: Update application tokens
operationId: updateApplicationTokens
description: "Configure tokens for an application.\n <div>\n <code>update:application_tokens</code>\n\
\ </div>"
parameters:
- name: application_id
in: path
required: true
description: The identifier/client ID for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/billing/entitlements:
get:
tags:
- Billing Entitlements
summary: Get billing entitlements
operationId: getBillingEntitlements
description: "Returns all the entitlements a billing customer currently has access to\n\n<div>\n\
\ <code>read:billing_entitlements</code>\n</div>"
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
- name: starting_after
in: query
description: The ID of the billing entitlement to start after.
schema:
type: string
- name: ending_before
in: query
description: The ID of the billing entitlement to end before.
schema:
type: string
- name: customer_id
in: query
required: true
description: The ID of the billing customer to retrieve entitlements for
schema:
type: string
- name: max_value
in: query
description: When the maximum limit of an entitlement is null, this value is returned as the maximum
limit
schema:
type: string
- name: expand
in: query
description: 'Additional plan data to include in the response. Allowed value: "plans".'
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/billing/agreements:
get:
tags:
- Billing Agreements
summary: Get billing agreements
operationId: getBillingAgreements
description: "Returns all the agreements a billing customer currently has access to\n\n<div>\n \
\ <code>read:billing_agreements</code>\n</div>"
parameters:
- name: page_size
in: query
description: Number of results per page. Defaults to 10 if parameter not sent.
schema:
type: integer
- name: starting_after
in: query
description: The ID of the billing agreement to start after.
schema:
type: string
- name: ending_before
in: query
description: The ID of the billing agreement to end before.
schema:
type: string
- name: customer_id
in: query
required: true
description: The ID of the billing customer to retrieve agreements for
schema:
type: string
- name: feature_code
in: query
description: The feature code to filter by agreements only containing that feature
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- Billing Agreements
summary: Create billing agreement
operationId: createBillingAgreement
description: "Creates a new billing agreement based on the plan code passed, and cancels the customer's\
\ existing agreements\n\n<div>\n <code>create:billing_agreements</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/billing/meter_usage:
post:
tags:
- Billing Meter Usage
summary: Create meter usage record
operationId: createMeterUsageRecord
description: "Create a new meter usage record\n\n<div>\n <code>create:meter_usage</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/business:
get:
tags:
- Business
summary: Get business
operationId: getBusiness
description: "Get your business details.\n\n<div>\n <code>read:businesses</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
patch:
tags:
- Business
summary: Update business
operationId: updateBusiness
description: "Update your business details.\n\n<div>\n <code>update:businesses</code>\n</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/industries:
get:
tags:
- Industries
summary: Get industries
operationId: getIndustries
description: "Get a list of industries and associated industry keys.\n\n<div>\n <code>read:industries</code>\n\
</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/timezones:
get:
tags:
- Timezones
summary: Get timezones
operationId: getTimezones
description: "Get a list of timezones and associated timezone keys.\n\n<div>\n <code>read:timezones</code>\n\
</div>"
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{app_id}/auth_redirect_urls:
get:
tags:
- Callbacks
summary: List Callback URLs
operationId: getCallbackURLs
description: "Returns an application's redirect callback URLs.\n\n<div>\n <code>read:applications_redirect_uris</code>\n\
</div>"
parameters:
- name: app_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
post:
tags:
- Callbacks
summary: Add Redirect Callback URLs
operationId: addRedirectCallbackURLs
description: "Add additional redirect callback URLs.\n\n<div>\n <code>create:applications_redirect_uris</code>\n\
</div>"
parameters:
- name: app_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
put:
tags:
- Callbacks
summary: Replace Redirect Callback URLs
operationId: replaceRedirectCallbackURLs
description: "Replace all redirect callback URLs.\n\n<div>\n <code>update:applications_redirect_uris</code>\n\
</div>"
parameters:
- name: app_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
delete:
tags:
- Callbacks
summary: Delete Callback URLs
operationId: deleteCallbackURLs
description: "Delete callback URLs.\n\n<div>\n <code>delete:applications_redirect_uris</code>\n\
</div>"
parameters:
- name: app_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
- name: urls
in: query
required: true
description: Urls to delete, comma separated and url encoded.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
'403':
description: Forbidden
'429':
description: Too many requests - rate limited
security:
- kindeBearerAuth: []
/api/v1/applications/{app_id}/auth_logout_urls:
get:
tags:
- Callbacks
summary: List logout URLs
operationId: getLogoutURLs
description: "Returns an application's logout redirect URLs.\n\n<div>\n <code>read:application_logout_uris</code>\n\
</div>"
parameters:
- name: app_id
in: path
required: true
description: The identifier for the application.
schema:
type: string
responses:
'200':
description: OK
'400':
description: Bad request
# --- truncated at 32 KB (137 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/kinde-so/refs/heads/main/openapi/kinde-so-openapi.yml