In this tutorial, you will learn how to set up simple passwordless authentication using Kinde.
This feature will help you secure your app content visible only to authenticated users.
What you will need:
In your Figma design, you will need to design and set up a sign in page.
The top layer frame must have the [page:login] Bravo Tag. Additionally. You need to add a Sign in button with the [action:login] Bravo Tag.
In our example, we are creating a company directory which is only accessible to authenticated users. Using the prototyping tool, we select what will be the first page an authenticated user will see. For that we add the Flow 1 to the corresponding page:
We are now ready to import our design to Bravo Studio.
You can create a free Kinde account here. These steps are really important since you will use some of this info later.
After creating your account, you start by selecting from scratch and follow the instructions.
Select "Other back end”.
Add Bravo Studio, although this step is optional.
In this example we will choose email as the way your users will authenticate.
Next, choose “no thanks”. You won't connect your code base.
At this stage, we have set up our Kinde account and kinde app.
Now, we need to add “Allowed callback URLs” to our Kinde app. In order to do this we need to view details of our Kinde app and get these URLs from Bravo Studio where we will also switch on our authentication integration.
In Bravo Studio, inside your newly imported project, go to Integrations.
In the Integrations tab, enable OAuth 2.0 and click “Show” in order to see the Bravo callback URL’s.
Copy all three URL’s (one by one) and add them to your Kinde app list of “Allowed callback URL’s”. To do this, in Kinde, click on view details of your app.
Enter the Bravo call back URL’s:
🚨Make sure none of the URL’s end with “/’.
Once you have added the callback URL’s you can click “Save”.
Next, we will add our Kinde Client ID and Client Secret key to our Bravo Studio authentication configuration. You will also find them in your Kinde app detail page:
Enter your Client ID and Client Secret key in your Bravo Studio project Authentication configuration. You will notice that some fields are also required on this page therefore keep this window open for now since we will retrieve the missing fields (Authorize URL, Token URL and User Info URL from our Xano set up later.
To make this step easier, we have created a Xano Snippet for you. If you haven't created your Xano account yet, follow these steps. If you already have one, you can jump to the Snippet installation step.
Sign up and go through the Xano onboarding process.
Select build an app.
Select start from scratch:
Name your workspace, select front-end, select Bravo Studio and hit create workspace:
This snippet allows Bravo Studio to connect to external oauth providers like Kinde or Auth0 and does a token exchange.
Install Snippet 👉 https://www.xano.com/snippet/18XwHRV2
Add to you Xano account:
Add to your Instance:
Go to your Instance:
Head to Marketplace and select Purchased to further configure the Snippet:
Select the snippet and hit install snippet:
Go to Manage snippet:
Back in Kinde app details, copy your Domain:
Insert your domain in Environment Variables (without https://) and hit save.
By now, our installed snippet has created our Oauth API end points which we will copy and add them to our Oauth 2.0 configuration in the Bravo Studio authentication tab.
In Xano, go to API:
Select the GET auth/me API end point:
Copy API end point:
Add the copied API endpoint to User Info URL in Bravo Studio authentication configuration:
Back in Xano, hit back and select the GET external_auth API end point and also, copy its API endpoint and add it to Bravo Studio:
Lastly, in Xano, head back to your API group and select the external_token API end point. Copy the API endpoint and add it to Token URL field in Bravo Studio:
While in Bravo, we will also fill the Scope with: "openid email profile offline" and hit “Save”:
We continue in Xano for one last step. We go back to our API’s and select to open our external_token API endpoint:
We click to expand section 2. Function stack and scroll down till 1.8 and click to open:
Once open, we make sure to select our External_user table with its corresponding table number and click save.
In order to reflect the changes, you must hit the publish button:
Next, we will create a Data Collection in Bravo Studio and add our GET auth/me API endpoint. To do this, In Bravo, go to the Data Tab:
Create a new collection from scratch:
Name your Data collection:
Open the Data collection settings:
Move over to the Authentication options and select: “ Use settings application (OAuth2) and click save:
Back in Xano, copy the auth/me API end point. For this again we go to API’s, select to open auth/me end point:
Hit copy API end point:
Back in Bravo Studio, we add the copied API end point to our GET request and we hit “Send”:
At this point, Bravo may redirect you to Kinde to sign in and authenticate via Kinde which at this point if everything is set up correctly, you will see that the received data is coming back under Received Data:
Watch the full tutorial here:
.svg){kind=logo}
