logoSemaphor

Authentication

Set up Kinde to manage user authentication for Semaphor Self-Hosted Edition

📘 This guide walks you through creating a Kinde account to authenticate your organization's users who will be logging into the Semaphor console. Note: You don't need to configure your product's end users (who access embedded Semaphor dashboards) in Kinde - they are managed separately through your application.

What you'll set up

  • A Kinde account and business
  • A Kinde application for your product (Next.js example)
  • Authentication methods for your users
  • Environment variables to connect your app to Kinde

1) Create your Kinde account and business

  1. Go to kinde.com and sign up or sign in.
  2. Enter your Business details:
    • Business name
    • Kinde domain (subdomain)
    • Region where your data will be stored
  3. When prompted, choose Start project from scratch.

Kinde Business Details


2) Create your application

  1. Choose Next.js as your framework. Kinde Application Details
  2. Select the login options you want to offer to your users, such as email and password, social login. Kinde Login Options
  3. If asked to scaffold a new Next.js project, select "No thanks".

3) Review your Kinde dashboard

After onboarding, you'll land on your Kinde home screen.

Kinde Home Screen

  • Open your app by clicking View details on "My NextJs App".
  • Navigate to the App keys section.

Kinde App Keys

You'll need the following values:

  • Client ID
  • Client secret
  • Issuer URL (your Kinde domain)

4) Configure environment variables in your app

Add the values from App keys to your application's environment.

KINDE_CLIENT_ID=<your_kinde_client_id>
KINDE_CLIENT_SECRET=<your_kinde_client_secret>
KINDE_ISSUER_URL=https://<your_kinde_subdomain>.kinde.com

For Next.js, place these in a .env.local file and restart your dev server.


5) How user provisioning works

  • Kinde stores your organization's admin users who need access to the Semaphor console.
  • When a team member signs in through Sempahor console, a user record is created or updated in your Kinde.
  • Semaphor validates the ID token from Kinde to grant console access.
  • Note: Your product's end users (who view embedded dashboards) authenticate through your application, not Kinde.

On this page