# Kinde (Modern Authentication) MCP

> Kinde (Modern Authentication) MCP manages user identities, organizational structures, roles, and permissions directly from your AI agent. You can programmatically create new users, fetch specific profiles by ID, list every account in a tenant, or audit the full permission set across multiple organizations. This is for automating identity lifecycle management without leaving your primary IDE.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** authentication, user-management, rbac, iam, kinde

## Description

Need to handle user accounts, group memberships, and permissions without opening the Kinde console? This MCP connects your authentication environment directly into your agent. You get natural language control over core IAM tasks, letting you manage everything from listing all users to creating a new organization profile, all through conversation.

If you're working with multi-tenant systems, this tool lets you quickly scope operations by managing organizational boundaries and roles. When paired with Vinkius, your AI client gets access to this full catalog of developer tools, meaning you don't need a dozen different integrations just to manage user accounts or check permissions. You simply talk to your agent, and it handles the rest of the heavy lifting.

## Tools

### create_organization
Creates an entirely new organization profile in Kinde.

### create_user
Adds a brand-new user account using the required payload details.

### get_user
Fetches all current data associated with a specific user ID.

### list_organizations
Retrieves an index of every organization configured in the account.

### list_permissions
Lists all available granular permissions that can be assigned to users or roles.

### list_roles
Retrieves a catalog of existing user roles within the Kinde project.

### list_users
Generates a list containing basic information for all active users.

### update_user
Modifies specific data fields or permissions on an existing user account.

## Prompt Examples

**Prompt:** 
```
List all users in my Kinde environment.
```

**Response:** 
```
I've retrieved the user list. You have 15 active users. Notable entries include 'John Doe' (ID: kp_123) and 'Jane Smith' (ID: kp_456). Would you like details on a specific user?
```

**Prompt:** 
```
Show me all organizations configured in Kinde.
```

**Response:** 
```
Fetching organizations... I found 3 organizations: 'Acme Corp' (org_1), 'Globex' (org_2), and 'Soylent Corp' (org_3).
```

**Prompt:** 
```
Get the details for user ID kp_987654321.
```

**Response:** 
```
Inspecting user kp_987654321... This is 'Alice Wonderland'. Email: alice@example.com. Status: Active. Last login: 2 hours ago.
```

## Capabilities

### Audit entire user base
Fetch lists of all users or specific roles across your connected Kinde environment.

### Manage organizational boundaries
Create new tenants and list existing organizations to keep multi-tenant environments separated.

### Provision accounts
Create new user profiles by supplying necessary details directly through the agent's prompt.

### Check specific identities
Retrieve detailed records for a single user profile using their ID.

### Update existing data
Modify attributes or permissions on an already established user account.

## Use Cases

### Auditing a client's access rights
A support agent needs to confirm if a user has 'billing admin' privileges. They prompt their agent: 'Show me all permissions for ID kp_123.' The agent calls get_user and cross-references the results with list_permissions, giving them an immediate answer without logging into the backend.

### Setting up a new internal team
A DevOps engineer needs to provision three accounts for a pilot group. They ask their agent: 'Create three users and place them in the Beta Org.' The agent uses create_organization first, then calls create_user multiple times with necessary details.

### Debugging permission issues
A developer notices a feature failing due to insufficient access. They prompt: 'What roles can I assign to this user?' The agent runs list_roles and lists_permissions, showing the exact required permissions needed for the fix.

### Cleaning up old accounts
A system administrator needs a full roster of active users before an audit. They simply prompt: 'List all users.' The agent executes list_users and returns a clean, actionable list directly into their terminal or IDE.

## Benefits

- Instead of navigating multiple admin consoles, you can manage user profiles and permissions by calling get_user or update_user through natural conversation.
- Set up multi-tenant environments faster. Use create_organization to define a new scope, then use list_organizations to confirm its creation before adding users.
- Avoid manual auditing errors. The MCP lets you run list_roles and list_permissions at once, giving you a full picture of what access is even possible in the system.
- Fix test accounts instantly. Need to update user information? Use update_user directly via your agent, specifying the ID and the field changes needed.
- Speed up onboarding. You can use create_user and then immediately check their status using get_user, all within one continuous chat session.

## How It Works

The bottom line is you don't need to switch context; your AI client handles the API calls while you stay in your coding environment.

1. Subscribe to this MCP and provide your Kinde Domain and Access Token.
2. Your AI client authenticates with Vinkius, granting it access to the connected identity management layer.
3. You issue a natural language command (e.g., 'List all users for Acme Corp'), and the agent invokes the appropriate underlying tool.

## Frequently Asked Questions

**How do I use the list_users tool in Kinde (Modern Authentication) MCP?**
Just ask your agent to 'List all users.' The MCP runs list_users, providing a quick summary of every account without you having to navigate the UIs.

**Can I use get_user to check if an ID is valid?**
Yes. Running get_user on a specific user ID validates both its existence and retrieves all associated data points, confirming the account's current state.

**What is the difference between list_roles and list_permissions in Kinde (Modern Authentication) MCP?**
list_roles shows defined job titles (like 'Admin' or 'Basic'), while list_permissions gives you the granular rights associated with those jobs, like 'can_read_reports'.

**Does create_user require a full set of details?**
It depends on your payload. You must provide user details for creation; check the tool documentation to see which fields are mandatory based on your organization's policy.

**How does using list_organizations help me manage multi-tenant environments?**
It retrieves a full catalog of all configured organizations within your account. This allows you to verify which distinct client domains are set up, ensuring that user creation or role updates target the correct isolated tenant.

**If a user changes their job title or access level, how do I use the update_user tool?**
The `update_user` tool lets you modify specific fields for an existing account. You just need to provide the unique user ID and the data payload with the updated values you want to apply.

**When should I use the create_organization tool instead of adding users?**
Use this when you need to establish an entirely separate, isolated business unit or client tenant. This action scopes all subsequent user and role creations correctly within that new organizational boundary.

**How can I cross-reference what permissions are granted by a specific role?**
First, you use `list_roles` to find the name of the role. Then, you reference that role name against the results from `list_permissions`. This shows exactly which access rights belong to that defined role.

**Can I create a new user directly through the AI?**
Yes! Use the `create_user` tool by providing the necessary data payload (email, name, etc.). The agent will interface with Kinde to provision the account immediately.

**How do I audit the roles available in my Kinde environment?**
Simply ask the agent to run the `list_roles` tool. It will retrieve all defined roles, allowing you to verify access levels and configurations.

**Is it possible to update an existing user's information?**
Yes, you can use the `update_user` tool. You'll need to provide the `user_id` and the specific fields you wish to modify in the data payload.