Xkit

The xkit Developer Hub

Welcome to the xkit developer hub. You'll find comprehensive guides and documentation to help you start working with xkit as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

User Groups

Many times when adding integrations to your app, you'll want multiple users in a company, organization, or team to share the same connection to a 3rd party service. Xkit enables this through a feature called Groups.

Enabling Groups

In order to use the Groups feature, you have to enable it in your Application settings.

  1. Visit Application Settings in the Xkit Developer Portal
  2. Turn the switch labeled "Groups" to the on position (to the right)

Turning this setting on will change some of the behavior of Xkit: read on to understand how it will impact your application.

Adding users to groups

You can add one of your users to a group either while provisioning that user for the first time, or you can update them after they have already been provisioned.

Both cases work the same way: include the user's Group ID during provisioning, either as a claim on a Token Issuer, or using the external_group_id parameter when Provisioning Users via API.

If the user already exists, they will be added to the group. It's important to note that any connections that the user has will be accessible to their new group, regardless of any group membership at the time the connection was made. Likewise, the group a user belonged to previously will no longer have access to that user's connections if they leave the group.

In general, you should avoid having users switch groups unless it is part of a larger migration strategy.

Even if you are using the Groups feature, you can have users without groups and Xkit will continue working normally.

Shared Connection Status

For users in groups, the status that they see (either in the embedded catalog, or what is exposed in the xkit.js SDK) will reflect the status of the group. So if another group member has created a connection to a service, they will see the status of that connection.

No Access Tokens on the front-end

Using the Groups feature disables the delivery of Access Tokens to the front-end via xkit.js. This is a security measure as delivering access tokens would result in leaking one user's tokens to another.

To retrieve access tokens, you should instead use the Get Group Connection API.

Get Group Connection API

When using Groups, you can use the Get Group Connection API endpoint, which allows you to retrieve the connection status and access tokens / API keys for the group rather than any one individual. It works just like the Get User Connection endpoint, but uses the external_group_id you assigned when provisioning your users.

Updated about a month ago

User Groups


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.