fix(management): resolve management API client issues

[brettchaldecott]

Explain your changes

• Fix management client functionality and error handling
• Update example app to demonstrate proper usage
• Update project configuration for compatibility

Checklist

• I have read the “Pull requests” section in the contributing guidelines.
• I agree to the terms within the code of conduct.

🛟 If you need help, consider asking for advice over in the Kinde community.

[coderabbitai]

Walkthrough

The changes update the response type mappings for several API endpoints within the ManagementClient class, ensuring that the deserialization of responses aligns with the correct models. Additionally, the FastAPI example app is updated to use the ManagementClient for fetching user data and displaying it in the authenticated home route.

Changes

File(s)	Change Summary
kinde_sdk/management/management_client.py	Updated RESPONSE_TYPES for users, permissions, and feature_flags endpoints to use new or more accurate response models for deserialization.
kinde_fastapi/examples/example_app.py	Modified authenticated route to instantiate ManagementClient using environment variables and display user count from get_users() in the HTML response.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant FastAPI_App
    participant ManagementClient
    participant Kinde_Management_API

    User ->> FastAPI_App: Access authenticated home route
    FastAPI_App ->> ManagementClient: Instantiate with env variables
    FastAPI_App ->> ManagementClient: Call get_users()
    ManagementClient ->> Kinde_Management_API: GET /users
    Kinde_Management_API -->> ManagementClient: UsersResponse
    ManagementClient -->> FastAPI_App: UsersResponse data
    FastAPI_App -->> User: Render HTML with user data

Loading

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (2)

kinde_fastapi/examples/example_app.py (2)

11-11: Remove unnecessary semicolon.

-from kinde_sdk.management import ManagementClient;
+from kinde_sdk.management import ManagementClient

---

43-48: Consider moving ManagementClient instantiation outside the route handler.

Creating a new ManagementClient instance on every request is inefficient. Consider creating it once during app initialization or using dependency injection.

Move the client creation to module level:

# Initialize Kinde OAuth with FastAPI framework
kinde_oauth = OAuth(
    framework="fastapi",
    app=app
)

+# Initialize Management Client (validate env vars first)
+def create_management_client():
+    domain = os.getenv("KINDE_DOMAIN")
+    client_id = os.getenv("KINDE_MANAGEMENT_CLIENT_ID")
+    client_secret = os.getenv("KINDE_MANAGEMENT_CLIENT_SECRET")
+    
+    if not all([domain, client_id, client_secret]):
+        return None
+    
+    return ManagementClient(
+        domain=domain,
+        client_id=client_id,
+        client_secret=client_secret
+    )
+
+management_client = create_management_client()

Then in the route handler:

-        management_client = ManagementClient(
-            domain=os.getenv("KINDE_DOMAIN"),
-            client_id=os.getenv("KINDE_MANAGEMENT_CLIENT_ID"),
-            client_secret=os.getenv("KINDE_MANAGEMENT_CLIENT_SECRET")
-        )
+        if not management_client:
+            return """
+            <html>
+                <body>
+                    <h1>Configuration Error</h1>
+                    <p>Missing required environment variables for management client.</p>
+                    <a href="/logout">Logout</a>
+                </body>
+            </html>
+            """

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3527354 and 1933356.

⛔ Files ignored due to path filters (1)

• pyproject.toml is excluded by !**/*.toml

📒 Files selected for processing (2)

• kinde_fastapi/examples/example_app.py (3 hunks)
• kinde_sdk/management/management_client.py (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

kinde_fastapi/examples/example_app.py (2)

Learnt from: brettchaldecott
PR: kinde-oss/kinde-python-sdk#83
File: kinde_sdk/auth/claims.py:35-49
Timestamp: 2025-07-03T13:05:24.796Z
Learning: In the Kinde Python SDK v2, the TokenManager.get_claims() method internally handles token lookups with a fallback strategy - it first tries to get claims from access_token_claims and falls back to id_token_claims if access token claims are unavailable. The token_type parameter in Claims class methods (get_claim, get_all_claims) is therefore not used because the TokenManager abstracts away the token selection logic.

Learnt from: brettchaldecott
PR: kinde-oss/kinde-python-sdk#83
File: kinde_sdk/auth/feature_flags.py:85-102
Timestamp: 2025-07-04T07:09:21.430Z
Learning: In the Kinde Python SDK v2, the maintainer (brettchaldecott) prefers to keep async keywords on methods in the feature flags module even when they don't currently perform await operations, as this approach has been tested and is preferred for the SDK's design.

🪛 Ruff (0.11.9)

kinde_fastapi/examples/example_app.py

11-11: Statement ends with an unnecessary semicolon

Remove unnecessary semicolon

(E703)

🔇 Additional comments (3)

kinde_sdk/management/management_client.py (3)

111-112: Verified existence of response models

UsersResponse and User classes are defined and imported correctly:

• kinde_sdk/model/users_response.py & kinde_sdk/management/models/users_response.py: class UsersResponse
• kinde_sdk/model/user.py & kinde_sdk/management/models/user.py: class User

The updated mappings in management_client.py align with these definitions. LGTM.

---

133-135: Confirmed response types are defined and imported correctly

– Permissions is defined in
• kinde_sdk/management/models/permissions.py
• kinde_sdk/model/permissions.py
– SuccessResponse is defined in
• kinde_sdk/management/models/success_response.py
• kinde_sdk/model/success_response.py

These classes are also imported throughout the management client and API modules. No further changes needed.

---

140-142: Response types verified in codebase
Both GetFeatureFlagsResponseDataFeatureFlagsInner and SuccessResponse are defined in their respective model modules and correctly imported in management_client.py. No further changes needed.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

kinde_fastapi/examples/example_app.py (1)

11-11: Remove unnecessary semicolon.

The semicolon at the end of the import statement is unnecessary in Python and should be removed.

-from kinde_sdk.management import ManagementClient;
+from kinde_sdk.management import ManagementClient

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1933356 and 2e81d6c.

📒 Files selected for processing (1)

• kinde_fastapi/examples/example_app.py (3 hunks)

🧰 Additional context used

🧠 Learnings (1)

kinde_fastapi/examples/example_app.py (2)

Learnt from: brettchaldecott
PR: kinde-oss/kinde-python-sdk#83
File: kinde_sdk/auth/claims.py:35-49
Timestamp: 2025-07-03T13:05:24.796Z
Learning: In the Kinde Python SDK v2, the TokenManager.get_claims() method internally handles token lookups with a fallback strategy - it first tries to get claims from access_token_claims and falls back to id_token_claims if access token claims are unavailable. The token_type parameter in Claims class methods (get_claim, get_all_claims) is therefore not used because the TokenManager abstracts away the token selection logic.

Learnt from: brettchaldecott
PR: kinde-oss/kinde-python-sdk#83
File: kinde_sdk/auth/feature_flags.py:85-102
Timestamp: 2025-07-04T07:09:21.430Z
Learning: In the Kinde Python SDK v2, the maintainer (brettchaldecott) prefers to keep async keywords on methods in the feature flags module even when they don't currently perform await operations, as this approach has been tested and is preferred for the SDK's design.

🪛 Ruff (0.11.9)

kinde_fastapi/examples/example_app.py

11-11: Statement ends with an unnecessary semicolon

Remove unnecessary semicolon

(E703)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: unittest (3.10)
• GitHub Check: unittest (3.11)
• GitHub Check: unittest (3.12)
• GitHub Check: unittest (3.13)
• GitHub Check: unittest (3.9)

🔇 Additional comments (2)

kinde_fastapi/examples/example_app.py (2)

43-70: Excellent implementation of error handling and environment variable validation.

This implementation properly addresses the concerns from previous reviews:

• Environment variables are validated before use
• The ManagementClient instantiation is properly handled
• API calls are wrapped in try-catch blocks with appropriate error logging
• Graceful fallback behavior is implemented when API calls fail
• The hasattr check provides defensive programming for the response object

The code demonstrates best practices for using the ManagementClient in a production environment.

---

79-79: Proper user count display implementation.

The user count is now displayed correctly with a clear label, addressing the previous concern about the misleading "tokens:" label and avoiding exposure of raw API response data.