Kinde - 502 errors for AU region auth – Incident details

All systems operational

502 errors for AU region auth

Resolved
Major outage
Started 8 days agoLasted about 1 hour

Affected

AU region

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

Authentication

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

Custom domains

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

Email delivery

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

Management API

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

New user registration

Major outage from 12:25 AM to 12:33 AM, Operational from 12:33 AM to 12:35 AM, Partial outage from 12:35 AM to 1:04 AM, Degraded performance from 1:04 AM to 1:23 AM

Updates
  • Postmortem
    Postmortem

    At 10:15 AEST on 27 May 2025, a DDoS attack targeting Kinde's application endpoints caused timeout errors for customers in the AU region for approximately 45 minutes and intermittently for customers in the US region. The team mitigated the attack by blocking malicious traffic and implementing further anti-DDoS measures. From the period between 10:00 and 11:15, hundreds of millions of requests were blocked. Kinde will continue working with our cloud service and security providers to ensure that customer impact to our services is minimised.

  • Resolved
    Resolved

    Customer domains are back online. The team are actively monitoring all systems still. We experienced a DDoS for approximately 30 minutes and have been working with our cloud providers to mitigate the attack. More information will be provided via customer channels.

  • Monitoring
    Monitoring

    Customer domains are functioning. The team is actively monitoring still.

  • Identified
    Identified

    Some customers are still getting 5xx errors, we are continuing to work on a fix for this incident.

  • Monitoring
    Monitoring

    We implemented a fix and are currently continuing to monitor.

  • Investigating
    Investigating
    We are currently investigating this incident.