Thanks to visit codestin.com
Credit goes to blog.logto.io

Logto blog

Discover Logto and explore plenty of resources on authentication, authorization, identity management, open standards (OAuth, OpenID Connect, SAML), and more.

Featured posts

Cover

Changelogs

  • release

Logto product updates

Logto v1.36 brings wildcard redirect URI support for preview deployments, app-level token exchange control, trust unverified email option for OIDC connectors, and the ability to skip identifier collection for social sign-in.

Sijie
Sijie
Developer
Logto product updates

Product

  • logto
  • recap

Logto 2025: scaling and trust

Logto 2025: scaling and trust

Changelogs

  • release

Logto product updates

Logto product updates

All posts

  • Cover

    Product

    • identity management
    • enterprise
    • auth

    How to choose an identity provider: The engineering team's evaluation framework

    A practical IdP evaluation framework built from real enterprise requirements. Covers protocol depth, migration, multi-tenancy, AI-readiness, and the criteria most checklists miss.

    How to choose an identity provider: The engineering team's evaluation framework
  • Cover

    Tech

    • mcp-server
    • saas
    • ai-agent
    • developer-experience

    Remote MCP server in action: a new entry point for SaaS products in the AI era

    Learn how to build a Remote MCP Server for your SaaS product. We share our experience with MCP vs Agent Skills, OAuth integration, and MCP tools design.

    Remote MCP server in action: a new entry point for SaaS products in the AI era
  • Cover

    Product

    • mcp
    • ai
    • authentication

    Ship user authentication with one prompt: introducing Logto MCP Server

    Bring authentication into your app without bouncing between docs, dashboards, and SDK setup.

    Ship user authentication with one prompt: introducing Logto MCP Server
  • Cover

    Changelogs

    • release

    Logto product updates

    Logto v1.36 brings wildcard redirect URI support for preview deployments, app-level token exchange control, trust unverified email option for OIDC connectors, and the ability to skip identifier collection for social sign-in.

    Logto product updates
  • Cover

    Product

    • logto
    • recap

    Logto 2025: scaling and trust

    The best year yet for Logto. A recap of what we shipped, why enterprises chose Private Cloud, what we learned about reliability, and what’s next in 2026.

    Logto 2025: scaling and trust
  • Cover

    Tech

    • guest mode
    • anonymous users
    • user conversion

    How to implement guest mode (anonymous users) and convert to Logto users

    Learn how to implement guest mode and convert to Logto users using a three-phase pattern: manage guest sessions, authenticate with OIDC, and securely merge guest data to user accounts.

    How to implement guest mode (anonymous users) and convert to Logto users
  • Cover

    Tech

    • postmortem

    Postmortem: authentication failures caused by JWKS caching and signing key rotation

    Postmortem for the authentication incident on Jan 8, 2026 (PST).

    Postmortem: authentication failures caused by JWKS caching and signing key rotation
  • Cover

    Changelogs

    • release

    Logto product updates

    Logto v1.35 is here. This release adds reCAPTCHA domain customization and checkbox mode for Enterprise, expands third-party app support to SPA and Native applications, and includes client IP tracking for passwordless connectors.

    Logto product updates
  • Cover

    Product

    • auth
    • ai
    • skill

    Understanding AI agent skills: Why authentication security matters

    Skills turn AI into active operators, but managing secure, scoped credentials across many tools makes authentication one of the hardest challenges.

    Understanding AI agent skills: Why authentication security matters
  • Cover

    Tech

    • OAuth 2.0 DCR
    • DCR
    • RFC 7591
    • API Security

    What is Dynamic Client Registration (DCR)? The key to scalable OAuth 2.0

    Learn how Dynamic Client Registration (DCR) automates OAuth 2.0 onboarding. Discover RFC 7591, Software Statement Assertions, and how to secure your API ecosystem.

    What is Dynamic Client Registration (DCR)? The key to scalable OAuth 2.0
  • Cover

    Product

    • soc2
    • gdpr

    The gatekeepers of compliance: analyzing identity authentication under SOC 2 and GDPR

    Learn how SOC 2 and GDPR legally require identity verification, MFA, access controls, and audit logs, with direct references to official standards.

    The gatekeepers of compliance: analyzing identity authentication under SOC 2 and GDPR
  • Cover

    Tech

    • auth providers
    • 2026
    • agent

    Top 7 best auth and agent-friendly providers in 2026

    Discover the top 7 auth providers for SaaS and AI agents in 2026. Compare M2M auth, multi-tenancy, CLI security, and enterprise-ready features.

    Top 7 best auth and agent-friendly providers in 2026
  • Cover

    Product

    • Custom domains
    • Multiple domains
    • Authentication

    What is authentication custom domain and why multiple domains matter

    Learn how authentication custom domains and multiple domains improve conversion, security, and branding; and how Logto helps you manage them without DNS headaches.

    What is authentication custom domain and why multiple domains matter
  • Cover

    Tech

    • auth
    • cli
    • ai

    What is CLI Auth and the common methods used today

    CLI auth is becoming central to modern developer workflows. Logto supports all major CLI authentication methods.

    What is CLI Auth and the common methods used today
  • Cover

    Changelogs

    • release

    Logto product updates

    Logto v1.34 is here. This release introduces isolated cross-app authentication, a new Identifier.Lockout webhook event, and fixes to ensure refresh tokens correctly honor the full 180-day TTL.

    Logto product updates
  • Cover

    Tech

    • AI
    • Agent

    MCP server vs Tools vs Agent skill

    MCP servers, tool-use, and agent skills: understanding the layers of modern AI development

    MCP server vs Tools vs Agent skill
  • Cover

    Changelogs

    • release

    Logto product updates

    We’ve just brought v1.33, bringing Account Center configuration, MFA skip controls API, and a few handy improvements.

    Logto product updates
  • Cover

    Product

    • GitHub
    • Secret vault
    • Token storage
    • OAuth
    • Social sign-in

    GitHub Apps vs. OAuth Apps: Choose the right GitHub connection

    Compare GitHub Apps vs OAuth Apps for Logto integration. Learn key differences in security, permissions, token management, and choose the right GitHub authentication method for your application.

    GitHub Apps vs. OAuth Apps: Choose the right GitHub connection
  • Cover

    Product

    • security
    • enterprise ready

    How to make your product Enterprise-Ready: The complete checklist

    Learn how to make your SaaS product enterprise-ready with this 2025 checklist on security, compliance, and scalability.

    How to make your product Enterprise-Ready: The complete checklist
  • Cover

    Tutorial

    • localization
    • internationalization
    • i18n
    • l10n
    • ui_locales
    • locale

    Localize your Logto sign-in experience with OIDC ui_locales

    Make your sign-in experience feel native to every user. In this tutorial, you’ll learn how to use the standard OIDC parameter ui_locales to set the runtime language of Logto’s sign-in UI and related emails.

    Localize your Logto sign-in experience with OIDC ui_locales