Thanks to visit codestin.com
Credit goes to blog.logto.io

Logto blog

Discover Logto and explore plenty of resources on authentication, authorization, identity management, open standards (OAuth, OpenID Connect, SAML), and more.

Featured posts

Cover

Changelogs

  • release

Logto product updates

Logto v1.35 is here. This release adds reCAPTCHA domain customization and checkbox mode for Enterprise, expands third-party app support to SPA and Native applications, and includes client IP tracking for passwordless connectors.

Yijun
Yijun
Developer
Logto product updates

All posts

  • Cover

    Tech

    • guest mode
    • anonymous users
    • user conversion

    How to implement guest mode (anonymous users) with Logto

    Learn how to implement guest mode with Logto using a three-phase pattern: manage guest sessions, authenticate with OIDC, and securely merge guest data to user accounts.

    How to implement guest mode (anonymous users) with Logto
  • Cover

    Tech

    • postmortem

    Postmortem: authentication failures caused by JWKS caching and signing key rotation

    Postmortem for the authentication incident on Jan 8, 2026 (PST).

    Postmortem: authentication failures caused by JWKS caching and signing key rotation
  • Cover

    Changelogs

    • release

    Logto product updates

    Logto v1.35 is here. This release adds reCAPTCHA domain customization and checkbox mode for Enterprise, expands third-party app support to SPA and Native applications, and includes client IP tracking for passwordless connectors.

    Logto product updates
  • Cover

    Product

    • auth
    • ai
    • skill

    Understanding AI agent skills: Why authentication security matters

    Skills turn AI into active operators, but managing secure, scoped credentials across many tools makes authentication one of the hardest challenges.

    Understanding AI agent skills: Why authentication security matters
  • Cover

    Tech

    • OAuth 2.0 DCR
    • DCR
    • RFC 7591
    • API Security

    What is Dynamic Client Registration (DCR)? The key to scalable OAuth 2.0

    Learn how Dynamic Client Registration (DCR) automates OAuth 2.0 onboarding. Discover RFC 7591, Software Statement Assertions, and how to secure your API ecosystem.

    What is Dynamic Client Registration (DCR)? The key to scalable OAuth 2.0
  • Cover

    Product

    • soc2
    • gdpr

    The gatekeepers of compliance: analyzing identity authentication under SOC 2 and GDPR

    Learn how SOC 2 and GDPR legally require identity verification, MFA, access controls, and audit logs, with direct references to official standards.

    The gatekeepers of compliance: analyzing identity authentication under SOC 2 and GDPR
  • Cover

    Tech

    • auth providers
    • 2026
    • agent

    Top 7 best auth and agent-friendly providers in 2026

    Discover the top 7 auth providers for SaaS and AI agents in 2026. Compare M2M auth, multi-tenancy, CLI security, and enterprise-ready features.

    Top 7 best auth and agent-friendly providers in 2026
  • Cover

    Changelogs

    • release

    Logto product updates

    Logto v1.34 is here. This release introduces isolated cross-app authentication, a new Identifier.Lockout webhook event, and fixes to ensure refresh tokens correctly honor the full 180-day TTL.

    Logto product updates
  • Cover

    Product

    • Custom domains
    • Multiple domains
    • Authentication

    What is authentication custom domain and why multiple domains matter

    Learn how authentication custom domains and multiple domains improve conversion, security, and branding; and how Logto helps you manage them without DNS headaches.

    What is authentication custom domain and why multiple domains matter
  • Cover

    Tech

    • auth
    • cli
    • ai

    What is CLI Auth and the common methods used today

    CLI auth is becoming central to modern developer workflows. Logto supports all major CLI authentication methods.

    What is CLI Auth and the common methods used today
  • Cover

    Tech

    • AI
    • Agent

    MCP server vs Tools vs Agent skill

    MCP servers, tool-use, and agent skills: understanding the layers of modern AI development

    MCP server vs Tools vs Agent skill
  • Cover

    Changelogs

    • release

    Logto product updates

    We’ve just brought v1.33, bringing Account Center configuration, MFA skip controls API, and a few handy improvements.

    Logto product updates
  • Cover

    Product

    • GitHub
    • Secret vault
    • Token storage
    • OAuth
    • Social sign-in

    GitHub Apps vs. OAuth Apps: Choose the right GitHub connection

    Compare GitHub Apps vs OAuth Apps for Logto integration. Learn key differences in security, permissions, token management, and choose the right GitHub authentication method for your application.

    GitHub Apps vs. OAuth Apps: Choose the right GitHub connection
  • Cover

    Product

    • security
    • enterprise ready

    How to make your product Enterprise-Ready: The complete checklist

    Learn how to make your SaaS product enterprise-ready with this 2025 checklist on security, compliance, and scalability.

    How to make your product Enterprise-Ready: The complete checklist
  • Cover

    Changelogs

    • release

    Logto product updates

    We’ve just rolled out v1.32, bringing new MFA options, better localization support, and a few handy improvements.

    Logto product updates
  • Cover

    Tutorial

    • localization
    • internationalization
    • i18n
    • l10n
    • ui_locales
    • locale

    Localize your Logto sign-in experience with OIDC ui_locales

    Make your sign-in experience feel native to every user. In this tutorial, you’ll learn how to use the standard OIDC parameter ui_locales to set the runtime language of Logto’s sign-in UI and related emails.

    Localize your Logto sign-in experience with OIDC ui_locales
  • Cover

    Tech

    • multi-tenancy
    • organization
    • authentication

    How to build multi-tenant, organization-based authentication experience

    Tenant‑specific sign‑in for B2B SaaS with Logto: customize branding and email templates, route via enterprise SSO, require MFA, and auto‑provision users with JIT.

    How to build multi-tenant, organization-based authentication experience
  • Cover

    Product

    • migration
    • auth0
    • aws
    • firebase

    Why Logto is a strong choice for teams migrating from Firebase, AWS Cognito, or Auth0

    Discover why SaaS teams migrate from Firebase, AWS Cognito, and Auth0 to Logto. Learn about pricing, flexibility, and a real case study with SpacetoCo.

    Why Logto is a strong choice for teams migrating from Firebase, AWS Cognito, or Auth0
  • Cover

    Tech

    • bearer tokens
    • jwt

    What is a bearer token? A complete guide for developers and businesses

    Learn what bearer tokens are, how they work in OAuth 2.0 and JWT, the difference from access tokens, and best practices.

    What is a bearer token? A complete guide for developers and businesses
  • Cover

    Product

    • kinde
    • pricing

    Kinde vs Logto, product and features and its pricing comparison

    Compare Kinde and Logto on pricing and features to understand their different approaches and pick the right identity platform for your app.

    Kinde vs Logto, product and features and its pricing comparison