Logto blog

Discover Logto and explore plenty of resources on authentication, authorization, identity management, open standards (OAuth, OpenID Connect, SAML), and more.

Featured posts

Cover

Changelogs

  • release

Logto product updates

🎉 Introducing our August release: Collect user profile at signup, PBKDF2 legacy password support, Thai localization, and a new HTTP SMS connector!

Charles
Charles
Developer
Logto product updates

Tutorial

  • rbac
  • role design
  • rbac implementation

RBAC in practice: Implementing secure authorization for your application

RBAC in practice: Implementing secure authorization for your application

Tech

  • saas development
  • multi-tenant saas
  • saas architecture
  • saas boilerplate

Build a multi-tenant SaaS application: A complete guide from design to implementation

Build a multi-tenant SaaS application: A complete guide from design to implementation

All posts

  • Cover

    Product

    • kinde
    • pricing

    Kinde vs Logto, product and features and its pricing comparison

    Compare Kinde and Logto on pricing and features to understand their different approaches and pick the right identity platform for your app.

    Kinde vs Logto, product and features and its pricing comparison
  • Cover

    Product

    • Sign-up
    • Collect user profile
    • User data

    Online sign-up form builder: From authentication to user profile collection

    Build high-converting sign-up forms with Logto’s no-code builder. Enable plug-and-play authentication (email, phone, username, social, SSO) and add custom profile fields with flexible components.

    Online sign-up form builder: From authentication to user profile collection
  • Cover

    Product

    • pricing

    Logto pricing plan updates - September 2025

    Refresh tokens are free (~50% less usage). Pro is $24/month, with RBAC as a $32 add-on. More features added to Pro plan.

    Logto pricing plan updates - September 2025
  • Cover

    Changelogs

    • release

    Logto product updates

    🎉 Introducing our August release: Collect user profile at signup, PBKDF2 legacy password support, Thai localization, and a new HTTP SMS connector!

    Logto product updates
  • Cover

    Tech

    • ai
    • claude
    • auth

    Using Claude Code and Logto to quickly build your custom login flows

    Learn how to use Claude Code to build a full-stack app with Logto authentication: from sign-in setup to custom login panels and social logins.

    Using Claude Code and Logto to quickly build your custom login flows
  • Cover

    Tech

    • oauth
    • jwt

    JWT vs OAuth: Key differences, how they work together, and best practices

    A quick guide explaining how JWT and OAuth differ, how they complement each other, and best practices for using both effectively.

    JWT vs OAuth: Key differences, how they work together, and best practices
  • Cover

    Tech

    • Secret Vault
    • Token storage
    • Third-party services
    • Google

    Secure Google API access with OAuth authorization and token storage

    Learn how to build smart productivity apps (e.g., AI agent) that integrate with Google APIs using Logto Secret Vault for secure access and refresh token storage, incremental authorization, and seamless OIDC/OAuth 2.0 integration.

    Secure Google API access with OAuth authorization and token storage
  • Cover

    Tech

    • Bolt
    • AI
    • Direct sign-in

    Using Bolt.New and Logto to quickly build your custom login flows

    Learn how to use Bolt.new to build a full-stack app with Logto authentication. From configuring sign-in flows to creating a floating login panel and enabling social logins, this guide covers both setup and customization.

    Using Bolt.New and Logto to quickly build your custom login flows
  • Cover

    Changelogs

    • release
    • API SDK
    • Vault
    • account API

    Logto product updates

    🎉 Introducing our July release: Logto API SDK, Secret vault for federated token storage, manage TOTP and Backup Codes via Account API, and more!

    Logto product updates
  • Cover

    Tech

    • Supabase
    • AI
    • Auth

    Why AI startups choose Supabase and where it falls short

    Supabase offers fast backend setup for AI startups, but lacks robust authentication and authorization. Learn how pairing it with Logto creates a scalable, production-ready stack.

    Why AI startups choose Supabase and where it falls short
  • Cover

    Tech

    • agent
    • coding

    Top coding agents in 2025: Tools that actually help you build

    A detailed comparison of top AI coding agents like Cursor, GitHub Copilot, Windsurf, Bolt.new, and Replit. This article breaks down their key features, strengths, and ideal use cases to help developers choose the right tool for their workflow.

    Top coding agents in 2025: Tools that actually help you build
  • Cover

    Tech

    • postmortem
    • cloud-service
    • incident
    • db-alterations

    Postmortem: undeployed database alterations exception

    Incident report for the 2025-07-17 undeployed database alterations exception.

    Postmortem: undeployed database alterations exception
  • Cover

    Product

    • Captcha
    • Security

    CAPTCHA provider buyer’s guide 2025

    Learn how does modern CAPTCHA works. Compare Google reCAPTCHA, Cloudflare Turnstiles, and more providers from features, pricing, and integration tips.

    CAPTCHA provider buyer’s guide 2025
  • Cover

    Tech

    • ai
    • auth
    • IDE

    Vibe code using Lovable AI and Logto to quickly build your app and handle login flows

    Lovable is an AI-powered coding agent that helps you build full-stack apps using natural language: frontend, backend, database, and deployment, all in one place. With the support for Logto, you can now add secure login, user management, and auth flows effortlessly.

    Vibe code using Lovable AI and Logto to quickly build your app and handle login flows
  • Cover

    Product

    • saas
    • environment
    • configuration

    Why I said "no" for a year: rethinking dev-to-prod environment promotion

    How we learned that environment isolation doesn't mean configuration isolation, and why that matters for developer-focused SaaS.

    Why I said "no" for a year: rethinking dev-to-prod environment promotion
  • Cover

    Tech

    • cursor
    • integration
    • ai

    Vibe code using Cursor and Logto to quickly build your app and handle login flows

    Learn how to vibe code a photo gallery app using Cursor and add login with Logto in minutes. From UI to authentication, it’s fast, simple, and AI-powered.

    Vibe code using Cursor and Logto to quickly build your app and handle login flows
  • Cover

    Tutorial

    • mcp
    • mcp-auth

    MCP server auth implementation guide: using the latest spec

    Provides key implementation points for MCP server authentication compliance with the 2025-06-18 specification.

    MCP server auth implementation guide: using the latest spec
  • Cover

    Tech

    • agent
    • ai
    • login

    How Manus handles login state and user credentials in the Cloud Browser

    This article covers how Manus manages login sessions in its cloud browser, the security risks of agent-based authentication, and alternatives like OAuth and credential vaults.

    How Manus handles login state and user credentials in the Cloud Browser
  • Cover

    Changelogs

    • release
    • WebAuthn
    • Passkey
    • jwt

    Logto product updates

    🎉 Introducing our June release: Account API for Passkeys, access user interaction details in custom JWT, and more updates!

    Logto product updates
  • Cover

    Product

    • postmortem

    Postmortem: Logto auth service outage

    On June 12, 2025, Logto services on `logto.app` were briefly disrupted by a Cloudflare outage affecting request routing. The issue was resolved quickly, with no impact on data security or core services.

    Postmortem: Logto auth service outage