Logto blog

Discover Logto and explore plenty of resources on authentication, authorization, identity management, open standards (OAuth, OpenID Connect, SAML), and more.

Featured posts

Cover

Changelogs

  • release
  • i18n
  • email templates

Logto product updates

It's time for a new Logto release! This update brings custom email templates for multiple languages, some improvements and fixes.

Darcy Ye
Darcy Ye
Developer
Logto product updates

Tutorial

  • rbac
  • role design
  • rbac implementation

RBAC in practice: Implementing secure authorization for your application

RBAC in practice: Implementing secure authorization for your application

Tech

  • saas development
  • multi-tenant saas
  • saas architecture
  • saas boilerplate

Build a multi-tenant SaaS application: A complete guide from design to implementation

Build a multi-tenant SaaS application: A complete guide from design to implementation

All posts

  • Cover

    Tech

    • ai
    • OAuth 2.0
    • OIDC
    • agent

    Why your product needs OAuth 2.0 and OIDC — Especially in the AI era

    Learn why OAuth 2.0 and OpenID Connect (OIDC) are important for modern authentication, especially in the age of AI, agents, and smart devices. This article covers key use cases, when to implement these protocols, and how to choose the right auth provider for scalability and security.

    Why your product needs OAuth 2.0 and OIDC — Especially in the AI era
  • Cover

    Tech

    • A2A
    • AI
    • MCP

    A2A vs MCP: Two complementary protocols for the emerging agent ecosystem

    This article introduces A2A and MCP — two emerging protocols shaping the future of AI agent systems. It explains how they work, how they differ, and why understanding this architecture matters for developers, designers, and AI product builders.

    A2A vs MCP: Two complementary protocols for the emerging agent ecosystem
  • Cover

    Tech

    • mcp
    • mcp-auth
    • oauth

    In-Depth review of the MCP authorization spec (2025-03-26 edition)

    Deeply analyzes the MCP Authorization Specification, examining MCP Server's dual roles as Authorization and Resource Server, Dynamic Client Registration mechanisms, and practical considerations for implementing this protocol in real-world scenarios.

    In-Depth review of the MCP authorization spec (2025-03-26 edition)
  • Cover

    Product

    • AI
    • MCP
    • Agent
    • IdP

    What you need to have in place for AI Agent and MCP Integration for your product

    In this piece, we explore the latest AI breakthroughs that underscore the urgency of secure agent and MCP integration. We highlight OAuth-based authentication as an important measure for protecting user credentials and explain how Logto can help your product serve as both an MCP server and an identity provider in the rapidly growing AI ecosystem.

    What you need to have in place for AI Agent and MCP Integration for your product
  • Cover

    Changelogs

    • release
    • sign-up identifiers
    • wordpress

    Logto product updates

    🎉 Introducing our March release: Create your ideal sign-up flow with multiple identifiers, connect with WordPress in minutes, and explore more updates!

    Logto product updates
  • Cover

    Product

    • Firebase Auth
    • Pricing

    2025 Firebase Authentication’s latest pricing explained and the best alternatives

    This article provides an overview and breaks down the key details of Firebase Authentication. It covers what Firebase Auth is, a summary of its pricing, and the best alternatives to Firebase Auth.

    2025 Firebase Authentication’s latest pricing explained and the best alternatives
  • Cover

    Product

    • auth
    • agent
    • agent auth

    AI agent auth: use cases and identity needs

    2025 is the year of AI. As LLMs and agent experiences evolve, new challenges in authentication and authorization emerge. This article explores AI agent interactions, highlighting key security and authentication scenarios.

    AI agent auth: use cases and identity needs
  • Cover

    Product

    • oss
    • IAM
    • SSO providers

    Top 5 Open Source Identity and Access Management (IAM) providers 2025

    Compare features, protocols, integrations, pros, and cons for Logto, Keycloak, NextAuth, Casdoor, and SuperTokens to find the best OSS fit for your authentication and authorization needs.

    Top 5 Open Source Identity and Access Management (IAM) providers 2025
  • Cover

    Tutorial

    • netlify
    • auth solution
    • secure netlify functions

    Full-stack auth solution with Logto on Netlify: Protecting web apps and serverless functions

    Shows how to secure Netlify web apps and serverless functions with Logto authentication, complete with source code examples and a live demo preview.

    Full-stack auth solution with Logto on Netlify: Protecting web apps and serverless functions
  • Cover

    Tutorial

    • mcp access control
    • mcp rbac
    • personal access token

    Empower your business: Connect AI tools to your existing service with access control

    Learn how to empower your business by securely connecting AI tools to your existing services using Personal Access Tokens and Model Context Protocol (MCP), with complete source code and practical examples.

    Empower your business: Connect AI tools to your existing service with access control
  • Cover

    Tech

    • MCP
    • Model Context Protocol
    • AI

    What is MCP (Model Context Protocol) and how it works

    An easy-to-understand guide to Model Context Protocol (MCP), explaining how it helps LLMs access external resources to overcome knowledge limitations and build more powerful AI applications.

    What is MCP (Model Context Protocol) and how it works
  • Cover

    Changelogs

    • release
    • i18n
    • email templates

    Logto product updates

    It's time for a new Logto release! This update brings custom email templates for multiple languages, some improvements and fixes.

    Logto product updates
  • Cover

    Product

    • Region
    • Data
    • Security

    Protect your identities in local regions and dedicated computing resources

    In this article, we’ll discuss when you might need to store your identities in local regions and how Logto can help.

    Protect your identities in local regions and dedicated computing resources
  • Cover

    Changelogs

    • release
    • connectors

    Logto product updates

    It's time for a new Logto release! This update brings 5 new social connectors, and some bug fixes.

    Logto product updates
  • Cover

    Product

    • Personal access token
    • Authentication

    What is personal access token (PAT)? A more secure API token

    Explain how personal access tokens (PATs) work, when to use them, how to support API authentication in your services, and how they differ from API keys, API tokens, bearer tokens, OAuth tokens, and passwords.

    What is personal access token (PAT)? A more secure API token
  • Cover

    Product

    • impersonation
    • ai
    • authentication
    • authorization

    What is impersonation in cybersecurity and identity management? How can AI agents use it?

    Learn how impersonation is used in cybersecurity and identity management, and how AI agents can use this feature.

    What is impersonation in cybersecurity and identity management? How can AI agents use it?
  • Cover

    Tutorial

    • rbac
    • role design
    • rbac implementation

    RBAC in practice: Implementing secure authorization for your application

    Complete guide to Role-Based Access Control (RBAC): Master permission design, role management, and secure authorization with practical CMS implementation.

    RBAC in practice: Implementing secure authorization for your application
  • Cover

    Product

    • soc2
    • security
    • compliance

    Logto is now SOC 2 Type II compliant!

    Logto is now SOC 2 Type II compliant, proving our commitment to security.

    Logto is now SOC 2 Type II compliant!
  • Cover

    Product

    • Amazon Cognito
    • Pricing

    2025 Amazon Cognito's latest pricing explained and the best Amazon Cognito alternatives

    This article provides an overview and breaks down the key details of Amazon Cognito. It covers what Amazon Cognito is, a summary of its pricing, and the best alternatives to Amazon Cognito.

    2025 Amazon Cognito's latest pricing explained and the best Amazon Cognito alternatives
  • Cover

    Product

    • SAML
    • SSO
    • Identity Provider

    Simplify SAML app integration for developers

    Learn what SAML is, how to implement SSO, and quick steps to integrate SAML apps as an Identity Provider (IdP) or Service Provider (SP).

    Simplify SAML app integration for developers