Logto Blog
Logto is an Auth0 alternative for building modern customer identity infrastructure with minimal effort, for both your customers and their organizations.
TECHNOLOGY
Multi-tenancy implementation with Postgres: It's simpler than you imagine
Explore the simplicity of implementing multi-tenancy for your applications using Postgres.
February 29, 202412 min read
All Blogs
- TECHNOLOGY
Exploring OpenID Connect configuration: Key fields and their uses
Explores the key fields and practical applications of OpenID Connect configuration.April 25, 202410 min read - TUTORIAL
Add custom claims for JWT access tokens with Logto to boost your authorization
In this article, we will introduce how to use Logto custom JWT claims feature to improve the flexibility of authorization and the performance of the service provider through a real-world example.April 24, 202414 min read - TECHNOLOGY
Upgrade transitive dependencies with PNPM: Fix the security vulnerabilities without breaking things
Fixing security vulnerabilities may be a frustrating task, especially when it involves transitive dependencies. Learn how to upgrade them without affecting your direct dependencies.April 24, 20244 min read - TECHNOLOGY
Behind the scenes: How we implement user collaboration within a multi-tenant app
Practices and insights on implementing an invitation and role access management feature like Logto Cloud collaboration in a multi-tenant application.April 18, 20244 min read - TUTORIAL
Integrating with WordPress
A hands-on guide and example to integrate WordPress with Logto.April 16, 20244 min read - TUTORIAL
Integrate Microsoft Entra ID (OIDC) in Logto Enterprise SSO
Learn how to integrate Microsoft Entra ID (OIDC) SSO using Logto.April 12, 20245 min read - CHANGELOG
Logto product update: Cloud collaboration, direct sign-in, lazy password migration, and more
Use Logto as an OpenID Connect identity provider to build your app ecosystem; add authentication with two inputs with Protected App; and new guides for Blazor, SvelteKit, Nuxt.js, Expo (React Native), and Angular.April 11, 20244 min read - PRODUCT
Use Logto for various business models' identity systems
Explore different business models that Logto can support your specific requirements and help you architect your product effectively.April 09, 20246 min read - PRODUCT
Picking your SSO method: SAML vs. OpenID Connect
Single sign-on (SSO) is a great way to simplify user authentication and authorization. But which SSO method should you choose? In this post, we give you a brief overview of two popular SSO methods: SAML and OpenID Connect.April 07, 20245 min read - TECHNOLOGY
Client assertion in OAuth 2.0 client authentication
Explores the use of client assertion in OAuth 2.0 client authentication.April 02, 20245 min read - TUTORIAL
Monetize your Chrome extension with OpenID Connect (OAuth 2.0) authentication
Learn how to monetize your Chrome extension by adding user authentication to it.April 02, 20248 min read - PRODUCT
Secure hub for user data on move
Contrasts auth & user data. Details Logto's secure storage & movement. Outlines data flow best practices (attribute mappings, data syncing, custom JWTs).March 29, 20245 min read - TECHNOLOGY
Postmortem: unexpected JWT `iss` change
Incident report for the 2024-03-18 unexpected JWT `iss` change.March 25, 20243 min read - TUTORIAL
Integrate Azure SAML SSO using Logto
Learn how to integrate Azure SAML SSO using Logto in minutes.March 18, 20246 min read - TECHNOLOGY
OIDC Prompt 101: A simple guide for developers
OIDC prompt is a parameter that can be used to control the behavior of the authentication flow. This blog post explains how OIDC prompt works and which one to use in different scenarios.March 18, 20243 min read - TECHNOLOGY
Comparing token-based authentication and session-based authentication
This blog post introduces the basic concepts of both token-based authentication and session-based authentication, with their pros and cons. This could help readers to choose the proper authentication scheme for their application.March 13, 20245 min read - TECHNOLOGY
Connecting the dots: An in-depth exploration of OIDC resource and your JWT access tokens
This blog post aims to shed light on the relationship between OIDC resource indicators and their role in obtaining access tokens.March 06, 20244 min read - PRODUCT
Introducing Protected App: Build authentication in clicks, no code required
The story behind Protected App.March 04, 20244 min read - TUTORIAL
Build Angular authentication with Logto
Learn how to build a user authentication flow with Angular by integrating Angular OIDC client library.February 29, 20242 min read - TECHNOLOGY
Multi-tenancy implementation with Postgres: It's simpler than you imagine
Explore the simplicity of implementing multi-tenancy for your applications using Postgres.February 29, 202412 min read - PRODUCT
Logto's authorization system and its use in identity management scenarios
Explore the versatile authorization system of Logto.February 29, 20244 min read - TUTORIAL
Build Nuxt authentication with Logto
Learn how to build a user authentication flow with Nuxt by integrating Logto SDK.February 29, 20242 min read - TUTORIAL
Build SvelteKit authentication with Logto
Learn how to build a user authentication flow with SvelteKit by integrating Logto SDK.February 29, 20243 min read - TUTORIAL
Build Expo (React Native) authentication with Logto
Learn how to build a user authentication flow with Expo (React Native) by integrating Logto SDK.February 28, 20243 min read - CHANGELOG
Logto product update: Logto as IdP, Protected App, and a lot of new guides
Use Logto as an OpenID Connect identity provider to build your app ecosystem; add authentication with two inputs with Protected App; and new guides for Blazor, SvelteKit, Nuxt.js, Expo (React Native), and Angular.February 26, 20242 min read - TECHNOLOGY
What’s the differences between public & confidential clients?
This article reveals the differences between public and confidential clients in OAuth, with Logto applications as example.February 21, 20246 min read - PRODUCT
Using Logto as an third-party identity provider (IdP)
Logto can be used as an identity provider for your third-party applications. This article explains how to configure Logto as an IdP.February 06, 20248 min read - PRODUCT
New insights: A detailed comparison of Logto and Auth0
Logto vs. Auth0 is always an interesting topic. In this article, we've shifted and updated our product vision and explained our new, specific, and sharp perspectives about what sets our product apart from Auth0.February 02, 20246 min read - PRODUCT
Introduction to the user consent screen
What is the user consent screen and how does it work? This article explains the basics ideas behind the user consent screen and how it should be used.February 01, 20246 min read - TUTORIAL
Authenticate users in GPT actions: Build a personal agenda assistant
Build a personalized experience for your users right in your GPT. This tutorial shows you how to use OAuth to create a personal agenda assistant GPT.January 25, 20248 min read - TECHNOLOGY
Programmatic authentication: API key, personal access token, and OAuth client credentials flow
Discover key concepts and common use cases for API key, Personal Access Token (PAT), and Logto Machine-to-Machine (M2M) credentials.January 24, 20245 min read - TUTORIAL
Setup Google Cloud Storage as the file storage of Logto
A hands-on guide to setting up Google Cloud Storage as the file storage of Logto.January 17, 20243 min read - PRODUCT
Integrate identity system: First-party and third-party apps with Logto
Discover key concepts and common use cases for integrating both first-party and third-party apps using Logto as your identity provider.January 17, 20245 min read - TECHNOLOGY
Postmortem: Bad Gateway
Incident report for the Logto service outage on 2024-01-11 due to domain renewal failure.January 12, 20244 min read - PRODUCT
Why single sign-on (SSO) is better
Single sign-on (SSO) is a great way to simplify the authentication model and improve the user experience for every app. Here's why.January 10, 20246 min read - TUTORIAL
Integrate Google Workspace SSO with your application
Learn how to integrate Google Workspace SSO with your application in minutes.January 09, 20245 min read - TECHNOLOGY
Why you should use authorization code flow instead of implicit flow?
In this article, we introduced the implicit flow and authorization code flow within the OAuth 2.0 protocol, explaining the security vulnerabilities present in the implicit flow and how the authorization code flow (along with PKCE) addresses these issues.January 03, 20246 min read - PRODUCT
Logto's new plans: Free 50K MAUs; $16 Pro for unlimited with no per-MAU cost
We're excited to announce updates to our Logto plan packages!December 26, 20235 min read - TECHNOLOGY
Painless local debugging: achieving HTTPS and custom hostname with Cloudflare Tunnel
This article introduces how to use Cloudflare Tunnel to achieve HTTPS and custom hostname for painless local debugging.December 26, 20234 min read - TUTORIAL
Use Logto Management API: A step-by-step guide
Learn how to use Logto Management API for your application in different scenarios.December 20, 20237 min read - PRODUCT
An ultimate guide to multi-tenant CIAM setup
Creating a multi-tenant application can be complex. This article gathers all our past posts about multi-tenant and organization strategies. We hope it can help you save time and get started easily.December 19, 20239 min read - TUTORIAL
Integrate Okta SSO with your application
Learn how to integrate Okta SSO with your application in minutes.December 19, 20235 min read - TECHNOLOGY
Postmortem: Docker image not found
Incident report for the Logto service outage on 2023-12-17 due to loss of production Docker image.December 17, 20233 min read - TECHNOLOGY
Why open standards are the choice for modern identity and access management
Open standards such as OpenID Connect and OAuth 2.0 are the foundation of modern identity management. Today we'll look at why they're so important.December 14, 20234 min read - TECHNOLOGY
What are differences between SAML and OIDC?
In this article, we provide an overview of the SAML and OIDC protocols, along with their typical authentication flows. We compare the distinct differences, pros and cons of each protocol. Additionally, based on potential user scenarios, we offer guidance on choosing between these two protocols.December 13, 20235 min read - TUTORIAL
Understanding the importance of "iat" token claim and troubleshooting the "Invalid issued at time" error
In this post, we are going to explore the importance of the "iat" claim in the ID token and how to troubleshoot the "Invalid issued at time in ID token" error.December 12, 20234 min read - CHANGELOG
Logto product update: Enterprise SSO (single sign-on)
Enterprise SSO is designed to support any SAML and OIDC connection, offering the simplest configuration and powered by Logto.December 11, 20231 min read - PRODUCT
Integrate enterprise SSO in 5 mins: supporting SAML and OIDC
Logto has released Enterprise SSO, supporting easy integration with any IdP using SAML or OIDC, complemented by a step-by-step guide and ready-to-use authentication flows.December 06, 20234 min read - TECHNOLOGY
A brief introduction to OAuth 2.0 device flow
This article explores OAuth 2.0 device flow, a solution for identity authentication on devices that either lack a browser to perform a user-agent-based authorization or are input constrained, outlining its purpose and user interaction flow.December 05, 20234 min read - TUTORIAL
Integrating Passport.js with Logto
A hands-on guide and example to integrate Passport.js with Logto.December 05, 20235 min read - TECHNOLOGY
The art of single sign-on
Single sign-on (SSO) is a method of authentication that allows a user to access multiple applications or services with a single set of login credentials. This article will explain what SSO is, how it works, and why it's important for businesses.November 30, 20238 min read - PRODUCT
Logto's multi-tenancy model explained
Take a look at how we designed Logto's multi-tenancy model and the benefits it brings to SaaS apps.November 29, 20235 min read - TUTORIAL
Case study: Build multi-tenancy with Logto Organizations
Learn how to set up a solid and scalable identity foundation for multi-tenancy with Logto Organizations.November 24, 20235 min read - PRODUCT
An easy guide to begin with Logto organizations - for building a multi-tenant app
Learn how to use Logto organizations to build the identity infrastructure for your SaaS app.November 23, 20235 min read - PRODUCT
Organization and Role-based access control: How to design your authorization model for your product
This article provides a detailed guide on how to design an authorization model for organization and role-based access control, and offers best practices for different authorization models in the Logto platform.November 23, 20237 min read - CHANGELOG
Logto product update: Organizations and free development tenants
Discover the latest features and improvements that we have been working on from the previous period.November 22, 20232 min read - TECHNOLOGY
Implementing WebAuthn in Next.js: A Hands-On Guide
A hands-on guide to implementing WebAuthn in Next.js with live code examples.November 15, 20239 min read - CHANGELOG
Logto product update: MFA, signing key rotation, and custom domain for all plans
Discover the latest features and improvements that we have been working on from the previous period.November 14, 20233 min read - PRODUCT
One-click MFA integration: Software OTP, Passkey, and backup code
Learn how to integrate MFA into your sign-in experience with one-click.November 13, 20233 min read - TECHNOLOGY
Secure your API resources for machine-to-machine communication
Learn how to leverage OAuth 2.0 and JWT to secure your API resources for machine-to-machine communication.November 07, 20239 min read - TECHNOLOGY
Social engineering
Social engineering is the art of manipulating people so they give up confidential information. Every cyber crime starts with a social engineering attack. Let's have a look at how it works and how to protect yourself from it.November 06, 202313 min read - PRODUCT
Tenant isolation in multi-tenant application
Tenant isolation is a key concept in multi-tenant applications. In this article, we'll discuss what it is and how it can be achieved.November 06, 20235 min read - TUTORIAL
Understanding Redirect URIs in OIDC with Authorization Code Flow
Let's take a closer look at the redirect URI as it's crucial for app developers and system administrators.November 01, 20234 min read - TECHNOLOGY
TypeScript module augmentation and handling nested JavaScript files
Learn the basics of module augmentation in TypeScript, and how to add type definitions for nested JavaScript files.November 01, 20234 min read - TECHNOLOGY
Support authenticator app verification for your Node.js app
This article introduces how to enhance the security of your Node.js app by integrating authenticator app verification such as Google Authenticator and Microsoft Authenticator.October 25, 20238 min read - TECHNOLOGY
WebAuthn and Passkey 101
Gain a comprehensive understanding of WebAuthn, including its concept, workflow, reasons for its popularity, and associated challenges.October 25, 20237 min read - TECHNOLOGY
Things you should know before integrating WebAuthn
Introduce some basic concepts of WebAuthn, aiming to help you make better decisions when integrating WebAuthn.October 24, 20234 min read - PRODUCT
Are multi-tenant apps = SaaS?
Should all SaaS apps employ multi-tenancy architectures? Can multi-tenancy architectures be applied to consumer apps?October 17, 20234 min read - TECHNOLOGY
API authorization methods
In this article, we will explore three common API authorization mechanisms, API keys, basic authentication, and OAuth JWT tokens. In the end, we will also talk about how Logto can help you protect your APIs using OAuth JWT tokens.October 16, 20238 min read - PRODUCT
Why you should incorporate an identity solution from the start
Learn the benefits of incorporating an identity solution from the beginning of your product development.October 11, 20234 min read - TECHNOLOGY
Introduction to EC and RSA signing algorithms in JWT
Learn the essentials of asymmetric encryption, and understand the pros and cons of the two popular JWT signing key algorithms - EC and RSA.October 10, 20236 min read - TECHNOLOGY
Public key, private key and asymmetric cryptography
In this article, we have introduced the concepts of public keys, private keys, and the principles of asymmetric encryption. We have compared their pros and cons against symmetric encryption, as well as the differences in their usage scenarios.October 10, 20235 min read - PRODUCT
Learn about SP-initiated SSO for B2B apps
Learn what service provider-initiated (SP-initiated) single sign-on (SSO) is and how it can help your business-to-business (B2B) product.October 03, 20235 min read - TUTORIAL
Add Logto auth to your Next.js application using Server Actions
Integrates Logto auth to your Next.js application using Server Actions.October 01, 20236 min read - TECHNOLOGY
A quick guide to writing end-to-end tests with jest-puppeteer
This article provides a quick guide to writing efficient end-to-end tests with jest-puppeteer, emphasizing the setup process, commonly used APIs, and practical testing scenarios using a simple to-do app as an example.September 28, 202312 min read - PRODUCT
Tenancy models for a multi-tenant app
Taking a deeper dive into the notion of "multi-tenancy" and sharing our insights on how we perceive it.September 27, 20237 min read - TUTORIAL
Logto authentication in Cypress
This guide will show you how to authenticate with Logto in your Single Page Application (SPA) tests.September 25, 20234 min read - TECHNOLOGY
What is JSON Web Token (JWT)?
Gain a clear understanding of JSON Web Token (JWT) fundamentals in 5 minutes.September 24, 20235 min read - TUTORIAL
A general guideline to migrate your existing user database to Logto
This article introduces how to utilize existing tools to migrate previous user data to Logto, in the situation where Logto has not yet provided data migration services.September 19, 20239 min read - TUTORIAL
Exploring OIDC grants: understanding and troubleshooting the "invalid_grant" error
Learn the essentials of OpenID Connect (OIDC) grants, and how to troubleshoot the "invalid_grant" error.September 19, 20237 min read - TUTORIAL
Protect your Express.js API with JWT and Logto
Learn how to protect your Express.js API endpoints with JSON Web Tokens (JWT) and Logto.September 18, 20236 min read - CHANGELOG
Logto product update: Password policy
Discover the latest features and improvements that we have been working on from the previous period.September 18, 20232 min read - PRODUCT
Design your password policy
Gain insights into crafting product password policies that are compliant, secure, and user-friendly, with Logto ensuring the security of your authentication process.September 12, 20237 min read - TUTORIAL
Migrating from Node.js crypto to Web Crypto API: A guided experience
Deep into the transition experience of crypto to Web Crypto API, providing a comprehensive guide focusing on 3 commonly scenarios.September 11, 20235 min read - TECHNOLOGY
Why JWT in most OAuth 2.0 services
This article explains why JWT is widely adopted as the format for access tokens in OAuth 2.0, highlighting its benefits and limitations.September 11, 20238 min read - PRODUCT
What is developer experience? (vol. 1)
As creators of developer tools, we frequently discuss the notion of "developer experience." This term is akin to "user experience" but can appear hazy and abstract. So, what precisely does it entail?September 05, 20235 min read - CHANGELOG
Logto product update: Interactive integrations, new SDKs and tutorials
Discover the latest features and improvements that we have been working on from the previous period.September 05, 20232 min read - TUTORIAL
Build ASP.NET Core authentication with Logto
Learn how to build a user authentication flow with ASP.NET Core by integrating Logto SDK.September 03, 20236 min read - TUTORIAL
Integrating Azure AD with Logto
Learn how to integrate Azure AD SSO with Logto using standard SAML connector.September 02, 20235 min read - TEAM
Learn Python in a weekend: From zero to a complete project
How can we quickly learn a new programming language? In this article, we'll share our weekend experience of learning Python by building a complete project.August 28, 202312 min read - PRODUCT
Understanding refresh token rotation
Dive in and let's talk about why refresh token rotation is an effective way to protect the safety of your refresh tokens.August 27, 20234 min read - TECHNOLOGY
How are your passwords cracked? How to improve password security?
In this article, we have presented several classic methods for cracking passwords, along with the underlying principles behind these approaches. Addressing these concepts, we have provided practices from both the perspective of password custodians and account owners on how to enhance the security of passwords.August 25, 20238 min read - PRODUCT
Exploring MFA: Looking at authentication from a product perspective
Deconstructing Multi-Factor Authentication (MFA) through an analysis of its core components, user processes, and essential guiding principles.August 22, 20236 min read - TUTORIAL
Implementing stateless session for Next.js using Server Actions
Using Next.js new feature Server Actions to implement cookie-based stateless session, and experiencing the benifits of Server Actions.August 21, 20236 min read - TEAM
Product thinking in startups
How to determine whether it's necessary to develop a new feature.August 16, 202311 min read - PRODUCT
Understanding refresh tokens, access tokens, and ID tokens in OIDC protocol
The OpenID Connect (OIDC) Protocol, has emerged as a widely adopted standard for identity management. But do you really understand the roles and attributes of these tokens?August 10, 20238 min read - PRODUCT
Do you really need multiple tenants to manage your identity system?
The concept of 'tenant' is relatively unfamiliar to most users, but it is especially important for building identity models. In this article, we will go through examples to help everyone understand what kind of identity model suits their business.August 09, 20237 min read - TUTORIAL
Implement a simple client-side OIDC SDK
Logto offers a variety of SDKs for different platforms. Apart from our official SDKs, we encourage developers from the community to create their own user-friendly SDKs. This article will guide you on building a basic client-side SDK for OIDC.August 01, 202316 min read - PRODUCT
Maximize verification email delivery to guarantee user access
Explore email types and factors affecting delivery in auth scenarios. Easily integrate popular email delivery service with sign-in experience, or choose the free email delivery solution without any configuration provided by Logto.August 01, 20235 min read - TECHNOLOGY
Efficiently tracking DAU and MAU in high-traffic sites
Tracking DAU and MAU in high-traffic sites is a challenging task. This article describes how we solved this problem at Logto.July 31, 20235 min read - TUTORIAL
Build CapacitorJS authentication with Logto
In this tutorial, we will demonstrate how to build the authentication flow with Logto in Capacitor. This will enable you to create cross-platform sign-in and sign-up flows with ease.July 31, 20235 min read - TECHNOLOGY
How PKCE protects the authorization code flow for native apps
This article explains how PKCE protects the authorization code flow for native apps, using unique code verifiers and code challenges to prevent potential attacks.July 28, 20235 min read - PRODUCT
What sets Logto apart from Auth0 and our perspective on it
Our customers often ask us what makes us different from Auth0. In this article, we'll explain the key details and share some strong opinions about what sets our product apart from Auth0 and other alternatives.July 25, 202314 min read - PRODUCT
Logto Cloud launch letter for preview users
As we gear up for the official launch, I want to assure you of a smooth transition. Your experience with Logto Cloud will be seamless, and here are some things you can expect.July 24, 20233 min read - PRODUCT
What prevents your app from allowing simultaneous sign-in on multiple devices
With the arrival of the era of multi-device collaboration, does your app support collaboration across devices? If not, what problems are you facing? In this article, we will explore how an app can take the first step to adapt to cross-device collaboration by allowing signing in to multiple devices.July 18, 20238 min read - PRODUCT
Trust and security at Logto
At Logto, we prioritize the utmost security measures to protect your data and ensure your trust in our services.July 18, 20234 min read - TECHNOLOGY
The evolution of password hashing
You may heard of advices for choosing password hashing algorithms, but did you think why they are recommended? In this article, we will explore the evolution of password hashing algorithms and the reasons behind them.July 16, 20239 min read - TECHNOLOGY
How we support an array of diverse connectors
The story of how we support an array of diverse connectors with both good user experience and development experience. With the help of config driven development, we made a low-code connectors platform.July 12, 20236 min read - TEAM
Embrace remote work: Four tips from my Logto journey
This article provides four tips for remote work from the real experience as a full-time employee of Logto.July 11, 20236 min read - PRODUCT
From code to canvas: Logto makes sign-in experience design open-source
We have published the sign-in experience Figma resources to public, including comprehensive authentication flow designs and versatile styles and components.July 11, 20236 min read - PRODUCT
Logto unveiled a new pricing model to tackle startup hurdles behind the scenes
Our pricing model is not just about revenue generation. We’re eager to share how we’ve designed it to address the unseen challenges startups face.July 04, 202312 min read - TEAM
Nurturing our community management
As a developer-centric product, we greatly value the feedback and contributions from our community, constantly striving to establish a healthy and self-sustainable environment. Discover our ongoing community management journey in the post.July 03, 20239 min read - TEAM
Why it’s so hard: Things learned from a bad customer support experience
A recent experience with a company worth billions of dollars showed a negative example of how even a common and fundamental user requirement can be mishandled.July 01, 20237 min read - TECHNOLOGY
The essential security checklist for user identity
Building user identity is a critical component of any application. Validating usernames and passwords may seem like the simplest approach, but there are many other aspects to consider.July 01, 20237 min read - CHANGELOG
Logto 2023 July update
Discover the latest improvements from Logto for tiered pricing, custom domains, and more.July 01, 20233 min read - PRODUCT
Tackle social login experience: Unlocking the power of convenience
Increase conversions, enhance data quality, and improve user retention with social login (social sign-in)! This article explores its benefits and offers user-friendly design tips with comparative case studies.June 25, 20235 min read - TECHNOLOGY
React Router's lazy type handling and overcoming the impact with type-safe solutions
React Router is a popular library for managing routing in React applications. However, a recent change has displayed a level of arbitrariness and laziness that may negatively impact developers who seek robust type checking.June 19, 20237 min read - TUTORIAL
Implement ChatGPT plugins user authorization with Logto
In this article, we will demonstrate how to use OAuth `scope` for authorization in ChatGPT plugins.June 18, 20235 min read - TECHNOLOGY
A brief OAuth security recap
When it comes to OAuth, it is crucial to prioritize security and fraud protection. One can never be too careful in safeguarding sensitive information. How well-versed are you in the protective measures employed by OAuth? Does your system adhere to the open standard of OAuth? Are you mindful of the potential risks that may arise during the implementation of the user authentication flow? Let's briefly recap what we have learned about OAuth.June 15, 202315 min read - TECHNOLOGY
Efficient internationalization with ChatGPT
This article shares the experience of using the ChatGPT API to efficiently support internationalization (i18n) of products, providing tips on integrating the API, improving translation results, and optimizing instructions for better outcomes.June 14, 202310 min read - TECHNOLOGY
Our experience adding Edge Runtime to Next.js SDK
Edge Runtime has become a buzzword in the technology landscape, Vercel and its Next.js framework have recently added support for it. Logto's Next.js SDK is now supporting Edge Runtime as well. In this article, we're going to share our adventure, looking at the hurdles we faced, how we overcame them, and the cool stuff we learned along the way.June 14, 20235 min read - PRODUCT
Logto pricing model
Logto offers a pay-as-you-go and usage-based pricing model with a transparent measurement of Monthly Active Users (MAU).June 13, 20236 min read - CHANGELOG
Logto 2023 May update
Logto product updates for May 2023May 30, 20232 min read - TECHNOLOGY
Password isn’t dying
Last year, there were news articles circulating on the internet claiming that big tech companies were joining forces to eliminate passwords. Some startups even declared that passwords were obsolete and outdated.May 28, 20236 min read - TUTORIAL
Streamline OAuth and OIDC Authentication with Logto
Our community has expressed interest in using Logto as an Identity Provider for certain products, such as Outline or ChatGPT plugins. In theory, Logto can serve as an OAuth or OIDC (OpenID Connect) provider as long as the product you want to integrate supports either of these protocols.May 27, 20236 min read - TUTORIAL
Implement ChatGPT plugins user authentication with Logto
In this article, we will demonstrate how to use Logto as an OAuth identity provider for ChatGPT plugins.May 24, 20235 min read - TECHNOLOGY
Authentication: The differentiator for ChatGPT plugins
ChatGPT plugins are now available to all Plus members. Although still in beta, these plugins hold great potential for AI-powered apps, as they seamlessly integrate with your business directly within the chat interface.May 24, 20233 min read - TUTORIAL
Simplify Outline authentication with Logto
In this article, we will demonstrate how to use Logto as an OpenID Connect (OIDC) identity provider for Outline.May 23, 20234 min read - TECHNOLOGY
Our Journey Migrating Logto SDK Sample to Next.js 13 App Router
This article details the process of migrating Logto's Next.js SDK sample project to the new Next.js 13 App Router, covering the steps of creating new pages and layouts, transitioning API routes, and utilizing server and client components.May 22, 20234 min read - PRODUCT
Why you need a centralized identity system for a multi-app business
This article is here to help you develop a secure and scalable identity system for your multi-app business. We will cover best practices, key factors to consider, and provide quick-start guides to get you started on the right track.May 06, 20236 min read - CHANGELOG
Logto 2023 April update
Logto product updates for April 2023April 30, 20232 min read - TECHNOLOGY
Mastering RBAC in Logto: A Comprehensive Real-World Example
This article offers a comprehensive guide on mastering Role-Based Access Control (RBAC) in Logto, using a real-world example of an online bookstore to explore key user roles, scopes, and integrating Logto's RBAC features in frontend and backend applications for enhanced security and access control.April 28, 202311 min read - PRODUCT
After trying a product’s sign-up process again, my friend decided to quit
In this article, we demonstrate how Logto can mitigate certain frustrating user sign-in/up scenarios by presenting a real-life use case of Thomas, who had trouble signing in to the W app.April 26, 20238 min read - CHANGELOG
Logto 2023 March update
Logto product updates for March 2023March 27, 20234 min read - PRODUCT
Announcing Logto Cloud (Preview) and OSS General Availability
Logto Cloud (Preview) has launched on Product Hunt. Come and support us!March 20, 20234 min read - CHANGELOG
Logto 2023 February update (extended)
Logto product updates for February 2023 (extended)February 26, 20236 min read - PRODUCT
Do you need to build your own auth for apps?
I’ve seen a lot of developers asking questions like “Should I build my own auth for my app?”. While the answer cannot be a simple "Yes" or "No", I’d like to write an article to breakdown the implementation and demonstrate the pros and cons to help you decide.February 16, 20237 min read - TECHNOLOGY
CIAM 102: Authorization & Role-based Access Control
Organization and Tenant are great for grouping Identities, but they lead to an absolute democracy: everyone can do anything in this system. While utopia is still a mystery, let’s take a look at the governance of access: Authorization (AuthZ).February 05, 20236 min read - CHANGELOG
Logto 2023 February update
Logto product updates for February 2023February 02, 20233 min read - CHANGELOG
Logto 2023 January update
Logto product updates for January 2023January 01, 20234 min read - PRODUCT
The design considerations for a seamless sign-in experience (Second Chapter)
In the previous piece, we discussed the development of the Sign-in Experience, and what makes a positive end-user encounter, and we ended on some thought-provoking topics. In this article, we'll answer these questions and show you how the Logto Admin Console can help.December 05, 20227 min read - TECHNOLOGY
CIAM 101: Authentication, Identity, SSO
Logto started with the CIAM for various reasons (we’ll have another article talking about this). During development, we realized that building a unified understanding across the team would be beneficial before taking our product to the next level. We hope this will also help you gain a better grasp of the IAM landscape.November 28, 202213 min read - PRODUCT
The design considerations for a seamless sign-in experience (First Chapter)
In this article, we'll go over the history of Sign-in Experience, including its conception, design decisions, and product tradeoffs. You will also gain a better grasp of how to construct a successful and frictionless sign-in or sign-up experience.November 15, 202215 min read - TECHNOLOGY
Logto x Hasura: How to use open-source auth + GraphQL solution to boost your project
In this article, we’ll focus on connecting Logto and Hasura, which enables you to implement authentication, authorization, and GraphQL APIs without friction. Thus you can quickly jump into your business without rocket-science learning.August 20, 20225 min read - TECHNOLOGY
TypeScript all-in-one: Monorepo with its pains and gains
In this article, I won’t compare monorepo and polyrepo since it’s all about philosophy. Instead, I’ll focus on the building and evolving experience and assume you are familiar with the JS/TS ecosystem.August 07, 20229 min read