Logto blog

Discover Logto and explore plenty of resources on authentication, authorization, identity management, open standards (OAuth, OpenID Connect, SAML), and more.

Featured posts

Cover

Changelogs

  • release

Logto product updates

It's time for a new Logto release! This month, we're introducing the new Account API for direct user management, Microsoft EntraID SSO connector enhancements and improved sign-in experience features.

Yijun
Yijun
Developer
Logto product updates

Tech

  • authentication
  • authorization
  • oauth
  • openid-connect
  • oidc
  • application
  • api

Secure cloud-based applications with OAuth 2.0 and OpenID Connect

Secure cloud-based applications with OAuth 2.0 and OpenID Connect

Tutorial

  • custom-ui
  • bring-your-own-ui
  • custom-sign-in
  • custom-auth-flow

Bring your own sign-in UI to Logto Cloud

Bring your own sign-in UI to Logto Cloud

All posts

  • Cover

    Product

    • token
    • oidc
    • refresh token
    • rotation
    • security

    What is refresh token rotation and why is it important?

    Dive in and let's talk about why refresh token rotation is an effective way to protect the safety of your refresh tokens.

    What is refresh token rotation and why is it important?
  • Cover

    Product

    • pricing-update

    Logto plan update: Optimizing token quotas to protect Logto from abuse and ensure reliability

    Token changes will only affect Free plan users and new Pro users.

    Logto plan update: Optimizing token quotas to protect Logto from abuse and ensure reliability
  • Cover

    Product

    • token
    • oidc
    • refresh token
    • access token
    • ID token

    Understanding access tokens, refresh tokens, and ID tokens in OpenID Connect (OIDC) protocol

    The OpenID Connect (OIDC) Protocol, has emerged as a widely adopted standard for identity management. But do you really understand the roles and attributes of these tokens?

    Understanding access tokens, refresh tokens, and ID tokens in OpenID Connect (OIDC) protocol
  • Cover

    Product

    • pricing
    • auth0 alternatives
    • auth0

    2024 Auth0's latest pricing explained and the best Auth0 alternatives

    Auth0 has updated its pricing twice within a year. This article provides an overview and breaks down the key details. It covers what Auth0 is, a summary of its pricing, and the best alternatives to Auth0.

    2024 Auth0's latest pricing explained and the best Auth0 alternatives
  • Cover

    Product

    • authenticator app
    • 2FA
    • MFA
    • TOTP
    • Google Authenticator
    • Microsoft Authenticator

    What is an authenticator app

    Learn what an authenticator app is and how it protects your accounts. Includes a detailed explanation of how it works and a step-by-step example guide to use an authenticator app.

    What is an authenticator app
  • Cover

    Product

    • OTP bots
    • MFA
    • Authentication
    • Security
    • Passwordless

    OTP bots: What they are and how to prevent attacks

    Learn what OTP bots are, how they exploit one-time passwords with real cases, and strategies to protect your business from these cyber threats. This guide offers actionable tips for professionals in product development and enterprise management.

    OTP bots: What they are and how to prevent attacks
  • Cover

    Product

    • webhook
    • welcome email
    • Sync authorization

    Real use cases: Expanding your auth system with webhooks

    Discover real-world cases of using Logto webhooks for authentication and authorization, including sending welcome emails, syncing data to your database, updating user roles/permissions in real-time, and integrating with third-party analytics.

    Real use cases: Expanding your auth system with webhooks
  • Cover

    Product

    • 404-not-found
    • logto-unknown-session
    • authorization-code-flow

    Why you might see a 404 when signing in to your Logto-integrated app

    Have you ever encountered a "404 Not Found" error when you tried to sign in to a Logto-integrated app? This blog post explains why this happens and what you can do to avoid it.

    Why you might see a 404 when signing in to your Logto-integrated app
  • Cover

    Product

    • enterprise sso
    • customer iam
    • workforce iam
    • single sign-in

    Enterprise SSO: What it is, how it works, and why it matters

    Explore the world of Enterprise Single Sign-On (SSO) and discover how it can benefit your business. This guide includes straightforward explanations, real-world examples, and practical tips.

    Enterprise SSO: What it is, how it works, and why it matters
  • Cover

    Product

    • google
    • google one tap
    • experience
    • account linking
    • direct sign in

    Set up authentication and maximize Google login conversions with 6 configurations

    Learn 6 easy tricks to improve user conversions, including Google One Tap, account linking, embedded sign-in, and more. See real results like 2x increased sign-ups.

    Set up authentication and maximize Google login conversions with 6 configurations
  • Cover

    Product

    • product
    • developers
    • growth

    5 go-to-market lessons I learned from driving a developer-led growth product

    Lessons and practices learned in driving Logto’s growth with developers.

    5 go-to-market lessons I learned from driving a developer-led growth product
  • Cover

    Product

    • logto
    • pricing
    • add-on
    • explanation
    • example

    Logto add-on pricing: A simple explanation

    In this article, we will explain the add-on pricing in Logto in a simple way with examples.

    Logto add-on pricing: A simple explanation
  • Cover

    Product

    • branding
    • design
    • color-palette
    • HSL

    Color palette in branding: How Logto generate a custom color scheme for your brand

    How audiences perceive a brand is strongly influenced by color psychology. By using a carefully crafted color palette, brand recognition can be enhanced, leaving a lasting impression. To achieve this, we've developed a system that generates harmonious color schemes from a single base color, utilizing the HSL color model.

    Color palette in branding: How Logto generate a custom color scheme for your brand
  • Cover

    Product

    • magic-link
    • oidc
    • sign-in
    • authentication
    • passwordless

    Is magic link sign-in dying? A closer look at its declining popularity

    Magic link sign-in is a convenient and secure way to authenticate users. However, its popularity has been declining in recent years. Let's explore the reasons behind this trend and discuss the future of magic link sign-in.

    Is magic link sign-in dying? A closer look at its declining popularity
  • Cover

    Product

    • api
    • security
    • authentication
    • PAT
    • API Key
    • machine-to-machine

    Personal Access Tokens, Machine-to-Machine authentication, and API Keys definition and their real-world scenarios

    Learn the differences between Personal Access Tokens (PATs), Machine-to-Machine (M2M) authentication, and API Keys, and how they can be used.

    Personal Access Tokens, Machine-to-Machine authentication, and API Keys definition and their real-world scenarios
  • Cover

    Product

    • pricing
    • pro-plan
    • add-ons

    Update on Logto Cloud pricing: Add-ons start charging

    We would like to share some important updates regarding our Pro plan and how it will enhance your experience with Logto.

    Update on Logto Cloud pricing: Add-ons start charging
  • Cover

    Product

    • auth
    • integration
    • logto
    • protected-app

    The fastest way to build an authentication system

    Slash authentication setup time to under one hour with Logto! With no-code integration, a free built-in email service, step-by-step guides of social connection, and one-click authentication flow configuration, Logto make authentication a breeze.

    The fastest way to build an authentication system
  • Cover

    Product

    • Just-in-Time

    Understand Just-in-Time provisioning

    Just-in-Time provisioning is a process used in identity and access management systems to create user accounts on the fly as they sign in to a system for the first time. This article explains the basics of Just-in-Time provisioning and answers common questions about its implementation.

    Understand Just-in-Time provisioning
  • Cover

    Product

    • logto
    • management-api
    • api
    • machine-to-machine
    • organization
    • user-profile
    • user-search
    • audit-log
    • migration

    Exploring the full potential of the Logto Management API

    In this article, we will reemphasize the definition of the Logto Management API, explain how it works, and showcase typical scenarios to boost your productivity and unlock more use cases.

    Exploring the full potential of the Logto Management API
  • Cover

    Product

    • content
    • design
    • marketing
    • website

    Designing and implementing our company's marketing site: My journey from content to implementation

    We recently refreshed our company's website. This blog post details the tools and methods we used to improve our website.

    Designing and implementing our company's marketing site: My journey from content to implementation