English
Logto product updates
We’ve just rolled out v1.32, bringing new MFA options, better localization support, and a few handy improvements.
Email and phone MFA
You can now let users secure their accounts with either email or phone-based MFA, verified through OTP codes.
- New MFA factors: email verification code and SMS verification code.
- Bind these factors during registration or first sign-in when MFA is required.
- Use dedicated verification pages for sign-ins.
- Console updates: configure factors, see guidance, and get conflict warnings.
- Forgot password flows can now be customized in the Sign-in Experience.
OIDC ui_locales
support
Logto now supports the standard OIDC ui_locales
authentication parameter. This lets you control the language of authentication pages at runtime.
- The UI language is chosen based on the first supported tag in
ui_locales
. - Verification emails triggered during sign-in follow the same localization.
- The value is also available in email templates as
uiLocales
.
Other improvements
- Twilio connector: option to disable built-in risk checks.
- X connector: add the
users.email
scope to sync email addresses.
Bug fixes
- WebAuthn
rpId
now matches the request domain in the Account API, consistent with the sign-in experience (including custom domains).