• release

Logto product updates

We’ve just rolled out v1.32, bringing new MFA options, better localization support, and a few handy improvements.

Sijie
Sijie
Developer

Stop wasting weeks on user auth
Launch secure apps faster with Logto. Integrate user auth in minutes, and focus on your core product.
Get started
Product screenshot

Email and phone MFA

You can now let users secure their accounts with either email or phone-based MFA, verified through OTP codes.

  • New MFA factors: email verification code and SMS verification code.
  • Bind these factors during registration or first sign-in when MFA is required.
  • Use dedicated verification pages for sign-ins.
  • Console updates: configure factors, see guidance, and get conflict warnings.
  • Forgot password flows can now be customized in the Sign-in Experience.

👉 Learn more in the docs

OIDC ui_locales support

Logto now supports the standard OIDC ui_locales authentication parameter. This lets you control the language of authentication pages at runtime.

  • The UI language is chosen based on the first supported tag in ui_locales.
  • Verification emails triggered during sign-in follow the same localization.
  • The value is also available in email templates as uiLocales.

👉 More details here

Other improvements

  • Twilio connector: option to disable built-in risk checks.
  • X connector: add the users.email scope to sync email addresses.

Bug fixes

  • WebAuthn rpId now matches the request domain in the Account API, consistent with the sign-in experience (including custom domains).