Logto
In progress
🔗
SAML IdP
Use Logto as a SAML identity provider.
33
🧑🚀
Account API
A set of APIs and rules that allow end-users to update their identifiers and profile.
18
Planned
🎨
Account center elements
A set of framework-agnostic web components that can interact with Account API.
24
✍️
Profile fulfillment
Collect mandatory and optional profile fields during user registration.
22
📫
Email template i18n
21
✨
Multiple custom domains
Support multiple custom domains and render different sign-in experience brandings according to the domain.
19
🔐
Passkey as a first authentication factor
Then no password is required for sign-in.
17
🔌
API authentication
Authenticate users via API. No redirect needed.
15
🖨️
Support device flow
Support RFC 8628: OAuth 2.0 Device Authorization Grant.
13
🔢
Authentication policy
Customize policies to control authentication, such as username rules, IP blacklist / whitelist, verification code expiration, etc.
12
Backlog
🚫
Block disposable email address registration
11
📄
RBAC as code
Allow to use code-based configuration to provision role-based access control, for example, a YAML file.
11
🛰️
Sign-in experience elements
A set of framework-agnostic web components that can interact with Experience API.
9
💅
Direct sign-in elements (DSE)
A set of framework-agnostic UI elements that can be customized and integrated within your apps.
8
🛡️
Adaptive MFA
Trigger MFA according to the current risk level, e.g. a new device.
7
🎩
Dev to production tenant duplication
Duplicate dev tenant configurations (connectors, roles, resources, etc.) to a new production tenant.
7
🚀
Logto Management API key
5
🌺
Organization portal
An out-of-the-box solution that allows org admins to manage identities, organization profiles, and set up enterprise SSO themselves.
4
⛵
Attribute-based access control (ABAC)
3
🚀
SCIM API
System for cross-domain identity management APIs.
2
🖲️
Support CIBA flow
Support Client Initiated Backchannel Authentication (CIBA) Flow.
1
🧟♀️
Restrict user sign-ins to a specific app within a multi-app product.
Block users at the login stage if they come from a specific app. This will essentially enable app-level authentication (beyond just branding).
0
🫧
RFC 9396: OAuth 2.0 Rich Authorization Requests
Implement RFC 9396 and provide some useful feature around it.
0
Powered by Productlane
Powered by Productlane
Terms of Service
Privacy