Did you know? We have refreshed the Logto logo! We simplified the gradients but made our brand color stronger, resulting in improved recognizability.
We are grateful for your participation in testing Logto OSS, and we're excited to announce our first general availability version. In this version, we have delivered numerous improvements to the sign-in experience, making it more delightful for your end-users. This new release also includes several new practical features.
Note In case you missed it, please see the letter from Gao: Announcing Logto Cloud (Preview) and OSS General Availability.
Let's take a look at what's new!
💥 BREAKING CHANGE 💥
Rename the /api/phrase
API to /api/.well-known/phrases
.
New features
Custom CSS editor
The console now has a custom CSS code editor in the “Sign-in experience” tab that allows you to apply advanced UI customization to your application. You can preview your changes in real-time via the sign-in experience preview on the right side.
Image uploader
The console now supports a drag-and-drop image uploader for multiple scenarios. If a storage provider is configured in the system, you can upload images directly from your local file system. The first version of the uploader supports AWS S3 and Azure Blob Storage. For more information, please refer to the File storage provider documentation.
Console profile page
We have removed the previous profile component and moved it to the user profile page. You can access the page by clicking your user avatar in the top right corner. From there, you can also change your language or theme directly from the popover menu.
On the profile page, you can update your avatar, name, and username, as well as change your password. For cloud users, it is now possible to link your email address and social accounts (Google and GitHub at first launch).
Sign-in experience
Added "Powered by Logto" to the sign-in experience.
CLI
We have added a new CLI command db system
that allows you to get/set the system table value for your database. Enter logto db system --help
in your terminal for details.
Improvements
Add parameter to specify showing sign-in or sign-up
A new parameter have been added to our JavaScript SDKs which allows users to specify their desired user interaction experience. For instance, in our React SDK:
const { signIn } = useLogto();
// Shows the sign-in page
void signIn('https://some-callback-url');
// Shows the sign-up page
void signIn('https://some-callback-url', 'signUp');
Other SDKs will be updated soon.
Country code selector
A new country code selector dropdown component with a search box has been added to sign-in experience, allowing users to quickly search for a country code by typing in the search box.
Custom favicon
Users can now upload their own favicon in the sign-in-experience branding settings. A local logto icon will be used as a fallback.
Dynamic HTML titles
Instead of showing “Logto”, now sign-in experience will change the page title based on the current context, for example, “Create account”.
Enhanced password policy
The password policy has been updated to require a minimum of 8 characters and contain a mix of letters, numbers, and symbols. The allowed characters now include:
- Digits:
0-9
- Letters:
a-z
,A-Z
- Symbols:
!"#$%&'()*+,-./:;<=>?@[]^_`{|}~
Users must now use at least two out of three types of characters.
Note the new password policy only applies to new users or new passwords. Existing users can continue to use their old password to sign in.
Implement a lite version of set password form
The new lite version only contains one field for the password and will be used only if the forgot-password feature is enabled (password can be reset either by email and phone). If you don't have any email or SMS service enabled, the old version of set password form containing two fields (password and confirm password) will still be used.
Support Privacy Policy URL
A new Privacy Policy URL field has been added to the sign-in-experience settings to support end-users' privacy declaration needs.
Simplify the Terms of Use and Privacy Policy manual agreement for the sign-in flow
The Terms of Use and Privacy Policy manual agreement steps have been removed from the sign-in flow. The agreement checkbox in sign-in pages has been replaced with links to the Terms of Use and Privacy Policy.
Users can still read the agreements before signing in. However, the manual agreement is still mandatory for the sign-up flow, including sign-up with new social identities.
New Contributors
- @Eengineer1 made their first contribution in https://github.com/logto-io/logto/pull/3431