Developer
Logto is an identity and access management (IAM) service based on OAuth 2 and OIDC protocols. IAM services like Logto often serve as the foundation for other web services; various authorization states within those web services are directly affected by Logto.
In order to provide convenience to our users, Logto offers a series of commonly used developer features.
Sign-in experience related
Use custom scripts to attach additional claims to access tokens, enabling ABAC or rejecting token issuance.
Control which extended claims are included in ID tokens, following the OIDC specification.
Allow authorized users to temporarily act on behalf of end users, useful for troubleshooting, customer support, and administrative tasks.
Exchange a user access token for a downstream API access token so backend services can act for the current user.
Generics for developers
Provide system-level signing key, through the password vault, makes the auth service more secure.
Webhooks support real-time notifications regarding user information and permission updates through HTTP requests, enhance the convenience and flexibility of Logto integration.
Record user authentication-related activities to facilitate debugging and analysis of user activities.
Introduce the data structures, purposes, and methods in the SDK, allowing users to customize the SDK to fit various business scenarios.