Skip to main content

Account settings

Logto provides a two collection of account settings APIs to allow users to manage their account and profiles stored in Logto.

Logto’s Account APIs are ready-to-use, front-end endpoints that let end users securely view and update their own information with built-in permission checks. Simply embed them in your client application to power a polished, self-service account settings page.

Key features:

  • End-user settings: Users manage their own sign-in identifiers and credentials, social accounts, MFA methods, and profile data.
  • Client-side integration: Designed for safe, direct use in your front-end.
  • Minimal setup: Turnkey endpoints without custom server required.
  • Permission control: Toggle which Account APIs are enabled via Management API settings.

Use Management APIs

The Management APIs form Logto’s core administrative interface, accessible only to admins or back-end services. They deliver maximum flexibility and full CRUD control over every user account and allow you to build custom management tools. If you need a fully custom self-service portal or nonstandard user-management features, you can expose selected Management API endpoints behind your own “Account API” layer and secure them with your business’s auth logic.

Key features:

  • Admin-only access: Intended for developers and back-office systems
  • Full user lifecycle: Create, read, update, delete, suspend, or restore accounts
  • Advanced operations: Generate personal access tokens, impersonate users, connect OAuth apps, customize workflows.

Account API vs. Management API

FeatureAccount APIsManagement APIs
Intended userEnd usersAdmins / Developers
Access contextClient-side / front-endServer-side / back-end
Permission modelToggle which Account APIs are enabled via Management API.Fully customizable by developers
Supported featuresView, update, and delete: username, email, phone, password, social accounts, MFA, profileAll basic settings + Delete/suspend/restore account, Personal access tokens, user impersonation, connect OAuth apps, etc.
Setup complexityVery low (plug-and-play)Medium to high (requires custom implementation)
When to useTo quick launch a secure, self-service account settings page in your client app with minimal setup.When Account APIs don’t meet your needs. E.g., for complex account deletion logic, high-risk actions, or building back-office tools.