Account settings
Logto provides a two collection of account settings APIs to allow users to manage their account and profiles stored in Logto.
Use Account APIs (Recommended)
Logto’s Account APIs are ready-to-use, front-end endpoints that let end users securely view and update their own information with built-in permission checks. Simply embed them in your client application to power a polished, self-service account settings page.
Key features:
- End-user settings: Users manage their own sign-in identifiers and credentials, social accounts, MFA methods, and profile data.
- Client-side integration: Designed for safe, direct use in your front-end.
- Minimal setup: Turnkey endpoints without custom server required.
- Permission control: Toggle which Account APIs are enabled via Management API settings.
Learn more about how to use the user Account APIs to build your own account settings page.
Use Management APIs
The Management APIs form Logto’s core administrative interface, accessible only to admins or back-end services. They deliver maximum flexibility and full CRUD control over every user account and allow you to build custom management tools. If you need a fully custom self-service portal or nonstandard user-management features, you can expose selected Management API endpoints behind your own “Account API” layer and secure them with your business’s auth logic.
Key features:
- Admin-only access: Intended for developers and back-office systems
- Full user lifecycle: Create, read, update, delete, suspend, or restore accounts
- Advanced operations: Generate personal access tokens, impersonate users, connect OAuth apps, customize workflows.
Learn more about how to use the user Management APIs to build your own account settings page.
Account API vs. Management API
| Feature | Account APIs | Management APIs |
|---|---|---|
| Intended user | End users | Admins / Developers |
| Access context | Client-side / front-end | Server-side / back-end |
| Permission model | Toggle which Account APIs are enabled via Management API. | Fully customizable by developers |
| Supported features | View, update, and delete: username, email, phone, password, social accounts, MFA, profile | All basic settings + Delete/suspend/restore account, Personal access tokens, user impersonation, connect OAuth apps, etc. |
| Setup complexity | Very low (plug-and-play) | Medium to high (requires custom implementation) |
| When to use | To quick launch a secure, self-service account settings page in your client app with minimal setup. | When Account APIs don’t meet your needs. E.g., for complex account deletion logic, high-risk actions, or building back-office tools. |