⚡ Get started
There are some nuanced differences in accessing the admin console between the Open-source and Cloud Preview versions.
Cloud Preview is a Software-as-a-Service (SaaS) version of Logto. It offers users more options for account creation and basic cloud operations than the open-source version.
Users can sign up and sign in using Google, GitHub, email with a password, or a verification code. Once you've entered the cloud, you can manage your resources and profile information within the platform.
During sign-up, you'll go through an onboarding flow that helps Logto understand your needs and preferences to personalize your experience. Although it only takes a few steps, the onboarding flow can be incredibly helpful in quickly getting started and successfully building authentication and authorization.
Click here to start a GitPod workspace for Logto. Wait a few moment, you'll see the message like:
Logto uses port
3001 for its core service and port
3002 for the interactive Admin Console by default.
To continue your Logto journey, press Ctrl (or Cmd) and click the link that starts with
- Docker Compose
Docker Compose CLI usually comes with Docker Desktop.
Do not use our docker compose command for production! Since we currently have a built-in Postgres database bundled together with the Logto app in
every time you re-execute the command a new database instance will be created, and any data persisted previously will be lost.
curl -fsSL https://raw.githubusercontent.com/logto-io/logto/HEAD/docker-compose.yml | docker compose -p logto -f - up
After a successful composition, you will see the message like:
Prepare a PostgreSQL@^14.0 instance, and using Logto CLI to seed a database for Logto:
logto db seed
npx @logto/cli db seed
Pull the image:
docker pull ghcr.io/logto-io/logto:latest
docker pull svhd/logto:latest
Map the container ports to Logto core and admin app, e.g.,
3002:3002; and set the following environment variables to the container:
TRUST_PROXY_HEADER: 1 # Set to 1 if you have an HTTPS proxy (e.g. Nginx) in front of Logto
ENDPOINT: https://<your-logto-domain> # (Optional) Replace with your Logto endpoint URL if you are using a custom domain
ADMIN_ENDPOINT: https://<your-logto-admin-domain> # (Optional) Replace with your Logto admin URL if you are using a custom domain
DB_URL: postgres://username:[email protected]_postgres_url:port/db_name # Replace with your Postgres DSN
Run the container with all the environment variables above:
docker run \
--name logto \
-p 3001:3001 \
-p 3002:3002 \
-e TRUST_PROXY_HEADER=1 \
-e ENDPOINT=https://<your-logto-domain> \
-e ADMIN_ENDPOINT=https://<your-logto-admin-domain> \
-e DB_URL=postgres://username:[email protected]_postgres_url:port/db_name \
- If you are using Docker Hub, use
DB_URLto refer to the host IP.
Finally, you will see the message like:
Higher versions usually work but are not guaranteed.
We recommend using a new empty database which is dedicated for Logto, while it's not a hard requirement.
Download and start
In your terminal:
npm init @[email protected]
Once you complete the init process and start Logto, you will see the message like:
Core app is running at http://localhost:3001
Core app is running at https://your-domain-url
Admin app is running at http://localhost:3002
Admin app is running at https://your-admin-domain-url
Heading to http://localhost:3002/ to continue your Logto journey. Enjoy!
Logto uses environment variables for configuration, along with
.env file support. See Configuration for detailed usage and full variable list.
Check out Core Service if you want more advanced controls or programmatic access to Logto.
My browser cannot load Admin Console (showing error
Crypto.subtle is unavailable...)
Admin Console uses Web Crypto API, which requires secure contexts, i.e. HTTPS or HTTP with
If you use HTTP with an IP address or custom domain, then the browser cannot load Admin Console.
I'm using a custom domain, but my browser cannot load Admin Console (showing error
If you are using a custom domain rather than
localhost, you need to set the environment variable
ENDPOINT to the Logto URL. It is because of the strict requirement of Redirect URI in OIDC. See Configuration for details.
I'm using an HTTPS proxy (e.g., Nginx) in front of Logto, but I failed on sign-in (showing error
TypeError: Failed to fetch)
- First, make sure you have set the node environment variable
true. See Configuration for details.
- Also, you need to set
httpsin your proxy config. See Trusting TLS offloading proxies for details.
I'm facing CORS issues.
ADMIN_ENDPOINTis not specified,
localhost:[admin-port]will be allowed to perform Cross-Origin Resource Sharing (CORS) in Logto.
ADMIN_ENDPOINTis specified, only requests from the origin of
ADMIN_ENDPOINTwill be allowed.
What is this again?
Error: Invalid id token
If you are not messing up with your tokens, then in most cases this is caused by a mismatch of your server time and client time. Sync the time on both your server and client and try again.
Create an account
Once you have successfully hosted Logto on your server, click on "Create Account" on the welcome page. Keep in mind that the open-source version of Logto only allows for one account creation during the initial launch and does not support multiple accounts. The account creation process is limited to username and password combinations.
After creating your account, you will be automatically redirected to the "Get Started" tab, which provides a quick overview of what Logto can do. The onboarding items provided include both actionable resources that can be immediately utilized, as well as those that may require some level of preparation beforehand.
Our doc tutorial will follow the same order as what you see in the "Get Started" tab. Overall, these items are meant to be explored and leveraged to help you achieve success.
Depending on whether you are an open-source user, an individual developer, or an enterprise user, you may see different recommendations and guiding content. It's important to note that these recommendations are not feature differentiations between segments but rather suggestions to help you navigate and make the most of Logto.
One of our goals is to ensure that the features are available to everyone, regardless of whether they are using the open-source or cloud version.
Let's review each item and explore what you can do in Logto!