End-user flows

End-user flows cover all verification processes for user interactions, categorized as follows:

• Authentication flows: Involves user sign-in, registration, and password reset. Logto offers out-of-the-box experiences configured in Console > Sign-in experience, and you can bring your UI via Experience APIs.
• Account flows: Involves account settings, user profile, and security verification. Use Account APIs or Management APIs to implement.
• Organization flows: For multi-tenancy products, like B2B or SaaS services. Involves organization creation, member invitation, and management. Use Management APIs to integrate this into your apps.

Authentication flows

Flows	Details
Sign-up and sign-in	Email / phone / username sign-up Email / phone / username sign-in Social login Reset password Terms & Privacy Disable user registration
Enterprise SSO	SP-initiated SSO IdP-initiated SSO
Multi-factor authentication	Authenticator apps OTP Passkeys (WebAuthn) Backup codes
Authentication parameters	First screen Direct sign-in
Authorize third-party apps	Consent screen for OIDC / OAuth apps
Sign-out	Clear tokens and local session at the client side Clear sign-in session at Logto Federated sign-out: Back-channel logout

This section introduces Logto’s pre-built UI for a streamlined sign-in experience, helping you accelerate time-to-market. For more flexibility in customizing your sign-in UI, try the “Bring Your UI” feature with Logto Experience APIs.

Account flows

Flows	Details
Account settings	User profile and identifiers management Password management Social identities management Enterprise identities management MFA settings management Personal access token management Account deletion
Security verification	Password verification Email/SMS one-time code verification

Organization flows

Flows	Details
Organization experience	Create organization Invite organization members Organization management

Related resources

Video (Youtube): Logto authentication flows

Design (Figma): Logto authentication flows