Logto — Open Source Authentication & Authorization for SaaS
Logto is an open-source Auth0 alternative providing OIDC/OAuth 2.1 authentication with multi-tenancy, SSO, RBAC, and MFA for modern SaaS and AI apps.
%20by%20%E2%80%9ELisa%20Wischofsky%E2%80%9D%2C%20licensed%20under%20%E2%80%9ECC0%201.0%E2%80%9D%20(https%3A%2F%2Fcreativecommons.org%2Fpublicdomain%2Fzero%2F1.0%2F)%3C%2Fdc%3Arights%3E%3C%2Frdf%3ADescription%3E%3C%2Frdf%3ARDF%3E%3C%2Fmetadata%3E%3Cmask%20id%3D%22viewboxMask%22%3E%3Crect%20width%3D%22980%22%20height%3D%22980%22%20rx%3D%22490%22%20ry%3D%22490%22%20x%3D%220%22%20y%3D%220%22%20fill%3D%22%23fff%22%20%2F%3E%3C%2Fmask%3E%3Cg%20mask%3D%22url(%23viewboxMask)%22%3E%3Crect%20fill%3D%22url(%23backgroundLinear)%22%20width%3D%22980%22%20height%3D%22980%22%20x%3D%220%22%20y%3D%220%22%20%2F%3E%3Cdefs%3E%3ClinearGradient%20id%3D%22backgroundLinear%22%20gradientTransform%3D%22rotate(145%200.5%200.5)%22%3E%3Cstop%20stop-color%3D%22%23FFD7BA%22%2F%3E%3Cstop%20offset%3D%221%22%20stop-color%3D%22%23FEF3E2%22%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Cg%20transform%3D%22translate(10%20-60)%22%3E%3Cpath%20fill-rule%3D%22evenodd%22%20clip-rule%3D%22evenodd%22%20d%3D%22M421%20119c11%206%2021%2013%2028%2023%2010%2011%2017%2023%2019%2038%202%2013%200%2027-5%2039%2016-6%2034-9%2051-10%2035-1%2070%205%20102%2017%2026%2010%2049%2025%2066%2048%2011%2013%2017%2029%2021%2046%201%207%202%2015%201%2022l-1%207c0%203%200%207-2%2010-4%2013-15%2023-27%2027-3%201-7%202-10%200-2-1-2-4-3-6l-1-2-9-23-10-34-3-11-10-1a441%20441%200%200%201-21-1c-3%200-5-2-8-4l-9-7-3-2-5%2012c-3%202-6%202-9%201l-17-4c-27-4-54-5-81-3a633%20633%200%200%200-75%208%20615%20615%200%200%200-19-6l1%209%202%2018c-1%204-1%207-3%2010l-7%2014-14%2028c-7%2017-12%2034-16%2052-1%203-2%205-4%206a74%2074%200%200%201-12%202c5%209%205%2019%205%2029-1%2012-2%2026-9%2037%208%2010%2010%2023%2011%2036%200%2018-1%2035-8%2052-2%204-5%209-9%2011h-5l-2-10-1-5c-2-14-9-28-20-38%207%2025%2018%2049%2032%2072%2010%2018%2021%2034%2033%2051l5%208%204%205%2011%2016%202%204%204%206c0%205-5%2010-9%2012-3%200-7-2-10-4l-7-6a67%2067%200%200%201-7-4l-6-3c-6-2-12-1-18%201-7%202-13%206-18%2010h-2c-6%205-11%2011-15%2019-1%202-3%202-4%200-4-3-3-9-2-14%203-7%208-14%2013-20%207-7%2017-11%2026-14-35-34-59-79-74-125a393%20393%200%200%201-20-138v-5c2-21%205-42%2012-63l6-17%204-8c-12-2-24-9-31-19s-10-22-9-34a148%20148%200%200%201%2055-99c15-21%2035-38%2059-49%2019-9%2041-13%2062-10a73%2073%200%200%201%2061%2064l1%208a215%20215%200%200%200%201%205c1-6%202-13%201-19-2-12-8-22-15-32-10-12-20-22-33-30-5-4-12-6-18-8l-6-2%205-2c14-2%2027%202%2038%209Zm136%20108c31%203%2062%2013%2088%2030a111%20111%200%200%201%2044%2051c-8-10-16-20-26-29a196%20196%200%200%200-58-35c-15-7-32-13-48-17Zm-318%2021c-6%2013-12%2028-12%2042%200%2011%206%2022%2015%2028l13%207%203-6a78%2078%200%200%201-19-40c-2-10-1-21%200-31Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M495%20234c28%201%2056%206%2084%2015a201%20201%200%200%201%20100%2065c19%2025%2031%2055%2035%2086a361%20361%200%200%201%202%20101l-5%2034-4%2020c-1%202-1%202-3%202-2-4-2-8-2-12-1-15%201-29%202-44%201-24%203-48%201-72l-6-45c-7-28-20-54-40-75-18-18-40-33-63-43-22-9-44-15-67-19-18-3-36-4-54-4a277%20277%200%200%200-128%2029c-13%209-25%2020-35%2032a276%20276%200%200%200-55%20139c-1%2024%200%2047%208%2070l7%2015%2012%201%201%203c-3%202-7%202-11%203-10%202-20%206-29%2012-7%205-14%2011-18%2019-5%2010-3%2022-1%2033%205%2019%2017%2037%2033%2049%2011%209%2025%2014%2039%2016%2010%202%2020%200%2030-1%205%204%208%2012%2011%2017l18%2027a136%20136%200%200%200%2066%2050c22%209%2045%2014%2068%2019l41%208%2017%205v4h-12a535%20535%200%200%201-67-8%20255%20255%200%200%201-84-33c-11-7-21-16-29-27a214%20214%200%200%201-16%20123c-15%2027-40%2048-70%2057-3%201-7%202-10%201-2%200-2-1-2-3%201-3%204-5%206-6%2012-8%2026-14%2038-23%2013-11%2024-23%2031-38%206-15%2010-32%2012-49%202-13%203-26%202-40l-4-38-18-36-19%204a88%2088%200%200%201-75-38%2093%2093%200%200%201-20-58c0-9%203-18%208-25s12-13%2019-17c5-4%2012-6%2018-8l-9-24c-5-22-5-45-2-67a292%20292%200%200%201%2063-149c9-10%2018-19%2029-26%207-4%2014-5%2020-9%2043-19%2090-25%20137-22Z%22%20fill%3D%22%23000%22%2F%3E%3Cpath%20d%3D%22M475%20243a276%20276%200%200%201%20121%2023c23%2010%2045%2025%2063%2043%2020%2021%2033%2047%2040%2075l6%2045c2%2024%200%2048-1%2072-1%2015-3%2029-2%2044%200%204%200%208%202%2012l-1%2020c-2%205-2%2010-2%2016-2%2024-2%2049-6%2074-1%2012-3%2025-8%2036-3%209-8%2017-15%2024-12%2013-27%2024-43%2033-19%2011-39%2016-58%2024-5%202-10%204-13%208%208%201%2015%200%2023-2-5%2012-6%2024-6%2036%200%205-1%2011%201%2016%203%205%208%209%2013%2012l35%2013c22%208%2043%2018%2065%2027%202%204%205%207%206%2012%206%2011%207%2023%203%2035-5%2013-15%2024-27%2031-16%2011-36%2019-55%2024a494%20494%200%200%201-235-7c-20-7-40-14-58-24-14-8-29-18-40-31-6-8-11-19-12-29a122%20122%200%200%200%2086-107c4-24%204-49%200-73%208%2011%2018%2020%2029%2027l27%2014a331%20331%200%200%200%20124%2027h12v-4l-17-5-41-8c-23-5-46-10-68-19-13-6-27-13-39-21-10-9-19-18-27-29l-18-27c-3-5-6-13-11-17-10%201-20%203-30%201-14-2-28-7-39-16a94%2094%200%200%201-33-49c-2-11-4-23%201-33%204-8%2011-14%2018-19%209-6%2019-10%2029-12%204-1%208-1%2011-3l-1-3-12-1-7-15c-8-23-9-46-7-70a276%20276%200%200%201%2054-139c10-12%2022-23%2035-32a277%20277%200%200%201%20128-30Z%22%20fill%3D%22%23ffffff%22%2F%3E%3Cpath%20d%3D%22M260%20571c4%200%207%200%2011%202%205%201%2011%204%2014%208%202%203%202%207%200%2010-5%206-12%2010-16%2016%206%204%2014%206%2021%209%204%201%208%203%2011%206l1%203-8-2-24-7c-4-1-8-3-9-7-1-3%201-7%203-10l15-13c-4-7-15-8-19-15ZM703%20577l2%203%202%2016a483%20483%200%200%201-2%2089c-2%2011-5%2023-10%2033a198%20198%200%200%201-106%2071c-1%2014-3%2031-2%2047l5%205c8%206%2018%209%2027%2012a451%20451%200%200%201%2068%2028c7%204%2013%209%2018%2015-5%201-10-1-16-2-22-9-43-19-65-27l-35-13c-5-3-10-7-13-12-2-5-1-11-1-16%200-12%201-24%206-36-8%202-15%203-23%202%203-4%208-6%2013-8%2019-8%2039-13%2058-24%2016-9%2031-20%2043-33%207-7%2012-15%2015-24%205-11%207-24%208-36%204-25%204-50%206-74%200-6%200-11%202-16Z%22%20fill%3D%22%23000%22%2F%3E%3Cpath%20d%3D%22M668%20488c8%200%2016%204%2022%2010%202%203%205%208%204%2012%200%203-4%205-4%208-2%208-9%2014-16%2018-4%202-11%202-14-2-3-3-3-8-4-12%200-8%203-17%206-24-4%200-8%202-11%205-11%206-19%2017-24%2028-2%203-3%208-6%2010-1%201-3%201-4-1v-9c4-13%2012-25%2022-34%209-6%2019-9%2029-9ZM444%20498c20-1%2043%202%2060%2013%209%205%2017%2013%2020%2023%202%204%200%207-2%2011-2%203-7%205-11%207-12%203-24%201-36-1-5-1-11-2-14-6-4-5-3-11-1-17%201-7%203-14%209-20h-23c-17%202-33%209-47%2020-2%202-5%204-8%203-5%200-8-5-7-9s4-6%207-8c16-10%2035-14%2053-16Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M494%20368c5%200%209%203%2011%207%208%208%2015%2018%2020%2028%202%205%204%2010%203%2015-1%202-2%204-4%203l-5-6c-4-8-10-15-16-22%200%204%201%2010-1%2013-1%204-4%206-8%206-5%200-10-4-14-7l-13-5c-2%201-4%203-6%202l-11-2-20-2-18%202c3-4%208-6%2013-8%2010-5%2021-5%2032-4%203%201%206-2%2010-1%2010%200%2017%204%2025%2010l-4-19c-1-4%201-9%206-10ZM637%20383c3%201%205%202%205%205%200%204-3%208-5%2013%204-2%207-5%2011-5%203%201%204%203%206%206%205-2%2012-4%2018-2%203%201%204%203%205%205-3%203-6%205-10%206-5%202-11%204-16%204-3%200-5-2-7-3l-10%206c-3%200-6-1-7-4l-1-8-8%2015-4%206c-2%200-3%200-4-2-2-3%201-8%202-11%203-8%208-16%2014-23%203-3%206-7%2011-8Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M609%20602c1%209-4%2016-9%2023-4%203-9%206-15%206s-13-3-19-5c-4-2-8-3-11-6l5-4c9-1%2017%203%2025%204%204%200%207-3%209-6%205-5%209-10%2015-12Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20fill-rule%3D%22evenodd%22%20clip-rule%3D%22evenodd%22%20d%3D%22M622%20659c1-4-5-4-7-4-15%200-30%203-45%207a441%20441%200%200%200-84%2036c-6%203-11%207-15%2013l-2%204%205-1c5-5%2012-8%2018-12%200%207%200%2014%204%2020%203%206%209%2010%2015%2011%209%201%2019-3%2026-9%2011-8%2018-20%2024-32%203-6%203-11%203-17%2016-6%2033-9%2049-12h1c3%200%206-1%208-4Zm-84%2048c6-8%2011-18%2014-29l-27%2010c0%207-4%2014-7%2021l-1-6v-1l2-12-23%2010v1c2%206%204%2014%209%2018%204%205%2010%205%2016%203%207-3%2013-9%2017-15Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M508%20220a271%20271%200%200%201%2097%2024c14%207%2029%2014%2042%2023%208%205%2016%2011%2022%2018l22%2025c-9%204-18%203-27%202-17-2-34-4-51-3l-8-1-7-5-12-8c0%204-1%207-3%2011-2%202-4%203-7%203-4-1-7-3-11-3a470%20470%200%200%200-155%203h-11l-18-6c1%209%204%2018%203%2026-1%204-1%208-3%2011-7%2014-15%2027-21%2042-7%2017-13%2035-17%2053%200%202-1%204-3%205l-12%202c5%209%206%2020%205%2030-1%2012-3%2026-9%2036%207%209%2010%2021%2010%2033%201%2019%200%2037-7%2055-2%204-5%209-10%2011-1%201-4%201-4-1-2-4-2-9-3-13-2-15-9-29-20-40-8-7-17-14-26-19-6-2-11-4-16-8l-6-8c-12-32-16-67-12-101a285%20285%200%200%201%2037-113c10-16%2022-30%2035-43%2010-9%2020-17%2031-23l14-5%2032-11%2019-2h43c23%200%2044-2%2067%200Z%22%20fill%3D%22%23000000%22%2F%3E%3C%2Fg%3E%3Cg%20transform%3D%22translate(10%20-60)%22%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fsvg%3E){kind=small}
What it is
Logto is an open-source authentication and authorization platform built on OIDC and OAuth 2.1 standards. It provides a complete identity infrastructure for SaaS applications including customizable sign-in pages, social login (Google, GitHub, Apple), enterprise SSO via SAML and OIDC, multi-factor authentication, role-based access control, and multi-tenancy with per-organization settings. Released under MPL-2.0.
Logto targets SaaS developers who need production-ready authentication without building it from scratch. It serves as an alternative to Auth0, Clerk, and Firebase Auth with full data ownership when self-hosted.
How it saves time or tokens
Logto eliminates the weeks of development typically needed to implement authentication, authorization, and user management. The pre-built sign-in UI handles all edge cases (password reset, email verification, social login flows) out of the box. Multi-tenancy support with organization management saves significant custom development for B2B SaaS products.
How to use
- Run the Docker container with PostgreSQL connection configured.
- Access the admin console at localhost:3002 to configure your sign-in experience and application settings.
- Integrate with your application using the Logto SDK for your framework (React, Next.js, Vue, Express, etc.).
Example
docker run --name logto -p 3001:3001 -p 3002:3002 \
-e DB_URL=postgres://postgres:password@host.docker.internal:5432/logto \
ghcr.io/logto-io/logto:latest
# Admin console at http://localhost:3002
# Auth endpoint at http://localhost:3001Related on TokRepo
- AI Tools for Security -- Authentication and security tools for applications
- AI Tools for API -- API gateway and auth tools
Common pitfalls
- The Docker container requires a PostgreSQL database; the embedded database option is for development only and does not persist data across restarts.
- OIDC redirect URIs must be configured exactly; trailing slashes or protocol mismatches cause silent authentication failures.
- Multi-tenancy (Organizations) requires the cloud plan or self-hosted enterprise setup; the basic self-hosted version has limited multi-tenancy features.
Frequently Asked Questions
Logto provides core Auth0 features -- OIDC, social login, SSO, MFA, RBAC, and organizations -- as open-source software. Auth0 has a larger ecosystem of pre-built integrations and a more mature rule/action system. Logto is free when self-hosted, while Auth0 charges based on active users. For new SaaS projects, Logto covers most authentication needs at zero cost.
Yes. Logto supports passwordless sign-in via magic links, email OTP, and SMS OTP. You can configure passwordless as the primary sign-in method or offer it alongside traditional email/password authentication.
Yes. The admin console provides a sign-in experience editor where you configure branding (logo, colors, dark mode), sign-in methods, social connector buttons, and terms of service links. For deeper customization, you can build a custom sign-in page using the Logto SDK.
Logto offers official SDKs for React, Next.js, Vue, Angular, Express, Koa, Python, Go, Swift (iOS), and Kotlin (Android). The SDKs handle the OIDC flow, token management, and session handling. Any OIDC-compatible library also works with Logto.
Yes. Logto supports SAML and OIDC federation for enterprise SSO, multi-tenancy with per-organization settings, and user provisioning. Enterprise customers can sign in through their corporate identity provider (Okta, Azure AD, Google Workspace) while you manage access through Logto's organization system.
Citations (3)
- Logto GitHub— Logto is an open-source Auth0 alternative with OIDC/OAuth 2.1
- Logto Documentation— OIDC and OAuth 2.1 standards for authentication
- IETF OAuth 2.1— OAuth 2.1 specification draft
Related on TokRepo
Source & Thanks
- GitHub: logto-io/logto — 11.9K+ ⭐ | MPL-2.0
- Website: logto.io
Discussion
Related Assets
doctest — The Fastest Feature-Rich C++ Testing Framework
doctest is a single-header C++ testing framework designed for minimal compile-time overhead and maximum speed.
Chai — BDD/TDD Assertion Library for Node.js
Chai is a flexible assertion library for Node.js and browsers that supports expect, should, and assert styles.
Supertest — HTTP Assertion Library for Node.js APIs
Supertest provides a high-level API for testing HTTP servers in Node.js with fluent assertion chaining.