Cette page est affichée en anglais. Une traduction française est en cours.
ScriptsApr 10, 2026·3 min de lecture

Logto — Open Source Authentication & Authorization for SaaS

Logto is an open-source Auth0 alternative providing OIDC/OAuth 2.1 authentication with multi-tenancy, SSO, RBAC, and MFA for modern SaaS and AI apps.

Script Depot
Script Depot · Community
Introduction

Logto is an open-source authentication and authorization platform built on OIDC and OAuth 2.1 standards. It provides a complete identity infrastructure for SaaS applications with multi-tenancy, social login, SSO, MFA, and role-based access control out of the box.

With 11.9K+ GitHub stars and MPL-2.0 license, Logto offers both self-hosted and cloud options, making it a viable alternative to Auth0, Clerk, and Firebase Auth with full data ownership.

What Logto Does

Logto handles the entire authentication and authorization lifecycle:

  • Sign-in Experience: Customizable login pages with email/password, phone OTP, social login (Google, GitHub, Apple, etc.), and passwordless options
  • Multi-tenancy: Organizations with member management, invitation flows, and per-org settings
  • Single Sign-On (SSO): Enterprise SSO with SAML and OIDC federation for connecting corporate identity providers
  • Access Control: Role-based access control (RBAC) with API resource permissions and organization-level roles
  • Multi-factor Authentication: TOTP authenticator apps, WebAuthn/passkeys, and backup codes

Architecture

┌──────────────┐     ┌──────────────┐     ┌──────────────┐
│  Your App    │────▶│  Logto Core  │────▶│  PostgreSQL  │
│  (SDK)       │     │  (OIDC/OAuth)│     │  (Users/Orgs)│
└──────────────┘     └──────┬───────┘     └──────────────┘
                            │
                     ┌──────┴───────┐
                     │ Admin Console│
                     │  (React SPA) │
                     └──────────────┘

Integration Example (Next.js)

npm install @logto/next
// app/api/logto/[action]/route.ts
import { handleSignIn, handleSignOut, handleCallback } from '@logto/next/server-actions';
import { logtoConfig } from './config';

export { handleSignIn, handleSignOut, handleCallback };

// logto.config.ts
export const logtoConfig = {
  endpoint: 'http://localhost:3001',
  appId: 'your-app-id',
  appSecret: 'your-app-secret',
  baseUrl: 'http://localhost:3000',
  cookieSecret: 'your-cookie-secret',
  cookieSecure: process.env.NODE_ENV === 'production',
};
// app/page.tsx
import { getLogtoContext } from '@logto/next/server-actions';

export default async function Home() {
  const { isAuthenticated, claims } = await getLogtoContext(logtoConfig);

  return isAuthenticated ? (
    <div>Welcome, {claims?.name}</div>
  ) : (
    <a href="/api/logto/sign-in">Sign In</a>
  );
}

SDKs Available

Logto provides official SDKs for all major platforms:

Platform Package
React @logto/react
Next.js @logto/next
Vue @logto/vue
Express @logto/express
Python (Flask/Django) logto
Go github.com/logto-io/go
iOS/Android Native SDKs

Self-Hosting

Docker Compose

services:
  logto:
    image: ghcr.io/logto-io/logto:latest
    ports:
      - "3001:3001"  # Core API
      - "3002:3002"  # Admin Console
    environment:
      DB_URL: postgres://logto:logto@postgres:5432/logto
      ENDPOINT: http://localhost:3001
      ADMIN_ENDPOINT: http://localhost:3002
    depends_on:
      - postgres

  postgres:
    image: postgres:16
    environment:
      POSTGRES_USER: logto
      POSTGRES_PASSWORD: logto
      POSTGRES_DB: logto
    volumes:
      - pg-data:/var/lib/postgresql/data

volumes:
  pg-data:

Logto vs Alternatives

Feature Logto Auth0 Clerk Firebase Auth
Open Source Yes (MPL-2.0) No No No
Self-hosted Yes No No No
Multi-tenancy Built-in Enterprise No No
SSO (SAML/OIDC) Yes Enterprise Enterprise No
MFA TOTP + Passkeys Yes Yes Phone only
Pricing Free (self-host) Free tier + paid Per MAU Free tier + paid

FAQ

Q: How many users can Logto handle? A: Self-hosted Logto runs on PostgreSQL and easily handles millions of users. The Cloud version uses a distributed architecture for even larger scale.

Q: Is it hard to migrate from Auth0 to Logto? A: Logto follows OIDC standards and provides user import APIs and compatible SDK interfaces. Most apps can migrate by simply swapping the SDK and configuration.

Q: Does it support machine-to-machine (M2M) authentication? A: Yes. Logto supports the client_credentials grant for service-to-service auth — great for microservices and API gateways.

🙏

Source et remerciements

Discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Unkey — Open-Source API Key Management Platform

Unkey is an open-source API key management platform that lets developers create, validate, and rate-limit API keys with sub-millisecond verification and usage-based billing support.

Script Depot

Flagsmith — Open-Source Feature Flags and Remote Config

Flagsmith is a self-hosted feature flag and remote configuration service with a web dashboard and SDKs for 18+ languages, enabling teams to manage feature rollouts and A/B tests without redeploying.

Script Depot

OpenStatus — Open-Source Monitoring and Status Page Platform

OpenStatus is an open-source uptime monitoring and status page platform that checks endpoints from multiple regions, tracks latency and availability, and serves beautiful public status pages for your services.

Script Depot
Accueil🔍Rechercher👤Moi