Do not miss any Logto API references changes, ever again

Subscribe to the Logto API references changelog to be up to date on recent changes.

RSS

Changelog

Last update:
Compare
1 structure change including:
1 Modification
Modified 1
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • appLevelAccessControlEnabled property Added
17 structure changes including:
17 Modifications
Modified 17
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customProfileFieldCatalog property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customProfileFieldCatalog property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
GET /api/saml-applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
PATCH /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/saml-applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
POST /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Modified
POST /api/saml-applications
  • Response
  • 201 response Modified
    • application/json content type Modified
      • appLevelAccessControlEnabled property Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
1 structure change including:
1 Modification
Modified 1
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • protectedAppMetadata property Modified
      • additionalScopes property Modified
        • Property is no longer required
15 structure changes including:
15 Modifications
Modified 15
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
DELETE /api/applications/{id}/secrets/{name}
  • Response
  • 500 response Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • protectedAppMetadata property Modified
      • additionalScopes property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
PATCH /api/applications/{id}/secrets/{name}
  • Response
  • 500 response Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • protectedAppMetadata property Modified
        • additionalScopes property Added
POST /api/applications/{id}/secrets
  • Response
  • 500 response Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
2 structure changes including:
2 Modifications
Modified 2
GET /api/hooks/{id}/recent-logs
  • Query
  • start_time, end_time query parameters Added
GET /api/logs
  • Query
  • start_time, end_time query parameters Added
12 structure changes including:
1 Addition
11 Modifications
Modified 11 Breaking
GET /api/.well-known/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profileFields property Added
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiCsp property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiCsp property Added
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profileFields property Added
GET /api/hooks/{id}/recent-logs
  • Query
  • enableCap query parameter Added
GET /api/logs
  • Query
  • enableCap query parameter Added
GET /api/my-account/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • isCurrent property Modified
          • Property is now required
            Breaking
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiCsp property Added
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • profileFields property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profileFields property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • customUiCsp property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiCsp property Added
POST /api/my-account/identities
  • Response
  • 422 response Added
Added 1
PUT /api/my-account/identities
1 structure change including:
1 Modification
Modified 1
GET /api/my-account/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • isCurrent property Added
9 structure changes including:
1 Addition
8 Modifications
Modified 8
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUpProfileFields property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUpProfileFields property Added
GET /api/configs/oidc/{keyType}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • status, effectiveAt properties Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUpProfileFields property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • signUpProfileFields property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUpProfileFields property Added
POST /api/configs/oidc/{keyType}/rotate
  • Body
  • application/json content type Modified
    • rotationGracePeriod property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • status, effectiveAt properties Added
POST /api/organizations/{id}/users
  • Response
  • 201 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
POST /api/organizations/{id}/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
Added 1
POST /api/domains/cleanup
7 structure changes including:
7 Modifications
Modified 7
GET /api/.well-known/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customCss property Added
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customCss property Added
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • customCss property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customCss property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Body
  • application/json content type Modified
    • blockIssuanceOnError property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Body
  • application/json content type Modified
    • blockIssuanceOnError property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
25 structure changes including:
7 Additions
18 Modifications
Modified 18
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Modified
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • maxAllowedGrants property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • maxAllowedGrants property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • deleteAccountUrl property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • deleteAccountUrl property Added
GET /api/users/{userId}/sessions/{sessionId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • lastSubmission property Modified
        • verificationRecords property Modified
GET /api/users/{userId}/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • lastSubmission property Modified
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
GET /api/my-account/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • lastSubmission property Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • deleteAccountUrl property Added
GET /api/.well-known/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • deleteAccountUrl property Added
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • maxAllowedGrants property Added
Added 7
PUT /api/my-account/mfa-verifications/totp
PATCH /api/configs/oidc/session
GET /api/users/{userId}/grants
GET /api/my-account/grants
GET /api/configs/oidc/session
DELETE /api/users/{userId}/grants/{grantId}
DELETE /api/my-account/grants/{grantId}
9 structure changes including:
9 Modifications
Modified 9
GET /api/my-account/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • payload property Modified
GET /api/users
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
GET /api/users/{userId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
  • Query
  • includePasswordHash query parameter Added
GET /api/users/{userId}/sessions
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sessions property Modified
        • payload property Modified
GET /api/users/{userId}/sessions/{sessionId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • authorizations property Modified
          • Property is no longer required
PATCH /api/users/{userId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
PATCH /api/users/{userId}/is-suspended
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
PATCH /api/users/{userId}/password
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
POST /api/users
  • Response
  • 200 response Modified
    • application/json content type Modified
      • passwordDigest, passwordAlgorithm properties Added
24 structure changes including:
9 Additions
15 Modifications
Modified 15
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Modified
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • isDeviceFlow property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
PATCH /api/users/{userId}/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • additionalBindingSuggestionSkipped property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • adaptiveMfa property Modified
      • Type is now object
      • enabled property Added
PATCH /api/my-account/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • additionalBindingSuggestionSkipped property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • isDeviceFlow property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • isDeviceFlow property Added
Added 9
POST /api/experience/verification/sign-in-passkey/authentication/verify
POST /api/experience/verification/sign-in-passkey/authentication
POST /api/experience/profile/mfa/mfa-enabled
POST /api/experience/preflight/sign-in-passkey/authentication
GET /api/users/{userId}/sessions/{sessionId}
GET /api/users/{userId}/sessions
GET /api/my-account/sessions
DELETE /api/users/{userId}/sessions/{sessionId}
DELETE /api/my-account/sessions/{sessionId}
9 structure changes including:
1 Addition
8 Modifications
Modified 8
GET /api/.well-known/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profile property Modified
        • submitted property Added
      • mfa property Modified
        • mfaEnabled property Added
GET /api/my-account/logto-configs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • enabled, skipMfaOnSignIn properties Added
      • passkeySignIn property Added
GET /api/users/{userId}/logto-configs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • enabled property Added
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • fields property Modified
      • session property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
PATCH /api/my-account/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • Property is no longer required
      • skipped property Modified
        • Property is no longer required
      • enabled, skipMfaOnSignIn properties Added
    • passkeySignIn property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • enabled, skipMfaOnSignIn properties Added
      • passkeySignIn property Added
PATCH /api/users/{userId}/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • Property is no longer required
      • skipped, skipMfaOnSignIn properties Modified
        • Properties are no longer required
      • enabled property Added
    • passkeySignIn property Modified
      • Property is no longer required
      • skipped property Modified
        • Property is no longer required
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • enabled property Added
Added 1
POST /api/experience/profile/mfa/passkey
8 structure changes including:
8 Modifications
Modified 8 Breaking
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
15 structure changes including:
4 Additions
11 Modifications
Modified 11 Breaking
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • verificationRecords property Modified
        • property Modified
      • mfa property Modified
        • passkeySkipped property Added
      • signInContext property Added
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext, mfaRequirement properties Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext, mfaRequirement properties Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext, mfaRequirement properties Added
GET /api/users/{userId}/logto-configs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • skipMfaOnSignIn property Added
      • passkeySignIn property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
PATCH /api/users/{userId}/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • skipMfaOnSignIn property Added
    • passkeySignIn property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • skipMfaOnSignIn property Added
      • passkeySignIn property Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
Added 4
GET /api/.well-known/account-center
GET /api/configs/id-token
POST /api/experience/profile/mfa/passkey-skipped
PUT /api/configs/id-token
15 structure changes including:
15 Modifications
Modified 15
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • adaptiveMfa, passkeySignIn properties Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • adaptiveMfa, passkeySignIn properties Added
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profile property Modified
        • socialIdentity property Modified
      • verificationRecords property Modified
        • property Modified
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • adaptiveMfa, passkeySignIn properties Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • socialSignIn property Modified
      • skipRequiredIdentifiers property Added
    • passkeySignIn, adaptiveMfa properties Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • adaptiveMfa, passkeySignIn properties Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
POST /api/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
PUT /api/users/{userId}/roles
  • Response
  • 200 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
7 structure changes including:
7 Modifications
Modified 7 Breaking
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
      • customClientMetadata property Modified
        • allowTokenExchange property Added
4 structure changes including:
4 Modifications
Modified 4 Breaking
POST /api/experience/verification/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/experience/verification/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
7 structure changes including:
7 Modifications
Modified 7
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • captchaConfig property Modified
        • domain, mode properties Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • captchaConfig property Modified
        • domain, mode properties Added
GET /api/captcha-provider
  • Response
  • 200 response Modified
    • application/json content type Modified
      • config property Modified
        • object-2 alternative Modified
GET /api/my-account/mfa-verifications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • lastUsedAt property Added
GET /api/users/{userId}/mfa-verifications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • lastUsedAt property Added
POST /api/my-account/mfa-verifications
  • Body
  • application/json content type Modified
    • alternative Modified
      • object-2 alternative Modified
        • code property Added
      • object-5 alternative Modified
        • code property Added
PUT /api/captcha-provider
  • Body
  • application/json content type Modified
    • config property Modified
      • object-2 alternative Modified
        • domain, mode properties Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • config property Modified
        • object-2 alternative Modified
2 structure changes including:
2 Modifications
Modified 2
GET /api/saml/{id}/authn
  • Query
  • RelayState query parameter Modified
    • Type went from string to string | null
POST /api/saml/{id}/authn
  • Body
  • application/json content type Modified
    • RelayState property Modified
      • Type went from string to string | null