Do not miss any Logto API references changes, ever again

Subscribe to the Logto API references changelog to be up to date on recent changes.

RSS

Changelog

Last update:
Compare
1 structure change including:
1 Addition
Added 1
GET /api/users/{userId}/sessions/{sessionId}
17 structure changes including:
5 Additions
12 Modifications
Modified 12 Breaking
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/experience/verification/sign-in-web-authn/authentication/verify
  • Body
  • application/json content type Modified
    • verificationId property Added
  • Response
  • 409 response Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • fields property Modified
      • session property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
GET /api/.well-known/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • session property Added
Added 5
POST /api/experience/verification/sign-in-web-authn/authentication
GET /api/users/{userId}/sessions
GET /api/my-account/sessions
DELETE /api/users/{userId}/sessions/{sessionId}
DELETE /api/my-account/sessions/{sessionId}
12 structure changes including:
3 Breaking changes
9 Modifications
3 Removals
Modified 9 Breaking
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
POST /api/experience/verification/sign-in-web-authn/authentication/verify
  • Body
  • application/json content type Modified
    • verificationId property Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
  • Response
  • 409 response Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
Removed 3 Breaking
DELETE /api/users/{userId}/sessions/{sessionId}
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
GET /api/users/{userId}/sessions
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/experience/verification/sign-in-web-authn/authentication
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
7 structure changes including:
1 Addition
6 Modifications
Modified 6
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-2 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-2 alternative Modified
GET /api/users/{userId}/sessions
  • Response
  • 500 response Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-2 alternative Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-2 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-2 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-2 alternative Modified
Added 1
DELETE /api/users/{userId}/sessions/{sessionId}
3 structure changes including:
2 Additions
1 Modification
Modified 1
POST /api/experience/verification/sign-in-web-authn/authentication/verify
  • Body
  • application/json content type Modified
    • verificationId property Added
  • Response
  • 409 response Added
Added 2
GET /api/users/{userId}/sessions
POST /api/experience/verification/sign-in-web-authn/authentication
5 structure changes including:
5 Modifications
Modified 5
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1, object-2 alternatives Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
      • object-2 property Modified
        • context property Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1, object-2 alternatives Modified
3 structure changes including:
3 Modifications
Modified 3 Breaking
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • signInContext, mfaRequirement properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
4 structure changes including:
1 Addition
3 Modifications
Modified 3
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • passkeySkipped property Added
GET /api/users/{userId}/logto-configs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • skipMfaOnSignIn property Added
      • passkeySignIn property Added
PATCH /api/users/{userId}/logto-configs
  • Body
  • application/json content type Modified
    • mfa property Modified
      • skipMfaOnSignIn property Added
    • passkeySignIn property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • skipMfaOnSignIn property Added
      • passkeySignIn property Added
Added 1
POST /api/experience/profile/mfa/passkey-skipped
2 structure changes including:
2 Additions
Added 2
GET /api/configs/id-token
PUT /api/configs/id-token
3 structure changes including:
3 Modifications
Modified 3 Breaking
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext property Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext property Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • injectedHeaders property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • signInContext property Added
6 structure changes including:
6 Modifications
Modified 6
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signInContext property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
11 structure changes including:
2 Additions
9 Modifications
Modified 9
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • verificationRecords property Modified
        • property Modified
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • mfaRequirement property Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • mfaRequirement property Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • mfaRequirement property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
Added 2
POST /api/experience/preflight/sign-in-web-authn/authentication
POST /api/experience/verification/sign-in-web-authn/authentication/verify
7 structure changes including:
7 Modifications
Modified 7
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • adaptiveMfa property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
6 structure changes including:
6 Modifications
Modified 6
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profile property Modified
        • socialIdentity property Modified
      • verificationRecords property Modified
        • property Modified
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
2 structure changes including:
2 Modifications
Modified 2
POST /api/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
PUT /api/users/{userId}/roles
  • Response
  • 200 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • socialSignIn property Modified
      • skipRequiredIdentifiers property Added
    • passkeySignIn property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
7 structure changes including:
7 Modifications
Modified 7 Breaking
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
POST /api/applications
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
7 structure changes including:
7 Modifications
Modified 7
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
7 structure changes including:
7 Modifications
Modified 7 Breaking
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
7 structure changes including:
7 Modifications
Modified 7
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added