Get default sign-in experience settings

GET /api/sign-in-exp
O auth2

Get the default sign-in experience settings.

Responses

  • 200 application/json

    Default sign-in experience settings.

    Hide response attributes Show response attributes object
    • tenantId string Required

      Maximum length is 21.

    • id string Required

      Minimum length is 1, maximum length is 21.

    • color object Required

      The primary branding color for the sign-in page (both light/dark mode).

      Hide color attributes Show color attributes object
      • primaryColor string(regex) Required

        Format should match the following pattern: /^#[\da-f]{3}([\da-f]{3})?$/i.

      • isDarkModeEnabled boolean Required
      • darkPrimaryColor string(regex) Required

        Format should match the following pattern: /^#[\da-f]{3}([\da-f]{3})?$/i.

    • branding object Required
      Hide branding attributes Show branding attributes object
      • logoUrl string(url)
      • darkLogoUrl string(url)
      • favicon string(url)
      • darkFavicon string(url)
    • languageInfo object Required

      The language detection policy for the sign-in page.

      Hide languageInfo attributes Show languageInfo attributes object
      • autoDetect boolean Required
      • fallbackLanguage string Required

        Values are af-ZA, am-ET, ar, ar-AR, as-IN, az-AZ, be-BY, bg-BG, bn-IN, br-FR, bs-BA, ca-ES, cb-IQ, co-FR, cs-CZ, cx-PH, cy-GB, da-DK, de, de-DE, el-GR, en, en-GB, en-US, eo-EO, es, es-ES, es-419, et-EE, eu-ES, fa-IR, ff-NG, fi, fi-FI, fo-FO, fr, fr-CA, fr-FR, fy-NL, ga-IE, gl-ES, gn-PY, gu-IN, ha-NG, he-IL, hi-IN, hr-HR, ht-HT, hu-HU, hy-AM, id-ID, ik-US, is-IS, it, it-IT, iu-CA, ja, ja-JP, ja-KS, jv-ID, ka-GE, kk-KZ, km-KH, kn-IN, ko, ko-KR, ku-TR, ky-KG, lo-LA, lt-LT, lv-LV, mg-MG, mk-MK, ml-IN, mn-MN, mr-IN, ms-MY, mt-MT, my-MM, nb-NO, ne-NP, nl, nl-BE, nl-NL, nn-NO, or-IN, pa-IN, pl-PL, ps-AF, pt, pt-BR, pt-PT, ro-RO, ru, ru-RU, rw-RW, sc-IT, si-LK, sk-SK, sl-SI, sn-ZW, sq-AL, sr-RS, sv, sv-SE, sw-KE, sy-SY, sz-PL, ta-IN, te-IN, tg-TJ, th, th-TH, tl-PH, tr, tr-TR, tt-RU, tz-MA, uk-UA, ur-PK, uz-UZ, vi-VN, zh, zh-CN, zh-HK, zh-MO, zh-TW, or zz-TR.

    • termsOfUseUrl string | null Required

      Maximum length is 2048.

    • privacyPolicyUrl string | null Required

      Maximum length is 2048.

    • agreeToTermsPolicy string Required

      Values are Automatic, ManualRegistrationOnly, or Manual.

    • signIn object Required

      Sign-in method settings.

      Hide signIn attribute Show signIn attribute object
      • methods array[object] Required
        Hide methods attributes Show methods attributes object
        • identifier string Required

          Values are username, email, or phone.

        • password boolean Required
        • verificationCode boolean Required
        • isPasswordPrimary boolean Required
    • signUp object Required

      Sign-up method settings.

      Hide signUp attributes Show signUp attributes object
      • identifiers array[string] Required

        Allowed identifiers when signing-up.

        Values are username, email, or phone.

      • password boolean Required

        Whether the user is required to set a password when signing-up.

      • verify boolean Required

        Whether the user is required to verify their email/phone when signing-up.

      • secondaryIdentifiers array[object]

        Additional identifiers required during sign-up. Once specified, users will be prompted to provide these identifiers when creating an account.

        Hide secondaryIdentifiers attributes Show secondaryIdentifiers attributes object
    • socialSignIn object Required
      Hide socialSignIn attribute Show socialSignIn attribute object
      • automaticAccountLinking boolean
    • socialSignInConnectorTargets array[string] Required

      Enabled social sign-in connectors, will displayed on the sign-in page.

    • signInMode string Required

      Values are SignIn, Register, or SignInAndRegister.

    • customCss string | null Required
    • customContent object Required

      Custom content to display on experience flow pages. the page pathname will be the config key, the content will be the config value.

      Hide customContent attribute Show customContent attribute object
      • * string Additional properties
    • customUiAssets object | null Required
      Hide customUiAssets attributes Show customUiAssets attributes object | null
      • id string Required
      • createdAt number Required
    • passwordPolicy object Required

      Password policies to adjust the password strength requirements.

      Hide passwordPolicy attributes Show passwordPolicy attributes object
      • length object

        Default value is {} (empty).

        Hide length attributes Show length attributes object
        • min number Required

          Default value is 8.

        • max number Required

          Default value is 256.

      • characterTypes object

        Default value is {} (empty).

        Hide characterTypes attribute Show characterTypes attribute object
        • min number Required

          Default value is 1.

      • rejects object

        Default value is {} (empty).

        Hide rejects attributes Show rejects attributes object
        • pwned boolean Required

          Default value is true.

        • repetitionAndSequence boolean Required

          Default value is true.

        • userInfo boolean Required

          Default value is true.

        • words array[string] Required

          Default value is [] (empty).

    • mfa object Required

      MFA settings

      Hide mfa attributes Show mfa attributes object
      • factors array[string] Required

        Values are Totp, WebAuthn, or BackupCode.

      • policy string Required

        Values are UserControlled, Mandatory, PromptOnlyAtSignIn, PromptAtSignInAndSignUp, or NoPrompt.

      • organizationRequiredMfaPolicy string

        Values are NoPrompt or Mandatory.

    • singleSignOnEnabled boolean Required
    • supportEmail string | null Required

      The support email address to display on the error pages.

    • supportWebsiteUrl string | null Required

      The support website URL to display on the error pages.

    • unknownSessionRedirectUrl string | null Required

      The fallback URL to redirect users when the sign-in session does not exist or unknown. Client should initiates a new authentication flow after the redirection.

    • captchaPolicy object Required
      Hide captchaPolicy attribute Show captchaPolicy attribute object
      • enabled boolean
    • sentinelPolicy object Required

      Custom sentinel policy settings. Use this field to customize the user lockout policy. The default value is 100 failed attempts within one hour. The user will be locked out for 60 minutes after exceeding the limit.

      Hide sentinelPolicy attributes Show sentinelPolicy attributes object
      • maxAttempts number
      • lockoutDuration number
    • emailBlocklistPolicy object Required

      Define email restriction policies. Users will be prohibited from registering or linking any email addresses that are included in the blocklist.

      Hide emailBlocklistPolicy attributes Show emailBlocklistPolicy attributes object
      • blockDisposableAddresses boolean
      • blockSubaddressing boolean

        Whether to block sub-addresses. (E.g., example+shopping@test.com)

      • customBlocklist array[string]

        Custom blocklist of email addresses or domains.

      • blockDisposableAddress

        Cloud only. Whether to block disposable email addresses. Once enabled, Logto will check the email domain against a list of known disposable email domains. If the domain is found in the list, the email address will be blocked.
  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    Default sign-in experience settings not found.

GET /api/sign-in-exp 
curl \
 --request GET 'https://[tenant_id].logto.app/api/sign-in-exp' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
{
  "tenantId": "string",
  "id": "string",
  "color": {
    "primaryColor": "string",
    "isDarkModeEnabled": true,
    "darkPrimaryColor": "string"
  },
  "branding": {
    "logoUrl": "string",
    "darkLogoUrl": "string",
    "favicon": "string",
    "darkFavicon": "string"
  },
  "languageInfo": {
    "autoDetect": true,
    "fallbackLanguage": "af-ZA"
  },
  "termsOfUseUrl": "string",
  "privacyPolicyUrl": "string",
  "agreeToTermsPolicy": "Automatic",
  "signIn": {
    "methods": [
      {
        "identifier": "username",
        "password": true,
        "verificationCode": true,
        "isPasswordPrimary": true
      }
    ]
  },
  "signUp": {
    "identifiers": [
      "username"
    ],
    "password": true,
    "verify": true,
    "secondaryIdentifiers": [
      {
        "identifier": "username",
        "verify": true
      }
    ]
  },
  "socialSignIn": {
    "automaticAccountLinking": true
  },
  "socialSignInConnectorTargets": [
    "string"
  ],
  "signInMode": "SignIn",
  "customCss": "string",
  "customContent": {
    "additionalProperty1": "string",
    "additionalProperty2": "string"
  },
  "customUiAssets": {
    "id": "string",
    "createdAt": 42.0
  },
  "passwordPolicy": {
    "length": {
      "min": 8,
      "max": 256
    },
    "characterTypes": {
      "min": 1
    },
    "rejects": {
      "pwned": true,
      "repetitionAndSequence": true,
      "userInfo": true,
      "words": []
    }
  },
  "mfa": {
    "factors": [
      "Totp"
    ],
    "policy": "UserControlled",
    "organizationRequiredMfaPolicy": "NoPrompt"
  },
  "singleSignOnEnabled": true,
  "supportEmail": "string",
  "supportWebsiteUrl": "string",
  "unknownSessionRedirectUrl": "string",
  "captchaPolicy": {
    "enabled": true
  },
  "sentinelPolicy": {
    "maxAttempts": 42.0,
    "lockoutDuration": 42.0
  },
  "emailBlocklistPolicy": {
    "blockDisposableAddresses": true,
    "blockSubaddressing": true,
    "customBlocklist": [
      "string"
    ]
  }
}