Change Updates

Do not miss any Logto API references changes, ever again

Subscribe to the Logto API references changelog to be up to date on recent changes.

RSS

Changelog

Last update:
Compare
7 structure changes including:
7 Modifications
Modified 7
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
        • userAgentParsed, injectedHeaders properties Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • adaptiveMfa property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • adaptiveMfa property Added
6 structure changes including:
6 Modifications
Modified 6
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • property Modified
        • object-1 alternative Modified
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
GET /api/experience/interaction
  • Response
  • 200 response Modified
    • application/json content type Modified
      • profile property Modified
        • socialIdentity property Modified
      • verificationRecords property Modified
        • property Modified
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • property Modified
      • object-1 property Modified
        • context property Modified
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
  • 201 response Modified
    • application/json content type Modified
      • alternative Modified
        • object-1 alternative Modified
2 structure changes including:
2 Modifications
Modified 2
POST /api/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
PUT /api/users/{userId}/roles
  • Response
  • 200 response Modified
    • application/json content type Modified
      • Type is now object
      • property Added
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • socialSignIn property Modified
      • skipRequiredIdentifiers property Added
    • passkeySignIn property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • socialSignIn property Modified
        • skipRequiredIdentifiers property Added
      • passkeySignIn property Added
7 structure changes including:
7 Modifications
Modified 7 Breaking
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
POST /api/applications
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris property Modified
        • object property Modified
          • Removing polymorphism is always breaking
            Breaking
      • postLogoutRedirectUris property Modified
        • Type went from array[string(url)] to array[object]
          Breaking
        • object property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • oidcClientMetadata property Modified
        • redirectUris property Modified
        • postLogoutRedirectUris property Modified
          • Type went from array[string(url)] to array[object]
            Breaking
7 structure changes including:
7 Modifications
Modified 7
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
7 structure changes including:
7 Modifications
Modified 7 Breaking
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
7 structure changes including:
7 Modifications
Modified 7
DELETE /api/applications/{id}/legacy-secret
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • customClientMetadata property Modified
      • allowTokenExchange property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customClientMetadata property Modified
        • allowTokenExchange property Added
4 structure changes including:
4 Modifications
Modified 4 Breaking
POST /api/experience/verification/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/experience/verification/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
4 structure changes including:
4 Modifications
Modified 4 Breaking
POST /api/experience/verification/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/experience/verification/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
POST /api/verifications/verification-code/verify
  • Body
  • application/json content type Modified
    • identifier property Modified
      • identifier alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1, object-2 alternatives Added
3 structure changes including:
3 Modifications
Modified 3
GET /api/my-account/mfa-verifications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • lastUsedAt property Added
GET /api/users/{userId}/mfa-verifications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • lastUsedAt property Added
POST /api/my-account/mfa-verifications
  • Body
  • application/json content type Modified
    • alternative Modified
      • object-2 alternative Modified
        • code property Added
      • object-5 alternative Modified
        • code property Added
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • captchaConfig property Modified
        • domain, mode properties Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • captchaConfig property Modified
        • domain, mode properties Added
GET /api/captcha-provider
  • Response
  • 200 response Modified
    • application/json content type Modified
      • config property Modified
        • object-2 alternative Modified
PUT /api/captcha-provider
  • Body
  • application/json content type Modified
    • config property Modified
      • object-2 alternative Modified
        • domain, mode properties Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • config property Modified
        • object-2 alternative Modified
2 structure changes including:
2 Modifications
Modified 2
GET /api/saml/{id}/authn
  • Query
  • RelayState query parameter Modified
    • Type went from string to string | null
POST /api/saml/{id}/authn
  • Body
  • application/json content type Modified
    • RelayState property Modified
      • Type went from string to string | null
2 structure changes including:
1 Addition
1 Modification
Modified 1
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • protectedAppMetadata property Modified
      • Type went from object to object | null
Added 1
GET /api/.well-known/account-center
3 structure changes including:
3 Modifications
Modified 3
GET /api/domains
  • Response
  • 200 response Modified
    • application/json content type Modified
      • createdAt property Added
GET /api/domains/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • createdAt property Added
POST /api/domains
  • Response
  • 201 response Modified
    • application/json content type Modified
      • createdAt property Added
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • hideLogtoBranding property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • hideLogtoBranding property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • hideLogtoBranding property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • hideLogtoBranding property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • hideLogtoBranding property Added
3 structure changes including:
2 Additions
1 Modification
Modified 1 Breaking
PATCH /api/users/{userId}/personal-access-tokens/{name}
  • Response
  • 204 response Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
Added 2
PATCH /api/users/{userId}/personal-access-tokens
POST /api/users/{userId}/personal-access-tokens/delete
4 structure changes including:
4 Additions
Added 4
GET /api/my-account/logto-configs
GET /api/users/{userId}/logto-configs
PATCH /api/my-account/logto-configs
PATCH /api/users/{userId}/logto-configs
22 structure changes including:
22 Breaking changes
22 Removals
Removed 22 Breaking
DELETE /api/interaction
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
DELETE /api/interaction/profile
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
GET /api/interaction/consent
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
GET /api/interaction/single-sign-on/connectors
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PATCH /api/interaction/identifiers
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PATCH /api/interaction/profile
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/bind-mfa
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/consent
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/single-sign-on/{connectorId}/authentication
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/single-sign-on/{connectorId}/authorization-url
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/single-sign-on/{connectorId}/registration
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/submit
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/verification/social-authorization-uri
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/verification/totp
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/verification/verification-code
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/verification/webauthn-authentication
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
POST /api/interaction/verification/webauthn-registration
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PUT /api/interaction
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PUT /api/interaction/event
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PUT /api/interaction/mfa
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PUT /api/interaction/mfa-skipped
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
PUT /api/interaction/profile
  • Removing a resource is always breaking unless it was deprecated before
    Breaking
2 structure changes including:
2 Modifications
Modified 2
POST /api/organization-invitations
  • Body
  • application/json content type Modified
    • messagePayload property Modified
      • object-1 alternative Modified
        • uiLocales property Added
POST /api/organization-invitations/{id}/message
  • Body
  • application/json content type Modified
    • uiLocales property Added