Highlights
- Account Center Configuration: You can now fully configure the Account Center directly within the Logto Console.
- MFA Skip Controls API: New API endpoints are introduced to manage Multi-Factor Authentication (MFA) skip controls for a more flexible user experience.
- Experience Compatibility Fix: Resolved a critical bug that prevented Logto Experience from working on older Android and some browser versions.
New Features & Enhancements
Logto Console
- Add Account Center Config Page: You can now configure the account center in the Logto Console.
- Keep the “Third-party applications” tab permanently visible on the Applications page.
Core & API Changes
- Add API for MFA Skip Controls: Expose
logto_configendpoints in account and management APIs for managing MFA skip controls:/api/my-account/logto-configs/api/admin/users/:userId/logto-configs
- Append
applicationIdto the Experience API audit logs for enhanced traceability. - Add Body-Based Personal Access Token APIs: Introduce
PATCH/POSTendpoints that accept token names in the request body to support special characters while keeping path-based routes for compatibility:PATCH /api/users/{userId}/personal-access-tokensPOST /api/users/{userId}/personal-access-tokens/delete
Bug Fixes & Stability
Logto Experience
- Fix an issue that prevents Logto Experience from working in Android 11 and some older browser versions. The issue was introduced by the usage of the
||=operator, which is not supported in these older environments. - Fix the country code dropdown menu position on desktop. This includes fixing the initial position calculation and adding a max dropdown menu top position to prevent it from going off-screen on smaller displays.
Core Logic
- Fix a bug that the
localeparameter used in email templates does not respect the user custom languages. - Remove deprecated interaction API endpoints from OpenAPI swagger documentation, as they have been replaced by the Experience API endpoints.