Run every Logto operation through the Management API
Call the same endpoints powering the admin console from your backend code. Authenticate machine-to-machine apps with scoped tokens against a standard OpenAPI 3.1 spec.
When should you use the Management API?
Reach for the Management API when you need programmatic control, language flexibility, or stricter security boundaries.
Programmatic access
Multi-services
For security purposes
What you can build with the Management API
Common scenarios where teams reach for the Management API.
Implement user profile
Update usernames, emails, avatars, and linked social accounts directly from your backend, so the profile experience fits your product.
Ship your own dashboards on Logto's audit logs
Stream real-time audit data out of Logto into your own dashboard or data warehouse, on the schema and retention your team needs.
Advanced user search
Use the Management API for user-search filters the console does not expose.
- Basic fuzzy search
- Specify fields
- Changing the joint mode
- Exact match and case sensitivity
Machine-to-machine apps for backend integrations
Machine-to-machine apps authenticate as themselves rather than on behalf of a user. Issue them scoped tokens and they can call any Management API endpoint from another service.
What sets the Logto Management API apart
Coverage, transparency, and a calling experience built for production.
Extensive coverage
- Every console operation is in the API
- Our backend is fully open-source
- Scales to enterprise identity workloads
Built for production
- Detailed API documentation generated from the OpenAPI 3.1 spec
- Public status page with real-time health and performance
- Audited security with scoped machine-to-machine tokens
Frequently asked questions
Can I access the Logto Management API without a machine-to-machine app?
What areas are covered by the Management API?
Unlock more with Logto Cloud
Use the Logto Management API to drive every authentication and authorization operation from your own code.