Trust and security

At Logto, we highly value trust and security. We have taken various measures to ensure the security of our services and established a community that is built on trust.

Try Logto Cloud
Contact us
banner

Trust with openness and transparency

figure

Born open-source, insured by open-source

Logto OSS is available as a self-host option. It offers you an additional layer of insurance when you use Logto Cloud, knowing that even in the unlikely event of Logto's discontinuation, you can still seamlessly transition to your self-hosted version.

  • Exceptional developer experience
  • Self-hosted assurance
  • Watched by a vast community
figure

Strictly adheres to open standards

Logto meticulously adheres to the battle-tested open standard known as OpenID Connect, built on OAuth 2.0. This protocol provides a solid foundation for our services, offering both flexibility and scalability. We also support SAML to meet enterprise-wide needs.

    figure

    Your data, you control

    Logto Cloud offers multiple regions (Europe, Australia, and US) for data hosting, allowing you to choose the location that best suits your needs. We also provide the assistance you need to export or delete your data, ensuring that you have full control over your information.

      360-degree protection through latest technologies

      Just like you, we appreciate the convenience of cloud services and software-as-a-service solutions. At Logto, we believe that certain complex challenges should be entrusted to professionals, and we employ state-of-the-art technologies to ensure comprehensive security.

      Enforced security, non-negotiable

      Flexible and highly available computing

      • Flexible infrastructure
      • Computing resources configured for high availability
      • Automated failover and disaster recovery

      Data isolation

      • Production data is rigorously separated
      • Each Logto tenant is allocated a dedicated database connection
      • Enforce Row-Level Security on user data tables

      Data protection

      • Databases are encrypted at rest
      • Regular database backups follow a geo-redundant policy
      • Private network enforced
      SOC logo

      SOC 2 Type II

      Logto is SOC 2 Type II certified, validating our Security, Availability, and Confidentiality controls. This achievement underscores our commitment to maintaining the highest standards of security and compliance.

      Embracing DevSecOps for continuous security

      Before each code change, our systems automatically perform code scanning and penetration tests. This proactive approach allows us to identify and rectify potential security weaknesses at an early stage, ensuring that our services remain robust and resilient against emerging threats.

      DevSecOps flow

      Unlock more with Logto Cloud

      Experience safety and trust in Logto Cloud

      Start with free
      Contact us