mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
1.9 KiB
1.9 KiB
@logto/core | @logto/integration-tests | @logto/phrases | @logto/schemas | @logto/connector-kit |
---|---|---|---|---|
minor | minor | minor | minor | minor |
add account api
Introduce the new Account API, designed to give end users direct API access without needing to go through the Management API, here is the highlights:
- Direct access: The Account API empowers end users to directly access and manage their own account profile without requiring the relay of Management API.
- User profile and identities management: Users can fully manage their profiles and security settings, including the ability to update identity information like email, phone, and password, as well as manage social connections. MFA and SSO support are coming soon.
- Global access control: Admin has full, global control over access settings, can customize each fields.
- Seamless authorization: Authorizing is easier than ever! Simply use
client.getAccessToken()
to obtain an opaque access token for OP (Logto), and attach it to the Authorization header asBearer <access_token>
.
Get started
![Note] Go to the Logto Docs to find full API reference.
- Use
/api/account-center
endpoint to enable the feature, for security reason, it is disabled by default. And set fields permission for each field. - Use
client.getAccessToken()
to get the access token. - Attach the access token to the Authorization header of your request, and start interacting with the Account API directly from the frontend.
- You may need to setup
logto-verification-id
header as an additional verification for some requests related to identity verification.
What you can do with Account API
- Get user account profile
- Update basic information including name, avatar, username and other profile information
- Update password
- Update primary email
- Update primary phone
- Manage social identities