logi Developer Guide
logi is a minimal-data identity provider. It never stores legal names or national ID numbers — it tracks only a flag (identity_verified_level). There is exactly one auth flow: OAuth 2.0 + PKCE (no vendor lock-in, no backward-compatibility shims).
Who this guide is for
- Partner developers: adding logi login to your web or mobile app
- iOS/Android developers: wiring up native SSO (SwiftUI / Compose)
- Security engineers: evaluating logi as an IdP
- SRE / operators: a Cloudflare + Render deployment checklist
How the docs are organized
| Section | What's inside |
|---|---|
| Quickstart | Run the full flow in 5 minutes with curl alone |
| Core Concepts | IdP / Client / User / Scope / Consent / token lifetimes |
| OAuth 2.0 + PKCE | Sequence diagrams + RFC-compliance notes |
| Security | redirect_uri, state, PKCE, rotation, rate limits |
| Webhooks | Event types, HMAC verification, retry policy |
| Frameworks | Production-ready code for Next.js, Rails, Swift, Express |
| API Reference | Scalar UI (OpenAPI 3.1) |
| CLI / MCP | Tooling reference |
Three promises
- Standards only — OAuth 2.0 / OIDC 1.0 / WebAuthn L3 / TOTP RFC 6238. No vendor extensions.
- Minimal PII — email, an optional phone number, and an
identity_verified_levelinteger. Never legal names or national ID numbers. - You stay in control — revoke refresh tokens, passkeys, and consent individually. Sign-in history is soft-deleted.
Alpha status
logi is currently in v0.1 alpha. Hold off on production use until the domain, pricing, and SLA are finalized. For the current status, see the changelog.