I spent a year fighting Logto auth wiring. So I packaged it.

Hazem — Tue, 31 Mar 2026 19:31:24 +0000

If you've ever integrated Logto into a React app, you know the drill.

The official SDK gives you the primitives, and then you spend the next few hours building the same stuff you built last time - a callback page, a sign-in route, backend JWT verification, cookie syncing, JWKS caching. It's not hard, just tedious. And somehow you end up doing it again on the next project.

I've been using Logto for almost a year across several of my own apps and I got tired of it. So I built @ouim/logto-authkit - an opinionated React auth toolkit that wraps @logto/react with all that missing layer.

What it ships:

AuthProvider + useAuth with route protection built in
Prebuilt SignInPage, CallbackPage, UserCenter dropdown
Backend JWT verification for Express and Next.js App Router
JWKS caching with automatic invalidation on key rotation
CSRF protection, guest mode, popup sign-in support

It's been running in production on a couple of my apps - tstore.ouim.me and mocka.ouim.me - and I think it's mature enough now to get real users and contributors.

If you use Logto and have opinions about auth APIs, I'd genuinely love the feedback. What's missing? What feels wrong?

Repo: github.com/ouim-me/logto-authkit

DEV Community: Hazem

I spent a year fighting Logto auth wiring. So I packaged it.