Hanko is an open-source authentication and user management solution with a focus on moving the login beyond passwords while being 100% deployable today.
- Built for passkeys as introduced by Apple, Google, and Microsoft
- Fast integration with Hanko Elements web components (login box and user profile)
- API-first, small footprint, cloud-native
Available for self-hosting and on Hanko Cloud.
Hanko is built and maintained by Hanko.io, an active member of the FIDO Alliance.
... and make sure your users won't get lost on the way. Passwordless logins have been promised to us for quite some time. But until now, "passwordless" was mostly a compromise that only worked for some of the users and had some severe drawbacks that ultimately led to passwords still being present at almost every login. It's only very recently that passkeys were announced, and the ecosystem of devices, browsers, and operating systems is finally ready to truly move beyond passwords.
With most devices and browsers now shipping with passkey support and convenient built-in authentication technology like Touch ID, Face ID, and Windows Hello, a much better login experience is enabled that will replace passwords for good. Hanko is built for that shift.
Build your passkey-powered auth stack with a few lines of code – and never look back.
The main building blocks of the Hanko project are
- backend - An authentication API for passkeys, passcodes, and (optional) passwords, OAuth SSO, as well as user management and JWT issuing
- hanko-elements - Web components made for Hanko backend that provide onboarding and login functionality and are customizable with CSS
- hanko-frontend-sdk - A client package for using the Hanko API
The remainder of the repository consists of:
- quickstart - A quickstart example app showing off Hanko's login experience and acting as a reference implementation
- examples - Example implementations for a number of frameworks
- docs - The Hanko documentation (docs.hanko.io) -> Moved to its own repo here: https://github.com/teamhanko/docs
- Try our hosted live example and our companion page passkeys.io or use the quickstart app to get a feel for the user experience provided by an application that leverages the Hanko backend API and our custom web component
- To run the project locally, there are two options available:
- Bare metal:
- Head over to the backend section to learn how to get it up and running for your own project. Use Hanko Cloud for a hosted backend.
- Docker:
- If you prefer to use Docker to run the project locally, please visit the Run the quickstart for information on how to run the project. This will create everything, including frontend and backend components.
- If you wish to keep only the backend components, you can modify the quickstart.yaml to remove the unnecessary services. To make changes to the configuration to meet your needs, modify config.yaml.
- If you prefer to use Docker to run the project locally, please visit the Run the quickstart for information on how to run the project. This will create everything, including frontend and backend components.
- Bare metal:
- Then, integrate hanko-elements – we provide example applications and guides for your favourite frontend framework in the official documentation
- if you have an enterprise license or use Hanko Cloud you can also integrate SAML SSO. Feel free to use this guide to start with SAML SSO
If you want to use the Hanko backend API but prefer to build your own UI, you can still make use of the hanko-frontend-sdk. It forms the basis of our web components, and the client it provides handles communication with the Hanko backend API and saves you the time of rolling your own.
Schedule a Hanko demo. Learn how Hanko will speed up your registration and login flows with passkeys.
Watch our releases, leave a star, join our Discord community, or sign up to our product news to follow the development. Here's a brief overview of our current roadmap:
| Status | Feature |
|---|---|
| ✅ | Passkeys |
| ✅ | Email passcodes |
| ✅ | Passwords |
| ✅ | JWT signing |
| ✅ | User management API |
| ✅ | 📢 Hanko Alpha Release |
| ✅ | <hanko-auth> web component |
| ✅ | Customizable CSS |
| ✅ | 📢 Hanko Beta Release |
| ✅ | JavaScript frontend SDK |
| ✅ | Passkey autofill (Conditional UI) |
| ✅ | Audit logs API |
| ✅ | Security Key support |
| ✅ | Mobile app support |
| ✅ | <hanko-profile> web component |
| ✅ | Rate limiting |
| ✅ | OAuth logins (Sign in with Apple/Google/GitHub) |
| ✅ | i18n & custom translations |
| ✅ | User import |
| ✅ | Disable sign-ups |
| ✅ | User export |
| ✅ | SAML Enterprise SSO |
| ✅ | Webhooks |
| ⚙️ | API-supported auth flows |
| ⚙️ | Passkey-only and OAuth-only configurations |
| ⚙️ | Username support (non-email) |
| ⚙️ | Optional / user-deleteable passwords |
| ⚙️ | OIDC Enterprise SSO |
| ⚙️ | 2FA (TOTP, security keys) |
| Email templates & i18n | |
| Refresh tokens / sessions | |
| 📢 Hanko 1.0 Release | |
<hanko-menu> web component |
|
| Custom Social SSO connections (OIDC/OAuth2) | |
| Email security notifications | |
| Custom JWT claims | |
| Mobile SDKs | |
| SMS passcodes |
Additional features that have been requested or that we would like to build but are currently not on the roadmap:
- Custom user data / fields
- Privileged sessions & step-up authentication
- Bot protection / CAPTCHA
- Hosted auth pages / OIDC provider
If you have any questions or issues, please check this project's Q&A section in discussions and the open issues. Feel free to comment on existing issues or create a new issue if you encounter any bugs or have a feature request. For yet unanswered questions, feedback, or new ideas, please open a new discussion.
We invite you to join our growing Discord community if you want to get the latest updates on passkeys, WebAuthn, and this project or if you just want to chat with us. You can also follow us on X.
hanko-elements and hanko-frontend-sdk are licensed under the MIT License. Everything else in this repository, including hanko backend, is licensed under the AGPL-3.0.