About Hanko
Hanko is an open-source user authentication system with a focus on moving the login beyond passwords, while being 100% deployable today – without compromise.
- Built around latest passkey technology as introduced by Apple, Google, and Microsoft
- Hanko login box that integrates in minutes
- API-first, small footprint, cloud-native
Hanko is built and maintained by Hanko.io, an active member of the FIDO Alliance. This project is the sum of 5 years of experience implementing FIDO and WebAuthn-based authentication in many different applications and platforms.
We take you on the journey beyond passwords ...
... and make sure your users won't get lost on the way. Passwordless logins have been promised to us for quite some time. But until now, "passwordless" was mostly a compromise that only worked for some of the users and had some severe drawbacks that ultimately led to passwords still being present at almost every login. It's only very recently that passkeys were announced and the ecosystem of devices, browsers, and operating systems is finally ready to truly move beyond passwords.
With most devices now shipping with passkey support and biometric sensors like Touch ID, Face ID, and Windows Hello, a truly fascinating login experience is enabled that has the potential to replace passwords for good. Hanko is built for that shift.
Build your passkey login in just 5 minutes – with a few lines of code – and never look back.
Architecture
The main building blocks of the Hanko project are
- backend - An authentication API powering passkeys, passcodes, and (optional) passwords, as well as user management and JWT issuing
- hanko-elements - A set of web components made for Hanko backend that provides onboarding and login functionality and is highly customizable with CSS
- hanko-frontend-sdk - A client package for using the Hanko API
The remainder of the repository contents consist of:
- quickstart - The quickstart example app, showing off Hanko's login experience and acting as a reference implementation
- examples - Hanko example implementations for a number of frameworks
- docs - The Hanko documentation
Getting started
- Try our hosted live example and our companion page passkeys.io or use the quickstart to get a feel for the user experience provided by an application that leverages the Hanko backend API and our custom web component
- Head over to the backend to learn how to get it up and running for your own project. You can also use Hanko Cloud for a hosted backend.
- Then, integrate hanko-elements – we provide example applications and guides for your favourite frontend framework in the official documentation
If you want to use the Hanko backend API but prefer to build your own UI, you can still make use of the hanko-frontend-sdk. It forms the basis of our web components. The client it provides handles communication with the Hanko backend API and saves you the time of rolling your own.
Roadmap
We are currently in Beta and may still have critical bugs. Watch our releases, leave a star, join our Slack community, or sign up to our product news to follow the development. Here's a brief overview of the current roadmap:
| Status | Feature |
|---|---|
| ✅ | Passkeys |
| ✅ | Email passcodes |
| ✅ | Passwords |
| ✅ | JWT signing |
| ✅ | User management API |
| ✅ | 📢 Hanko Alpha Release |
| ✅ | <hanko-auth> web component |
| ✅ | Customizable CSS |
| ✅ | 📢 Hanko Beta Release |
| ✅ | JavaScript frontend SDK |
| ✅ | Passkey autofill (Conditional UI) |
| ✅ | Audit logs API |
| ✅ | Security Key support |
| ✅ | Mobile app support |
| ✅ | <hanko-profile> web component |
| ✅ | Rate limiting (application level) |
| ⚙️ | Priviledged sessions & step-up authentication |
| ⚙️ | OAuth plugin system (Sign in with Google/Apple/GitHub/...) |
| Session management | |
| Custom translations for hanko-elements | |
| Email templating |
Additional features that have been requested or that we would like to build but are not (yet) on the roadmap:
- SMS passcode delivery
- OpenID Connect
- SAML support
- 2FA to secure fallback auth methods
Community
Questions, bugs, ideas
If you have any questions or issues, please check this project's Q&A section in discussions and the open issues. Feel free to comment on existing issues or create a new issue if you encounter any bugs or have a feature request. For yet unanswered questions, feedback, or new ideas, please open a new discussion.
Slack community & Twitter
We invite you to join our growing Slack community if you want to get the latest updates on passkeys, WebAuthn, and this project, or if you just want to chat with us. You can also follow us on Twitter.
Licenses
hanko-elements and hanko-frontend-sdk are licensed under the MIT License. Everything else in this repository, including hanko backend, is licensed under the AGPL-3.0.