Hanko is open-source user authentication with a focus on moving the login beyond passwords, while being 100% deployable today – without compromise.
- Built around latest passkey technology as introduced by Apple, Google, and Microsoft
- An API for passkeys, email passcodes, and optional password support
- Hanko web component ("login box") that integrates with just 2 lines of code
- API-first, small footprint, cloud-native
- FIDO2-certified
Hanko is built and maintained by Hanko.io, an active member of the FIDO Alliance. This project is the sum of more than 5 years of experience implementing FIDO and WebAuthn-based authentication in many different applications and platforms.
... and make sure your users won't get lost on the way. Passwordless logins have been promised to us for quite some time. But until now, "passwordless" was mostly a compromise that only worked for some of the users and had some severe drawbacks that ultimately led to passwords still being present at almost every login. It's only very recently that passkeys were announced and the ecosystem of devices, browsers, and operating systems is finally ready to truly move beyond passwords.
With most devices now shipping with passkey support and biometric sensors like Touch ID, Face ID, and Windows Hello, a truly fascinating login experience is enabled that has the potential to replace passwords for good. Hanko is built for that shift.
Build your passkey login in just 5 minutes – with two lines of code – and never look back.
We are currently in Beta and may still have critical bugs. Watch our releases, leave a star, join our Slack community, or sign up to our newsletter to follow the development. Here's a brief overview of the current roadmap:
| Status | Feature |
|---|---|
| ✅ | Passkeys |
| ✅ | Passcodes |
| ✅ | Passwords |
| ✅ | JWT signing |
| ✅ | Admin API |
| ✅ | 📢 Hanko Alpha Release |
| ✅ | Hanko web component |
| ✅ | Customizable CSS |
| ✅ | 📢 Hanko Beta Release |
| ⚙️ | Passkey Conditional UI support |
| ⚙️ | Events API |
| 2FA with FIDO Security Keys and TOTP | |
| Mobile app support | |
| Sign in with Google/Apple/GitHub |
The fastest way to try out Hanko is with docker-compose.
First you need to clone this repository:
git clone https://github.com/teamhanko/hanko.git
Then, in the newly created hanko folder, just run:
docker-compose -f deploy/docker-compose/quickstart.yaml -p "hanko-quickstart" up --build
Note: Docker (Desktop) needs to be running in order for the command to run.
After the services are up and running, the example login can be opened at localhost:8888. To receive emails without your own
smtp server, we added mailslurper which will be available at localhost:8080.
Note: Hanko services are not published to a registry yet and will be built locally before the services are started.
The Hanko project consists of
- backend - An authentication API powering passkeys, passcodes, and passwords, as well as user management and JWT token issuing
- hanko-js - A slick web component made for Hanko backend that features a polished onboarding and login experience and is highly customizable
- example - The quickstart example app, showing off Hanko's strengths and acting as a reference implementation
Join our Slack community if you have any questions about Hanko or just want to chat about passkeys, authentication, identity, or life in general. You can also follow us on Twitter or just reach out via email.
hanko-js is licensed under the MIT License. Everything else in this repository, including hanko backend, is licensed under the AGPL-3.0.