Hanko: Open-source authentication and user management
Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era.
“We focus on helping developers and organizations modernize their authentication flows by migrating users towards passkeys, while still supporting all common authentication methods like email/password, MFA, OAuth, as well as SAML SSO,” Felix Magedanz, CEO at Hanko, told Help Net Security.
“What truly sets us apart is our commitment to developer experience,” explained Magedanz.
- Hanko is fully open source and licensed under AGPL v3, with a commercially supported cloud offering for those who want to avoid open-source copyleft obligations or hosting and managing the Hanko backend themselves.
- The developers provide a clean, developer-friendly API surface and SDK designed for flexibility and ease of integration.
- Hanko Elements — a set of open web components — allow developers to build secure, customizable auth UIs without locking into a specific frontend framework.
Future plans and download
Magedanz told us they’re actively working on expanding Hanko’s capabilities in several directions:
- More customization options, such as support for user metadata and fine-grained control over SSO scopes.
- Seamless, self-serve data migration between Hanko Cloud and self-hosted deployments — allowing users to switch freely between both modes.
- New web components, including a user menu, organization switcher, and team invites with basic role-based authorization — all designed to make it even easier to implement full-featured auth experiences out of the box.
Hanko is available for free on GitHub.
Must read:
- GitHub CISO on security strategy and collaborating with the open-source community
- Don’t let these open-source cybersecurity tools slip under your radar
- 33 open-source cybersecurity solutions you didn’t know you needed
Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!