> ## Documentation Index > Fetch the complete documentation index at: https://docs.hanko.io/llms.txt > Use this file to discover all available pages before exploring further. > Retrieve public backend configuration options. # Get public Hanko configuration Useful, for example, for conditionally constructing a UI based on the options (e.g. don't show password inputs when they are disabled). ## OpenAPI ````yaml openapi-public get /.well-known/config openapi: 3.0.0 info: version: 1.2.0 title: Hanko Public API description: > ## Introduction This is the OpenAPI specification for the [Hanko Public API](https://github.com/teamhanko/hanko/blob/main/backend/README.md#basic-usage). ## Authentication The API uses [JSON Web Tokens](https://www.rfc-editor.org/rfc/rfc7519.html) (JWTs) for authentication. JWTs are verified using [JSON Web Keys](https://www.rfc-editor.org/rfc/rfc7517) (JWK). JWKs can be [configured](https://github.com/teamhanko/hanko/blob/main/backend/docs/Config.md#all-available-config-options) through the `secrets.keys` options. The API also publishes public cryptographic keys as a [JWK set](https://www.rfc-editor.org/rfc/rfc7517#section-2) through the `.well-known/jwks.json` endpoint to enable clients to verify token signatures. JWTs must be provided on requests to protected endpoints using one of the following schemes: ### CookieAuth **Security Scheme Type**: `API Key` **Cookie parameter name**: `hanko` The JWT must be provided in a Cookie with the name `hanko`. ### BearerTokenAuth **Security Scheme Type**: `http` **HTTP Authorization Scheme**: `Bearer` **Bearer format**: `JWT` The JWT must be provided in an HTTP Authorization header with bearer type: `Authorization: Bearer `. ## Cross-Origin Resource Sharing Cross-Origin Resource Sharing (CORS) can be currently [configured](https://github.com/teamhanko/hanko/blob/main/backend/docs/Config.md#all-available-config-options) for public endpoints via the `server.public.cors` options. --- contact: email: developers@hanko.io license: name: AGPL-3.0-or-later url: https://www.gnu.org/licenses/agpl-3.0.txt servers: - url: https://{tenant_id}.hanko.io variables: tenant_id: default: '' description: The (UU)ID of a tenant. Replace the default value with your tenant ID. security: [] externalDocs: description: More about Hanko url: https://github.com/teamhanko/hanko paths: /.well-known/config: get: tags: - .well-known summary: Get public Hanko configuration description: > Retrieve public backend configuration options. Useful for example for conditionally constructing a UI based on the options (e.g. don't show password inputs when they are disabled). operationId: getConfig responses: '200': description: Hanko configuration content: application/json: schema: $ref: '#/components/schemas/HankoConfiguration' deprecated: true components: schemas: HankoConfiguration: description: Public backend configuration options type: object externalDocs: description: Hanko Configuration url: https://github.com/teamhanko/hanko/blob/main/backend/docs/Config.md properties: emails: description: Controls the behavior regarding email addresses. type: object properties: require_verification: description: >- Require email verification after account registration and prevent signing in with unverified email addresses. Also, email addresses can only be marked as primary when they have been verified before. type: boolean password: description: Configuration options concerning passwords type: object properties: enabled: description: Indicates whether passwords are enabled or not type: boolean min_password_length: description: Describes the minimum password length type: number example: 8 account: description: Controls the behavior regarding user account. type: object properties: allow_deletion: description: Indicates the user account can be deleted by the current user. type: boolean allow_signup: description: Indicates users are able to create new accounts. type: boolean ````