https://[project-id].hanko.io/admin
(Hanko Cloud) or http://localhost:8001/admin
(self-hosted)
The Hanko Admin API provides server-side user management, audit logs, and metrics. Requires API key authentication.
User Management
Reference: Admin User Management API
POST /users
- Programmatically create new user accountsGET /users/{user_id}
- Retrieve user details by IDGET /users
- Paginated list of all users with filtering optionsDELETE /users/{user_id}
- Permanently remove user accounthttps://[project-id].hanko.io
(Hanko Cloud) or http://localhost:8000
(self-hosted)
Client-facing APIs for authentication flows. No API key required - uses session cookies or JWT tokens for authentication.
User Management
Reference: https://docs.hanko.io/api-reference/public/user-management/
POST /users
- User registration endpoint (can be disabled)GET /users/{user_id}
- Retrieve user detailsGET /me
- Get authenticated user’s informationDELETE /me
- Self-service account deletion (configurable)POST /user
- Find user account by email addressDELETE /logout
- Terminate current sessionPOST /password
- Create or update user passwordPOST /password/login
- Authenticate with email and passwordpasswords.enabled = true
in configurationPOST /passcode/login/initialize
- Request email with one-time codePOST /passcode/login/finalize
- Verify passcode and create sessionPOST /webauthn/registration/initialize
- Start passkey registrationPOST /webauthn/registration/finalize
- Complete passkey registrationPOST /webauthn/login/initialize
- Start passkey loginPOST /webauthn/login/finalize
- Complete passkey loginGET /webauthn/credentials
- List user’s registered passkeysPATCH /webauthn/credentials/{id}
- Update passkey nicknameDELETE /webauthn/credentials/{id}
- Remove passkeyGET /thirdparty/{provider}
- Initiate OAuth flow (Google, GitHub, Apple, etc.)GET /thirdparty/callback
- Handle OAuth provider callbackGET /saml/sso
- Initiate SAML authenticationPOST /saml/acs
- SAML Assertion Consumer Service callbackGET /saml/metadata
- SAML service provider metadataGET /me
- Validate session via Authorization headerPOST /session
- Validate session via request bodyPOST /token
- Exchange one-time token for session JWTPOST /emails
- Add new email to current userGET /emails
- List user’s email addressesPUT /emails/{id}/set_primary
- Set email as primaryDELETE /emails/{id}
- Remove email from accountGET /.well-known/config
- Public configuration (enabled auth methods, UI settings)GET /.well-known/jwks
- JSON Web Key Set for JWT signature verificationhttps://[project-id].hanko.io/flow
(Hanko Cloud)
Low-level state machine API for building completely custom authentication experiences:
Concept: Instead of fixed authentication endpoints, the Flow API uses a state machine approach where:
POST /login/initialize
- Start login flowPOST /login/finalize
- Advance login flow statePOST /registration/initialize
- Start registration flowPOST /registration/finalize
- Advance registration flow statePOST /profile/initialize
- Start profile management flowPOST /profile/finalize
- Advance profile flow statePOST /token_exchange/initialize
- Start token exchange (SAML only)POST /token_exchange/finalize
- Complete token exchangehttps://passkeys.hanko.io
(managed service)
Specialized API for adding passkey authentication to existing systems without replacing current authentication:
Core Endpoints:
POST /credentials/register/initialize
- Start passkey registrationPOST /credentials/register/finalize
- Complete passkey registrationPOST /credentials/login/initialize
- Start passkey loginPOST /credentials/login/finalize
- Complete passkey loginPOST /credentials/mfa/register/initialize
- Register passkey for MFAPOST /credentials/mfa/login/initialize
- Use passkey as second factorPOST /transaction/initialize
- Create transaction for signingPOST /transaction/finalize
- Verify transaction signaturepasswords.enabled = false
npm install @teamhanko/hanko-elements
import { register } from '@teamhanko/hanko-elements'
useHanko()
, useUser()
, useSession()
<HankoAuth />
, <HankoProfile />
npm install @teamhanko/hanko-elements
HankoService
for authentication logicgo get github.com/teamhanko/hanko-sdk-golang
pip install hanko-sdk
npm install @teamhanko/hanko-node
useHanko()
, useUser()
for Nuxt 3hooks.server.js
<hanko-auth api="https://your-hanko-api.com" />
hanko-auth-success
, hanko-auth-error
, etc.config.yaml
file with comprehensive options*.hanko.io
URLsauth.yourcompany.com
instead of your-project.hanko.io
/.well-known/jwks
for public key retrievaluser.created
, user.login
, user.logout
, etc./livez
for liveness, /readyz
for readinesshanko
for community answers