Announcing our all-new Hanko Authentication API - the complete software toolkit for implementing passwordless FIDO®-based strong multi-factor authentication for securing access to online applications.
We’ve made some significant changes to Hanko Authentication API that went live earlier today. The release includes completely redesigned WebAuthn API endpoints and a number of new features which are largely aimed at simplifying the way that developers build passwordless authentication into their applications. Before we get into the details, we wanted to thank all of our early adopters who helped us get this far!
When building Hanko, our main goal was taking the complexity out of user authentication – for the end-user, but especially for the developer. Passwordless authentication is now even easier to implement with Hanko due to our all-new WebAuthn API. We’ve redesigned all WebAuthn endpoints to reflect our learnings with v1 and all the changes that the FIDO and WebAuthn specs went through since we’ve built our first (now deprecated) API. Most importantly, the new API does not try to hide any FIDO-specific content anymore. In our old concept, we built an abstraction layer ("Hanko request") around all FIDO messages, regardless of the actual protocol (WebAuthn, UAF) used. We realized that this led to unnecessary steps when interacting with our API as well as some confusion as to what data needed to be contained in the request bodies. The new API is now handling FIDO requests directly as specified by the W3C WebAuthn specs. Further ease-of-use and a simplifying abstraction layer is achieved with our server-side and client-side SDKs.
With this release, we've also changed the deployment model of Hanko Authentication API. Instead of a multi-tenant approach like before, the new Hanko Authentication API is truly cloud-native. Every customer API is living in its own private name space, meaning there's no central application handling data of multiple customers any more. So you can be sure that only your user's data is processed and stored in your Hanko Authentication API.
Due to our new deployment model, we have not only improved data privacy and data security, but also the individual scaling capabilities per customer API. Now we can freely scale each individual API without affecting other customer’s operations at all.
From the beginning on, Hanko was built for developers. And right from the start, we were convinced that we wanted to make our API open-source. With this release, we successfully did the first steps for an open source WebAuthn / FIDO2 API implementation (written in Golang) which will soon be available on Github.
Besides the technical changes in our API, we also cleaned up our documentation. With the new landing page, you can navigate faster through our docs and find your way around easier. Here are a few things you may find helpful when starting working with Hanko:
Use our new overview page as an entry point to working with Hanko's Authentication API. Beside our core components, you will find all devices we support and also different use cases how you can use the API.
A simple step-by-step guide to build the foundation for implementing passwordless authentication with Hanko.
We provide an OpenAPI-conformant API description for Hanko Authentication that contains the full API specification. There's no better way to dive deep into all features we offer.
This is just the beginning. Your user experience is of utmost importance to us. We continually work on our tech behind the scenes so that we can roll out updates and new features to you. So that you can focus on your core products.
You can start using the new API today. Simply head to the Hanko Console, set it up according to our docs and you are good to go. If you already have API keys for the old Hanko API, you can still continue to use it through the old Console that can be accessed here.