Auth.js vs Hanko for Solo Developers
Comparing Auth.js and Hanko for solo developers.
Two open-source authentication solutions, two very different design philosophies. Auth.js is a library you embed in your JavaScript app. Hanko is a standalone service with drop-in UI components and a passkey-first approach. For solo developers, the decision comes down to how much you want to own the auth experience versus how much you want to delegate it.
Auth.js Overview
Auth.js (formerly NextAuth.js) is an authentication library for JavaScript frameworks including Next.js, SvelteKit, Remix, and Express. It handles OAuth flows, email/magic link sign-in, credential-based login, and session management. Everything runs inside your application with no external service required.
You configure providers in a single file, connect a database adapter, and Auth.js manages the rest. Sessions can be stored as JWTs or in your database. The library provides callbacks for customizing tokens, sessions, and sign-in behavior. With support for over 80 OAuth providers, you can add social login for nearly any platform.
The cost is zero. No MAU limits, no paid tiers, no vendor dependency. You own everything.
Hanko Overview
Hanko is an open-source, passwordless-first authentication platform. It runs as a standalone Go service (or via Hanko Cloud) and provides web components (<hanko-auth> and <hanko-profile>) that you embed in your frontend. These components render a complete authentication UI including passkey registration, email passcodes, and social login.
The core philosophy is that passwords are a legacy pattern. Hanko puts passkeys and WebAuthn front and center. Users register with a passkey on their first visit, and subsequent logins are a single biometric tap. Email passcodes serve as the fallback. Traditional passwords are optional and disabled by default.
Hanko Cloud offers a free tier at 10,000 MAU. Self-hosting the Go binary is straightforward and gives you unlimited users.
Comparison Table
| Feature | Auth.js | Hanko |
|---|---|---|
| Type | Library (in your app) | Standalone service |
| Cost | Free, unlimited | Free 10K MAU (cloud) or self-host |
| Passkey support | Limited | First-class, core feature |
| UI components | None (build your own) | Drop-in web components |
| OAuth providers | 80+ | Fewer, growing |
| Email/password | Yes | Optional (off by default) |
| Magic links | Yes | Email passcodes |
| Session storage | JWT or database | JWT (issued by Hanko) |
| Framework support | Next.js, SvelteKit, Remix, etc. | Framework-agnostic |
| Infrastructure | None | Go binary or cloud |
| Customization | Full code-level control | CSS variables, component slots |
| Database | Your app's DB via adapters | Hanko's own user store |
| Community size | Large (NextAuth legacy) | Smaller, growing |
| Learning curve | Low-moderate | Low |
When to Pick Auth.js
Auth.js is the better choice when you want full control over the authentication experience inside your JavaScript application:
- You are building with Next.js, SvelteKit, or another supported framework and want auth baked in.
- You need a wide variety of OAuth providers (80+ supported).
- Custom login UI matters to your brand. You want to design every pixel.
- Keeping user data in your own database through adapters is important to you.
- You prefer a library approach with no external services to manage.
- Password-based login is still a requirement for your user base.
Auth.js gives you the building blocks. You assemble them into whatever auth experience your app requires. The tradeoff is that you write more code, especially for the UI layer.
When to Pick Hanko
Hanko makes sense when you want a modern, passwordless authentication experience with minimal frontend work:
- Passkeys are a priority and you want them to work perfectly out of the box.
- Drop-in UI components that handle the entire login flow save you significant development time.
- You are building a framework-agnostic app or using something Auth.js does not support.
- A standalone auth service fits your architecture better than an embedded library.
- You want to bet on the passwordless future and make that a feature of your product.
The drop-in components are genuinely useful for solo developers. Instead of building login forms, handling validation, managing error states, and implementing passkey flows, you add a single HTML element and style it with CSS variables.
Verdict
Auth.js is the pragmatic choice for most solo developers today. It has a larger community, more OAuth providers, proven stability across thousands of production apps, and the flexibility to build exactly the auth experience you want. If you are using Next.js or SvelteKit, it is the natural fit.
Hanko is the forward-looking choice. If you believe passkeys will become the default login method (and the industry is moving that direction), Hanko gives you a head start with a purpose-built implementation. The drop-in components also save real development hours. The tradeoff is a smaller ecosystem and fewer OAuth integrations.
For a solo developer shipping a product today, start with Auth.js. For a solo developer building something where the login experience itself is a differentiator, or where you genuinely want to go passwordless, Hanko is worth the investment.
Related Articles
Angular vs HTMX for Solo Developers
Comparing Angular and HTMX for solo developers. Features, pricing, pros and cons, and which one to pick for your next project.
Angular vs Qwik for Solo Developers
Comparing Angular and Qwik for solo developers. Features, pricing, pros and cons, and which one to pick for your next project.
Angular vs SolidJS for Solo Developers
Comparing Angular and SolidJS for solo developers. Features, pricing, pros and cons, and which one to pick for your next project.