Passwordless auth for humans and agents

No passwords. No passkeys. No phishing.
Device-bound auth for users. Cryptographic identity for AI agents.

npm install @hawcx/react
Start building How it works

New: Your AI agents need their own identity

Static API keys and borrowed OAuth tokens are not enough. Give every agent its own cryptographic identity, per-request authorization, and a full audit trail.

API Platform

Add passwordless auth to web, mobile, and backend apps with Hawcx SDKs.

Agentic Auth

Give AI agents their own cryptographic identity, scoped authorization, and audit trail.

Core Concepts

Understand device-bound credentials, zero-knowledge proofs, and session security.

Why Hawcx

Security primitives designed for production authentication, not password recovery.

Explore concepts

Device-Bound

Credentials never leave the device. No cloud sync, no transfer, no phishing surface.

Zero-Knowledge

The server receives only a proof — never the secret. Nothing to steal, nothing to leak.

Quantum-Resilient

Ephemeral per-session keys. No long-lived public keys for harvest-now-decrypt-later attacks.

Choose your stack

Frontend SDKs handle the auth flow. Backend SDKs verify the result.

Web
React & Vanilla JS
Android
Kotlin with Smart Connect
iOS
Swift with Secure Enclave
React Native
TypeScript bridge
Flutter
Dart bridge
Node.js
Express, Fastify
Python
Flask, Django, FastAPI
Java
Spring Boot, Quarkus, Javalin
Quickstart

Build a login flow in five minutes

Install the frontend SDK, render the authentication state machine, and exchange the result on your backend.

Security model

Device-bound auth without passkeys

Credentials stay on the device while the server verifies cryptographic proof instead of handling secrets.

Ready to go passwordless?

Follow the 5-minute guide and ship auth today.

Start building