Hanzo DID
Decentralized identity, profiles, and directory services
Hanzo DID
Hanzo DID provides decentralized identity (did:hanzo, did:lux), user profiles, organization directories, and identity resolution services across the Hanzo platform. It complements IAM by focusing on identity data and relationships rather than access control flows.
Features
- Profiles: Unified user and service identity records with rich metadata
- Directories: Organization, team, and group catalogs with hierarchy
- Resolution: Link identities across services, providers, and environments
- Auditability: Full identity history, change logs, and provenance tracking
- Sync: Bidirectional sync with external identity providers (SCIM, LDAP)
Relationship to IAM
IAM handles authentication and authorization — login flows, OAuth2, token issuance. DID powers the canonical profile, decentralized identifiers, and directory data that IAM, Gateway, and other services reference.
┌──────────────┐ ┌──────────────┐
│ IAM │────▶│ DID │
│ Auth flows │ │ Profiles & │
│ Tokens │ │ Directories │
│ Permissions │ │ DIDs │
└──────────────┘ └──────────────┘
│ │
▼ ▼
Access Control Identity StoreProfiles
Every user, service account, and bot has a unified profile:
{
"id": "usr_a1b2c3d4",
"type": "user",
"name": "Ada Lovelace",
"email": "[email protected]",
"avatar": "https://cdn.hanzo.ai/avatars/usr_a1b2c3d4.jpg",
"organization": "hanzo",
"teams": ["engineering", "research"],
"metadata": {
"title": "Principal Engineer",
"timezone": "America/Los_Angeles"
},
"linked_identities": [
{ "provider": "github", "external_id": "ada-lovelace" },
{ "provider": "google", "external_id": "[email protected]" }
],
"created_at": "2025-01-15T00:00:00Z",
"updated_at": "2025-06-01T12:00:00Z"
}Directories
Organization directories provide hierarchical team and group management:
from hanzo_iam import IAMClient
client = IAMClient()
# List organization members
members = client.get_users(owner="hanzo")
# Search by attribute
results = client.get_users(
owner="hanzo",
field="tag",
value="engineering"
)Identity Resolution
Link and resolve identities across providers and services:
# Resolve a user across linked providers
profile = client.get_user("hanzo", "ada-lovelace")
# Access linked identities
for identity in profile.get("properties", {}).get("linked_identities", []):
print(f"{identity['provider']}: {identity['external_id']}")SDK Integration
Python
from hanzo_iam import IAMClient
client = IAMClient(
server_url="https://iam.hanzo.ai",
client_id="your-client-id",
client_secret="your-client-secret",
organization="hanzo"
)
# Get current user profile
user = client.get_user("hanzo", "username")
# Update profile metadata
client.update_user(user)TypeScript
import { HanzoAuth } from '@hanzo/iam'
const auth = new HanzoAuth({
clientId: 'your-client-id',
organization: 'hanzo'
})
// Get current user
const user = await auth.getUser()
// User profile includes linked identities
console.log(user.name, user.email, user.avatar)Next Steps
How is this guide?
Last updated on