PHP: Getting Started using Auth0-PHP

The Auth0-PHP SDK integrates into your PHP applications providing straightforward user login and signup. It supports social identity providers such as Facebook, Google, or Twitter, as well as enterprise providers such as Active Directory. The SDK provides convenient methods for accessing Auth0's Authentication and Management endpoints.

The Auth0-PHP repository is open source and hosted on GitHub. We appreciate all contributions, including bug reports, enhancement proposals, and pull requests.



Installing the Auth0 PHP SDK requires Composer, the standard dependency management utility for PHP. Composer allows you to declare the dependent libraries your project needs and installs them for you. Please ensure Composer is installed and accessible from your shell before continuing.

Next, run the following shell command within your project directory to install the SDK:

composer require auth0/auth0-php

Was this helpful?

This will create a vendor subfolder within your project and download all the dependencies needed to use the PHP SDK. This will also create a vendor/autoload.php file necessary for the SDK to work with your application, which we'll import later.

Getting Started

To use the Auth0 Authentication and Management APIs, you'll need a free Auth0 account and an Application:

  1. Go to and create your account.

  2. Once you are in the dashboard, go to Applications, then Create Application.

  3. Give your Application a name, select Regular Web Application, then Create

  4. Click the Settings tab for the required credentials used below. To learn more, see Application Settings.

Configure the SDK

You should use environment variables to store and load sensitive Auth0 credentials. This eliminates the need for hard-coding them into your application. Let's create an .env file within the root of our project directory to store our application's credentials:

The easiest way to use environment variables in your project is to use a library like PHP Dotenv along with a local .env file. Create a .env file (make sure this is not accessible publicly and is excluded from version control) and add the following values:

# The URL of our Auth0 Tenant Domain.
# If we're using a Custom Domain, be sure to set this to that value instead.

# Our Auth0 application's Client ID.

# Our Auth0 application's Client Secret.

# A long secret value we'll use to encrypt session cookies. This can be generated using `openssl rand -hex 32` from our shell.

# The base URL of our application.

Was this helpful?


You should never commit this file to version control or share it in an unsecure manner. The contents should be handled with care and treated like a password. As PHP is unable to read our .env file natively, you'll need to install a PHP library to do so. For the purposes of this documentation we'll be using vlucas/phpdotenv, but any "dotenv" library you prefer will work. From our project directory, run the following shell command to install the library:

composer require vlucas/phpdotenv

Was this helpful?


Initialize the SDK

We're ready to configure and initialize an instance of the SDK within our new PHP application. Let's start by creating the PHP source file we'll be working with for this demonstration, index.php, and use the following snippet to get started:


// Import the Composer Autoloader to make the SDK classes accessible:
require 'vendor/autoload.php';

// Load our environment variables from the .env file:

// Now instantiate the Auth0 class with our configuration:
$auth0 = new \Auth0\SDK\Auth0([
    'domain' => $_ENV['AUTH0_DOMAIN'],
    'clientId' => $_ENV['AUTH0_CLIENT_ID'],
    'clientSecret' => $_ENV['AUTH0_CLIENT_SECRET'],
    'cookieSecret' => $_ENV['AUTH0_COOKIE_SECRET']

Was this helpful?

Congratulations! Your application is now set up and ready to use with Auth0. You can now move on to building an example application using one of our PHP quickstarts. Choose the type of application you're looking to build to follow along with a quickstart suited for your needs:

Learn more