The Auth0 PHP SDK provides you with methods for accessing Auth0's Authentication and Management API endpoints.
The Auth0-PHP repository is hosted on GitHub. We appreciate all contributions, including bug reports, enhancement proposals, and pull requests.
- PHP 7.1 or later
Install With Composer
composer require auth0/auth0-php
Otherwise, download Composer locally and run:
php composer.phar require auth0/auth0-php
This will create
composer.lock files in the directory where the command was run, along with a vendor folder containing this SDK and its dependencies.
Finally, include the Composer autoload file in your project to use the SDK:
// index.php require __DIR__ . '/vendor/autoload.php'; use Auth0\SDK\Auth0;
If your project does not use Composer or you want to maintain a connection to the Git repo, Auth0-PHP can be installed manually. This process still requires Composer to download dependencies, but the process does not use Composer to manage the package.
First, navigate to the directory that contains the Auth0-PHP library and clone the Github repo:
cd /path/to/project/ git clone https://github.com/auth0/auth0-PHP.git auth0
Download Composer and install the dependencies:
mv ./composer.phar auth0/composer.phar cd auth0 php composer.phar install rm composer.phar
Finally, require the Auth0-PHP autoloader and you're ready to use the SDK:
// index.php require __DIR__ . '/auth0/vendor/autoload.php'; use Auth0\SDK\Auth0;
To use the Auth0 Authentication and Management APIs, you'll need a free Auth0 account and an Application:
- Go to auth0.com/signup and create your account.
- Once you are in the dashboard, go to Applications, then Create Application.
- Give your Application a name, select Regular Web Application, then Create
- Click the Settings tab for the required credentials used below. More information about these settings is here.
The examples in this documentation use environment variables to store and load sensitive Auth0 credentials, eliminating the need for you to hardcode them into your application.
The easiest way to use environment variables in your project is to use a library like PHP Dotenv along with a local
.env file. Create a
.env file (make sure this is not accessible publicly and is excluded from version control) and add the following values:
# Auth0 tenant Domain, found in your Application settings AUTH0_DOMAIN="tenant.auth0.com" # Auth0 Client ID, found in your Application settings AUTH0_CLIENT_ID="application_client_id" # Auth0 Client Secret, found in your Application settings AUTH0_CLIENT_SECRET="application_client_secret" # URL to handle the authentication callback # Save this URL in the "Allowed Callback URLs" field in the Auth0 dashboard AUTH0_REDIRECT_URI="https://yourdomain.com/auth/callback"
AUTH0_REDIRECT_URI value above is a URL for your application that will handle the callback from Auth0. This is used for both successful logins as well as errors. The processing that happens at this URL is covered later in this documentation.
In your application (below the Composer autoload
// ... other use declarations use josegonzalez\Dotenv\Loader; // Setup environment vars $Dotenv = new Loader(__DIR__ . '/.env'); $Dotenv->parse()->putenv(true); // Get environment variables echo 'My Auth0 domain is ' . getenv('AUTH0_DOMAIN');
You can now use the environment variables to instantiate the necessary Auth0-PHP classes:
// Instantiate the base Auth0 class. $auth0 = new Auth0([ // The values below are found on the Application settings tab. 'domain' => 'your-tenant.auth0.com', 'client_id' => 'application_client_id', 'client_secret' => 'application_client_secret', // This is your application URL that will be used to process the login. // Save this URL in the "Allowed Callback URLs" field on the Application settings tab 'redirect_uri' => 'https://yourdomain.com/auth/callback', ]);
You are now ready to use Auth0-PHP. Use one of the articles below to add authentication to your existing app or one of our quickstarts to build a test application from scratch: