PHP

Sample Project

Download a sample project specific to this tutorial configured with your Auth0 API Keys.

System Requirements
  • Apache 2.4.4
  • PHP 5.6.14 and up
  • Auth0-PHP 5.0 and up
Show requirements

Add the Dependencies

To install dependencies, run the following

composer require auth0/auth0-php:"~5.0"

This sample uses Composer, a tool for dependency management in PHP. It allows you to declare the dependent libraries your project needs and it will install them in your project for you.

Configure Auth0 PHP SDK

Configure the Auth0 PHP SDK in each page that will use it.

use Auth0\SDK\Auth0;

$auth0 = new Auth0([
  'domain' => 'YOUR_AUTH0_DOMAIN',
  'client_id' => 'YOUR_CLIENT_ID',
  'client_secret' => 'YOUR_CLIENT_SECRET',
  'redirect_uri' => 'https://YOUR_APP/callback',
  'audience' => 'https://YOUR_AUTH0_DOMAIN/userinfo',
  'scope' => 'openid profile',
  'persist_id_token' => true,
  'persist_access_token' => true,
  'persist_refresh_token' => true,
]);

Add Auth0 Callback Handler

Now, we can call $auth0->getUser() to retrieve the user information. If we call it from the page that will handle the callback, then it'll use the code provided by Auth0 to get the information after the successful login.

// index.php

...
$userInfo = $auth0->getUser();

if (!$userInfo) {
    // We have no user info
    // redirect to Login
} else {
    // User is authenticated
    // Say hello to $userInfo['name']
    // print logout button
}

Once the user info is fetched, it'll be stored in the session. Therefore, from this moment on, each time you call getUser() it will retrieve the information from the Session.

For security purposes, you must add the callback URL of your app to your Client Settings.

Your callback URL is currently set to:

https://YOUR_APP/callback

In this case, the redirectUrl should look something like:

http://yourUrl/

Trigger Login With Auth0 PHP SDK

<!-- index.php -->

<a class="btn btn-primary btn-lg btn-login btn-block" href="login.php">SignIn</a>
// login.php

<?php
  // ...
  $auth0->login();

The redirect_uri specified in the Auth0 constructor must match the one specified in the previous step

Accessing User Information

You can access the user information via the getUser method from Auth0.

<?php
// index.php

// ...
$userInfo = $auth0->getUser();
?>
<html>
  <body class="home">
    <div><?php echo $userInfo['name'] ?></div>
  </body>
</html>

You can click here to find out all of the available properties from the user's profile. Please note that some of these depend on the social provider being used.

Optional steps

Configure session data

By default, the SDK will store the user information in the PHP Session and it will discard the access token and the id token. If you like to persist them as well, you can pass 'persist_access_token' => true and 'persist_id_token' => true to the SDK configuration in step 2. You can also disable session altogether by passing 'store' => false.

If you want to change PHP Session and use Laravel, Zend, Symfony or other abstraction to the session, you can create a class that implements get, set, delete and pass it to the SDK as following.

$laravelStore = new MyLaravelStore();
$auth0 = new Auth0(array(
    // ...
    'store' => $laravelStore,
    // ...
));
Use Auth0 for FREECreate free Account