PHPackages admin9/laravel-oidc-server - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. admin9/laravel-oidc-server ActiveLibrary[Authentication & Authorization](/categories/authentication) admin9/laravel-oidc-server ========================== OpenID Connect Server for Laravel Passport — adds OIDC Discovery, JWKS, UserInfo, Token Introspection, Token Revocation, and RP-Initiated Logout. v1.1.2(1mo ago)028MITPHPPHP ^8.2 Since Feb 7Pushed 1mo agoCompare [ Source](https://github.com/admin9-labs/laravel-oidc-server)[ Packagist](https://packagist.org/packages/admin9/laravel-oidc-server)[ Docs](https://github.com/admin9-labs/laravel-oidc-server)[ RSS](/packages/admin9-laravel-oidc-server/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (14)Versions (5)Used By (0) Laravel OIDC Server =================== [](#laravel-oidc-server) [![Latest Version on Packagist](https://camo.githubusercontent.com/ac86fd0ca2538f56a3f4915487d36852a0df479be27b3c3ecb3d85e3f3d66f8a/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f61646d696e392f6c61726176656c2d6f6964632d7365727665722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/admin9/laravel-oidc-server)[![Total Downloads](https://camo.githubusercontent.com/c309b0ee456a00d3b84bc46c34d2b9ee88823463f3ceb11b69e4a5f686a6f82e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f61646d696e392f6c61726176656c2d6f6964632d7365727665722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/admin9/laravel-oidc-server)[![License](https://camo.githubusercontent.com/573dac54785e7c264002edf54fbfd0c288fb91afad069a7fded37a4a239bbccb/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f61646d696e392f6c61726176656c2d6f6964632d7365727665722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/admin9/laravel-oidc-server) [English](README.md) | [中文文档](docs/zh-CN/README.md) OpenID Connect Server for Laravel Passport — adds OIDC Discovery, JWKS, UserInfo, Token Introspection, Token Revocation, and RP-Initiated Logout to any Laravel + Passport application. Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 11 or 12 - Laravel Passport 12 or 13 Quick Start ----------- [](#quick-start) > **Prerequisite:** [Laravel Passport](https://laravel.com/docs/passport) must be installed and configured before using this package. ### 1. Install the package [](#1-install-the-package) ``` composer require admin9/laravel-oidc-server ``` ### 2. Implement the interface on your User model [](#2-implement-the-interface-on-your-user-model) ``` use Admin9\OidcServer\Contracts\OidcUserInterface; use Admin9\OidcServer\Concerns\HasOidcClaims; class User extends Authenticatable implements OidcUserInterface { use HasOidcClaims; // Optional: Override for custom claims protected function resolveOidcClaim(string $claim): mixed { return match ($claim) { 'nickname' => $this->display_name, 'picture' => $this->avatar_url, default => parent::resolveOidcClaim($claim), }; } } ``` ### 3. Generate Passport keys [](#3-generate-passport-keys) ``` php artisan passport:keys ``` This creates the RSA key pair (`storage/oauth-private.key` and `storage/oauth-public.key`) needed for signing tokens. ### 4. Create an OAuth client [](#4-create-an-oauth-client) Create a client application that will use your OIDC server: ``` # For authorization code flow (recommended for web apps) php artisan passport:client # For client credentials grant (recommended for machine-to-machine, e.g., microservices) php artisan passport:client --client # For password grant (only for first-party trusted apps) php artisan passport:client --password # Or install default clients (personal access + password grant) php artisan passport:install ``` You'll receive a **Client ID** and **Client Secret** — save these for configuring your client application. **Grant Type Guide:** - **Authorization Code Flow**: For web apps with user interaction, most secure - **Client Credentials Grant**: For server-to-server API calls, no user involvement - **Password Grant**: Only for first-party trusted apps, not recommended for third-party ### 5. (Optional) Publish and customize the config [](#5-optional-publish-and-customize-the-config) ``` php artisan vendor:publish --tag=oidc-server-config ``` Edit `config/oidc-server.php` to customize scopes, claims, token TTLs, and more. --- **That's it!** Your OIDC server is ready. Test it by visiting: ``` https://your-app.test/.well-known/openid-configuration ``` Endpoints --------- [](#endpoints) EndpointMethodDescription`/.well-known/openid-configuration`GETOIDC Discovery`/.well-known/jwks.json`GETJSON Web Key Set`/oauth/authorize`GETAuthorization (Passport)`/oauth/token`POSTToken (Passport)`/oauth/userinfo`GET/POSTUserInfo`/oauth/introspect`POSTToken Introspection (RFC 7662)`/oauth/revoke`POSTToken Revocation (RFC 7009)`/oauth/logout`GETRP-Initiated LogoutConfiguration ------------- [](#configuration) After publishing the config file, you can customize various aspects in `config/oidc-server.php`: ### User Model [](#user-model) By default, the package uses `config('auth.providers.users.model')` to look up users when generating ID tokens. Override if needed: ``` 'user_model' => \App\Models\User::class, ``` ### Passport Route Control [](#passport-route-control) The package calls `Passport::ignoreRoutes()` by default to prevent route conflicts. Disable this if you need Passport's default routes alongside OIDC: ``` 'ignore_passport_routes' => false, ``` ### Default Claims Map [](#default-claims-map) The `HasOidcClaims` trait resolves standard claims via a configurable map. Override to match your User model's schema: ``` 'default_claims_map' => [ 'name' => 'name', // string = model attribute 'email' => 'email', 'email_verified' => fn ($user) => $user->email_verified_at !== null, 'updated_at' => fn ($user) => $user->updated_at?->timestamp, ], ``` For custom claims (e.g., `nickname`, `picture`), use `claims_resolver` or override `resolveOidcClaim()` in your User model. ### Other Options [](#other-options) - **Scopes & claims mapping** — `scopes`, `claims_resolver` - **Token TTLs** — `tokens.access_token_ttl`, `tokens.refresh_token_ttl`, `tokens.id_token_ttl` - **Route middleware** — `routes.discovery_middleware`, `routes.token_middleware`, `routes.userinfo_middleware` - **Passport auto-configuration** — `configure_passport` (set to `false` to configure Passport yourself) See the [Configuration Reference](docs/configuration.md) for all available options. Documentation ------------- [](#documentation) - [Architecture](docs/architecture.md) - [Configuration Reference](docs/configuration.md) - [Endpoint Reference](docs/endpoints.md) - [Claims Resolution](docs/claims-resolution.md) - [Extension Points](docs/extension-points.md) - [Troubleshooting](docs/troubleshooting.md) License ------- [](#license) [MIT](LICENSE.md) ### Health Score 41 — FairBetter than 89% of packages Maintenance89 Actively maintained with recent releases Popularity10 Limited adoption so far Community6 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~11 days Total 4 Last Release 57d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/89f9c7018c46dc8dcaa27f05cb2cd4ee65b698b38afe4791d2d9e4302fa5013d?d=identicon)[qiyue2015](/maintainers/qiyue2015) --- Top Contributors [![qiyue2015](https://avatars.githubusercontent.com/u/11554433?v=4)](https://github.com/qiyue2015 "qiyue2015 (23 commits)") --- Tags jwkslaravellaravel-packageoauth2oidcopenid-connectpassportphptoken-introspectionuserinfolaraveloauth2passportOpenID Connectoidc ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/admin9-laravel-oidc-server/health.svg) ``` [![Health](https://phpackages.com/badges/admin9-laravel-oidc-server/health.svg)](https://phpackages.com/packages/admin9-laravel-oidc-server) ``` ### Alternatives [jeremy379/laravel-openid-connect OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport. 55342.3k2](/packages/jeremy379-laravel-openid-connect)[ronvanderheijden/openid-connect OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport. 61755.5k](/packages/ronvanderheijden-openid-connect)[simplesamlphp/simplesamlphp-module-oidc A SimpleSAMLphp module adding support for the OpenID Connect protocol 5016.9k1](/packages/simplesamlphp-simplesamlphp-module-oidc)[benbjurstrom/passport-custom-jwt-claims Customize JWT claims in Laravel Passport access tokens 341.8k](/packages/benbjurstrom-passport-custom-jwt-claims)[wearedevtical/novassport A Laravel Nova tool to manage API Authentication (Passport). 663.1k](/packages/wearedevtical-novassport)[authlete/authlete-laravel Authlete Library for Laravel 4226.0k](/packages/authlete-authlete-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)