PHPackages auth0/login - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. auth0/login ActiveLibrary[Authentication & Authorization](/categories/authentication) auth0/login =========== Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 7.20.0(5mo ago)2745.0M—4.8%144[7 issues](https://github.com/auth0/laravel-auth0/issues)[3 PRs](https://github.com/auth0/laravel-auth0/pulls)3MITPHPPHP ^8.2CI passing Since Apr 21Pushed 1mo ago65 watchersCompare [ Source](https://github.com/auth0/laravel-auth0)[ Packagist](https://packagist.org/packages/auth0/login)[ Docs](https://github.com/auth0/laravel-auth0)[ RSS](/packages/auth0-login/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (23)Versions (86)Used By (3)Security (4) [![Auth0 Laravel SDK](https://camo.githubusercontent.com/5cd2bdae557a87e2c38592d89ef76df9e06959d6727dd4e6e6f85c0ed8a2bb26/68747470733a2f2f63646e2e61757468302e636f6d2f776562736974652f73646b732f62616e6e6572732f6c61726176656c2d61757468302d62616e6e65722e706e67)](https://camo.githubusercontent.com/5cd2bdae557a87e2c38592d89ef76df9e06959d6727dd4e6e6f85c0ed8a2bb26/68747470733a2f2f63646e2e61757468302e636f6d2f776562736974652f73646b732f62616e6e6572732f6c61726176656c2d61757468302d62616e6e65722e706e67) [![Build Status](https://github.com/auth0/laravel-auth0/actions/workflows/tests.yml/badge.svg)](https://github.com/auth0/laravel-auth0/actions/workflows/tests.yml) [![Code Coverage](https://camo.githubusercontent.com/a63558406db2a546c7a775f63e3122ba7141f8057a1f6abfd22ac2a8044d90e6/68747470733a2f2f636f6465636f762e696f2f67682f61757468302f6c61726176656c2d61757468302f6272616e63682f6d61696e2f67726170682f62616467652e7376673f746f6b656e3d7645776e365450414466)](https://codecov.io/gh/auth0/laravel-auth0) [![Total Downloads](https://camo.githubusercontent.com/4632fc5ab0de11febdfe226e7f3a8f45ae9900c8e312cad6aedb1ea8163a3b57/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f61757468302f6c6f67696e)](https://packagist.org/packages/auth0/laravel-auth0) [![License](https://camo.githubusercontent.com/39fee6481f745b53b4fc6647dc23a61e06ecd2750f8d5589c9f8789d2b183be3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f61757468302f6c6f67696e)](https://packagist.org/packages/auth0/login) **The Auth0 Laravel SDK is a PHP package that integrates [Auth0](https://auth0.com) into your Laravel application.** It includes no-code user authentication, extensive Management API support, permissions-based routing access control, and more. - [Requirements](#requirements) - [Getting Started](#getting-started) - [1. Install the SDK](#1-install-the-sdk) - [2. Install the CLI](#2-install-the-cli) - [3. Configure the SDK](#3-configure-the-sdk) - [4. Run the Application](#4-run-the-application) - [Documentation](#documentation) - [QuickStarts](#quickstarts) - [Contributing](#contributing) - [Code of Conduct](#code-of-conduct) - [Security](#security) - [License](#license) Requirements ------------ [](#requirements) Your application must use a [supported Laravel version](#supported-laravel-releases), and your host environment must be running a [maintained PHP version](https://www.php.net/supported-versions.php). Please review [our support policy](./docs/Support.md) for more information. You will also need [Composer](https://getcomposer.org/) and an [Auth0 account](https://auth0.com/signup). ### Supported Laravel Releases [](#supported-laravel-releases) The next major release of Laravel is forecasted for Q1 2025. We anticipate supporting it upon release. LaravelSDKPHPSupported Until[12.x](https://laravel.com/docs/11.x/releases)7.15+[8.4](https://www.php.net/releases/8.4/en.php)Approx. [Feb 2027](https://laravel.com/docs/12.x/releases#support-policy) (EOL for Laravel 12)[8.2](https://www.php.net/releases/8.3/en.php)Approx. [Dec 2025](https://www.php.net/supported-versions.php) (EOL for PHP 8.3)We strive to support all actively maintained Laravel releases, prioritizing support for the latest major version with our SDK. If a new Laravel major introduces breaking changes, we may have to end support for past Laravel versions earlier than planned. Affected Laravel versions will still receive security fixes until their end-of-life date, as announced in our release notes. ### Maintenance Releases [](#maintenance-releases) The following releases are no longer being updated with new features by Auth0, but will continue to receive security updates through their end-of-life date. LaravelSDKPHPSecurity Fixes Until[11.x](https://laravel.com/docs/10.x/releases)7.13+[8.4](https://www.php.net/releases/8.4/en.php)[March 2026](https://laravel.com/docs/11.x/releases#support-policy) (EOL for Laravel 11)[8.3](https://www.php.net/releases/8.3/en.php)[March 2026](https://laravel.com/docs/11.x/releases#support-policy) (EOL for Laravel 11)[8.2](https://www.php.net/releases/8.2/en.php)[Dec 2026](https://www.php.net/supported-versions.php) (EOL for PHP 8.2)### Unsupported Releases [](#unsupported-releases) The following releases are unsupported by Auth0. While they may be suitable for some legacy applications, your mileage may vary. We recommend upgrading to a supported version as soon as possible. LaravelSDK[10.x](https://laravel.com/docs/10.x/releases)7.5 - 7.12[9.x](https://laravel.com/docs/9.x/releases)7.0 - 7.12[8.x](https://laravel.com/docs/8.x/releases)7.0 - 7.4[7.x](https://laravel.com/docs/7.x/releases)5.4 - 6.5[6.x](https://laravel.com/docs/6.x/releases)5.3 - 6.5[5.x](https://laravel.com/docs/5.x/releases)2.0 - 6.1[4.x](https://laravel.com/docs/4.x/releases)1.xGetting Started --------------- [](#getting-started) The following is our recommended approach to getting started with the SDK. Alternatives are available in [our expanded installation guide](./docs/Installation.md). ### 1. Install the SDK [](#1-install-the-sdk) - For **new applications**, we offer a quickstart template — a version of the default Laravel 9 starter project pre-configured for use with the Auth0 SDK. ``` composer create-project auth0-samples/laravel auth0-laravel-app && cd auth0-laravel-app ``` - For **existing applications**, you can install the SDK using Composer. ``` composer require auth0/login:^7 --update-with-all-dependencies ``` In this case, you will also need to generate an SDK configuration file for your application. ``` php artisan vendor:publish --tag auth0 ``` ### 2. Install the CLI [](#2-install-the-cli) 1. Install the [Auth0 CLI](https://github.com/auth0/auth0-cli) to manage your account from the command line. ``` curl -sSfL https://raw.githubusercontent.com/auth0/auth0-cli/main/install.sh | sh -s -- -b . ``` Move the CLI to a directory in your `PATH` to make it available system-wide. ``` sudo mv ./auth0 /usr/local/bin ``` 💡 *If you prefer not to move the CLI, simply substitute `auth0` in the CLI steps below with `./auth0`.* Using [Homebrew](https://brew.sh/) (macOS)``` brew tap auth0/auth0-cli && brew install auth0 ``` Using [Scoop](https://scoop.sh/) (Windows)``` scoop bucket add auth0 https://github.com/auth0/scoop-auth0-cli.git scoop install auth0 ``` 2. Authenticate the CLI with your Auth0 account. Choose "as a user" if prompted. ``` auth0 login ``` ### 3. Configure the SDK [](#3-configure-the-sdk) 1. Register a new application with Auth0. ``` auth0 apps create \ --name "My Laravel Application" \ --type "regular" \ --auth-method "post" \ --callbacks "http://localhost:8000/callback" \ --logout-urls "http://localhost:8000" \ --reveal-secrets \ --no-input \ --json > .auth0.app.json ``` 2. Register a new API with Auth0. ``` auth0 apis create \ --name "My Laravel Application API" \ --identifier "https://github.com/auth0/laravel-auth0" \ --offline-access \ --no-input \ --json > .auth0.api.json ``` 3. Add the new files to `.gitignore`. ``` echo ".auth0.*.json" >> .gitignore ``` Using Windows PowerShell``` Add-Content .gitignore "`n.auth0.*.json" ``` Using Windows Command Prompt``` echo .auth0.*.json >> .gitignore ``` ### 4. Run the Application [](#4-run-the-application) Boot the application using PHP's built-in web server. ``` php artisan serve ``` Direct your browser to to experiment with the application. - **Authentication** Users can log in or out of the application by visiting the [`/login`](http://localhost:8000/login) or [`/logout`](http://localhost:8000/logout) routes, respectively. - **API Authorization** For simplicity sake, generate a test token using the CLI. ``` auth0 test token \ --audience %IDENTIFIER% \ --scopes "read:messages" ``` ✋ *Substitute `%IDENTIFIER%` with the identifier of the API you created in step 3 above.* Now you can send requests to the `/api` endpoints of the application, including the token as a header. ``` curl --request GET \ --url http://localhost:8000/api/example \ --header 'Accept: application/json' \ --header 'Authorization: Bearer %TOKEN%' ``` ✋ *Substitute `%TOKEN%` with the test token returned in the previous step.* Using Windows PowerShell``` Invoke-WebRequest http://localhost:8000/api/example ` -Headers @{'Accept' = 'application/json'; 'Authorization' = 'Bearer %TOKEN%'} ``` When you're ready to deploy your application to production, review [our deployment guide](./docs/Deployment.md) for best practices and advice on securing Laravel. Integration Examples -------------------- [](#integration-examples) **User Authentication**The SDK automatically registers all the necessary routes and authentication services within the `web` middleware group of your application to enable users to authenticate without requiring you to write any code. RoutePurpose`/login`Initiates the authentication flow.`/logout`Logs the user out.`/callback`Handles the callback from Auth0.If these routes conflict with your application architecture, you can override this default behavior by [adjusting the SDK configuration](./docs/Configuration.md#route-registration). --- **Route Authorization (Access Control)**The SDK automatically registers its authentication and authorization guards within the `web` and `api` middleware groups for your Laravel application, respectively. For `web` routes, you can use Laravel's `auth` middleware to require that a user be authenticated to access a route. ``` Route::get('/private', function () { return response('Welcome! You are logged in.'); })->middleware('auth'); ``` For `api` routes, you can use Laravel's `auth` middleware to require that a request be authenticated with a valid bearer token to access a route. ``` Route::get('/api/private', function () { return response()->json(['message' => 'Hello! You included a valid token with your request.']); })->middleware('auth'); ``` In addition to requiring that a user be authenticated, you can also require that the user have specific permissions to access a route, using Laravel's `can` middleware. ``` Route::get('/scope', function () { return response('You have the `read:messages` permission, and can therefore access this resource.'); })->middleware('auth')->can('read:messages'); ``` Permissions require that [RBAC](https://auth0.com/docs/manage-users/access-control/rbac) be enabled within [your API settings](https://manage.auth0.com/#/apis). --- **Users and Tokens**Laravel's `Auth` Facade can be used to retrieve information about the authenticated user or token associated with a request. For routes using the `web` middleware group in `routes/web.php`. ``` Route::get('/', function () { if (! auth()->check()) { return response('You are not logged in.'); } $user = auth()->user(); $name = $user->name ?? 'User'; $email = $user->email ?? ''; return response("Hello {$name}! Your email address is {$email}."); }); ``` For routes using the `api` middleware group in `routes/api.php`. ``` Route::get('/', function () { if (! auth()->check()) { return response()->json([ 'message' => 'You did not provide a token.', ]); } return response()->json([ 'message' => 'Your token is valid; you are authorized.', 'id' => auth()->id(), 'token' => auth()?->user()?->getAttributes(), ]); }); ``` --- **Management API Calls**Once you've [authorized your application to make Management API calls](./docs/Management.md#api-application-authorization), you'll be able to engage nearly any of the [Auth0 Management API endpoints](https://auth0.com/docs/api/management/v2) through the SDK. Each API endpoint has its own SDK class which can be accessed through the Facade's `management()` factory method. For interoperability, network responses from the API are returned as [PSR-7 messages](https://www.php-fig.org/psr/psr-7/). These can be converted into native arrays using the SDK's `json()` method. For example, to update a user's metadata, you can call the `management()->users()->update()` method. ``` use Auth0\Laravel\Facade\Auth0; Route::get('/colors', function () { $colors = ['red', 'blue', 'green', 'black', 'white', 'yellow', 'purple', 'orange', 'pink', 'brown']; // Update the authenticated user with a randomly assigned favorite color. Auth0::management()->users()->update( id: auth()->id(), body: [ 'user_metadata' => [ 'color' => $colors[random_int(0, count($colors) - 1)] ] ] ); // Retrieve the user's updated profile. $profile = Auth0::management()->users()->get(auth()->id()); // Convert the PSR-7 response into a native array. $profile = Auth0::json($profile); // Extract some values from the user's profile. $color = $profile['user_metadata']['color'] ?? 'unknown'; $name = auth()->user()->name; return response("Hello {$name}! Your favorite color is {$color}."); })->middleware('auth'); ``` All the SDK's Management API methods are [documented here](./docs/Management.md). Documentation ------------- [](#documentation) - [Installation](./docs/Installation.md) — Installing the SDK and generating configuration files. - [Configuration](./docs/Configuration.md) — Configuring the SDK using JSON files or environment variables. - [Sessions](./docs/Sessions.md) — Guidance on deciding which Laravel Session API driver to use. - [Cookies](./docs/Cookies.md) — Important notes about using Laravel's Cookie session driver, and alternative options. - [Management API](./docs/Management.md) — Using the SDK to work with the [Auth0 Management API](https://auth0.com/docs/api/management/v2). - [Users](./docs/Users.md) — Extending the SDK to support persistent storage and [Eloquent](https://laravel.com/docs/eloquent) models. - [Events](./docs/Events.md) — Hooking into SDK [events](https://laravel.com/docs/events) to respond to specific actions. - [Deployment](./docs/Deployment.md) — Deploying your application to production. You may find the following integration guidance useful: - [Laravel Eloquent](./docs/Eloquent.md) — [Eloquent ORM](https://laravel.com/docs/eloquent) is supported. - [Laravel Octane](./docs/Octane.md) — [Octane](https://laravel.com/docs/octane) is not supported at this time. - [Laravel Telescope](./docs/Telescope.md) — [Telescope](https://laravel.com/docs/telescope) is compatible as of SDK v7.11.0. You may also find the following resources helpful: - [Auth0 Documentation Hub](https://www.auth0.com/docs) - [Auth0 Management API Explorer](https://auth0.com/docs/api/management/v2) - [Auth0 Authentication API Explorer](https://auth0.com/docs/api/authentication) Contributions to improve our documentation [are welcomed](https://github.com/auth0/laravel-auth0/pull). QuickStarts ----------- [](#quickstarts) - [Session-based Authentication](https://auth0.com/docs/quickstart/webapp/laravel) ([GitHub](https://github.com/auth0-samples/laravel)) - [Token-based Authorization](https://auth0.com/docs/quickstart/backend/laravel) ([GitHub](https://github.com/auth0-samples/laravel)) Community --------- [](#community) The [Auth0 Community](https://community.auth0.com) is where you can get support, ask questions, and share your projects. Contributing ------------ [](#contributing) We appreciate feedback and contributions to this library. Before you get started, please review Auth0's [General Contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md). The [Contribution Guide](./.github/CONTRIBUTING.md) contains information about our development process and expectations, insight into how to propose bug fixes and improvements, and instructions on how to build and test changes to the library. To provide feedback or report a bug, [please raise an issue](https://github.com/auth0/laravel-auth0/issues). Code of Conduct --------------- [](#code-of-conduct) Participants are expected to adhere to Auth0's [Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md) when interacting with this project. Security -------- [](#security) If you believe you have found a security vulnerability, we encourage you to responsibly disclose this and not open a public issue. We will investigate all reports. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. License ------- [](#license) This library is open-sourced software licensed under the [MIT license](./LICENSE.md). --- ![Auth0 Logo](https://camo.githubusercontent.com/bcfabe4929567368a48c579451f553ddf872d76673d02f78871f5fa06281b453/68747470733a2f2f63646e2e61757468302e636f6d2f776562736974652f73646b732f6c6f676f732f61757468305f6c696768745f6d6f64652e706e67) Auth0 is an easy-to-implement, adaptable authentication and authorization platform. To learn more, check out ["Why Auth0?"](https://auth0.com/why-auth0) ### Health Score 73 — ExcellentBetter than 100% of packages Maintenance82 Actively maintained with recent releases Popularity65 Solid adoption and visibility Community39 Small or concentrated contributor base Maturity91 Battle-tested with a long release history Bus Factor1 Top contributor holds 54.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~53 days Recently: every ~63 days Total 81 Last Release 153d ago Major Versions 3.2.1 → 4.0.02016-09-15 4.0.8 → 5.0.02017-02-22 5.4.0 → 6.0.02020-04-10 6.5.0 → 7.0.0-BETA12022-02-08 6.x-dev → 7.0.12022-06-02 PHP version history (10 changes)1.0.3PHP >=5.3.0 5.2.0PHP >=5.4.0 5.3.1PHP >=5.5.0 6.0.0PHP ^7.1 6.2.0PHP ^7.3 | ^8.0 6.4.1PHP ^7.3 || ^8.0 7.0.0-BETA1PHP ^7.4 || ^8.0 7.2.0PHP ^8.0 7.12.0PHP ^8.1 7.13.0PHP ^8.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/ec0ec745d1cdbff1167fbb891d9d5985eaac4378150ca443fcc67a6ef8350382?d=identicon)[Auth0](/maintainers/Auth0) --- Top Contributors [![evansims](https://avatars.githubusercontent.com/u/3093?v=4)](https://github.com/evansims "evansims (317 commits)")[![glena](https://avatars.githubusercontent.com/u/5647310?v=4)](https://github.com/glena "glena (96 commits)")[![joshcanhelp](https://avatars.githubusercontent.com/u/855223?v=4)](https://github.com/joshcanhelp "joshcanhelp (31 commits)")[![lbalmaceda](https://avatars.githubusercontent.com/u/3900123?v=4)](https://github.com/lbalmaceda "lbalmaceda (15 commits)")[![hrajchert](https://avatars.githubusercontent.com/u/2634059?v=4)](https://github.com/hrajchert "hrajchert (14 commits)")[![kishore7snehil](https://avatars.githubusercontent.com/u/24604580?v=4)](https://github.com/kishore7snehil "kishore7snehil (13 commits)")[![mgonto](https://avatars.githubusercontent.com/u/723723?v=4)](https://github.com/mgonto "mgonto (12 commits)")[![jimmyjames](https://avatars.githubusercontent.com/u/276225?v=4)](https://github.com/jimmyjames "jimmyjames (12 commits)")[![nstapelbroek](https://avatars.githubusercontent.com/u/3368018?v=4)](https://github.com/nstapelbroek "nstapelbroek (10 commits)")[![damieng](https://avatars.githubusercontent.com/u/118951?v=4)](https://github.com/damieng "damieng (6 commits)")[![seanmangar](https://avatars.githubusercontent.com/u/6080053?v=4)](https://github.com/seanmangar "seanmangar (6 commits)")[![cocojoe](https://avatars.githubusercontent.com/u/928115?v=4)](https://github.com/cocojoe "cocojoe (4 commits)")[![ntotten](https://avatars.githubusercontent.com/u/282782?v=4)](https://github.com/ntotten "ntotten (4 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (4 commits)")[![thijsvdanker](https://avatars.githubusercontent.com/u/429548?v=4)](https://github.com/thijsvdanker "thijsvdanker (4 commits)")[![Annyv2](https://avatars.githubusercontent.com/u/5016479?v=4)](https://github.com/Annyv2 "Annyv2 (3 commits)")[![anicho123](https://avatars.githubusercontent.com/u/182492285?v=4)](https://github.com/anicho123 "anicho123 (3 commits)")[![frederikprijck](https://avatars.githubusercontent.com/u/2146903?v=4)](https://github.com/frederikprijck "frederikprijck (3 commits)")[![irieznykov](https://avatars.githubusercontent.com/u/48024435?v=4)](https://github.com/irieznykov "irieznykov (2 commits)")[![arpit-jn](https://avatars.githubusercontent.com/u/167312832?v=4)](https://github.com/arpit-jn "arpit-jn (2 commits)") --- Tags authenticationdx-sdklaravelmanagementphpjwtapilaravelJWKauthAuthenticationJSON Web TokenoauthauthorizationsecureprotectOpenIdloginauth0json web key ### Code Quality TestsPest Static AnalysisPHPStan, Psalm, Rector Code StylePHP CS Fixer Type Coverage Yes ### Embed Badge ![Health badge](/badges/auth0-login/health.svg) ``` [![Health](https://phpackages.com/badges/auth0-login/health.svg)](https://phpackages.com/packages/auth0-login) ``` ### Alternatives [auth0/auth0-php PHP SDK for Auth0 Authentication and Management APIs. 40820.2M68](/packages/auth0-auth0-php)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony)[auth0/wordpress WordPress Plugin for Auth0 17419.5k](/packages/auth0-wordpress)[tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M350](/packages/tymon-jwt-auth)[league/oauth2-server A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 6.6k136.0M248](/packages/league-oauth2-server)[php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 8359.8M53](/packages/php-open-source-saver-jwt-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)