PHPackages authio/authio - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. authio/authio ActiveLibrary[Authentication & Authorization](/categories/authentication) authio/authio ============= Authio PHP SDK — passwordless, multi-org auth for B2B apps. 0.1.0(4w ago)00MITPHPPHP ^8.2CI passing Since May 21Pushed yesterdayCompare [ Source](https://github.com/Authio-com/authio_php)[ Packagist](https://packagist.org/packages/authio/authio)[ Docs](https://authio.com)[ RSS](/packages/authio-authio/feed)WikiDiscussions main Synced today READMEChangelogDependencies (3)Versions (3)Used By (0) ![Authio](.github/logo-light.png) authio/authio (PHP) =================== [](#authioauthio-php) > Part of **[Authio Lobby](https://authio.com/products/lobby)** — Authio's drop-in passwordless authentication. Learn more at . Authio PHP SDK. Verifies session JWTs against Authio's JWKS and kicks off magic-link sign-in flows. What's new — 2026-05-23 WorkOS-parity sprint -------------------------------------------- [](#whats-new--2026-05-23-workos-parity-sprint) The Authio API gained four new product surfaces ([`authio_proto`](https://github.com/authio-com/authio_proto)). The PHP gem verifies the new JWT shape unchanged (`$claims['roles']`, `$claims['permissions']` on every customer session). Reference docs: - Embeddable widgets — [docs.authio.com/widgets/overview](https://docs.authio.com/widgets/overview) - Synchronous Actions — [docs.authio.com/actions/overview](https://docs.authio.com/actions/overview) - DCR / CIMD / MCP — [docs.authio.com/concepts/dynamic-client-registration](https://docs.authio.com/concepts/dynamic-client-registration) - Roles + permissions — [docs.authio.com/concepts/roles-and-permissions](https://docs.authio.com/concepts/roles-and-permissions) Install ------- [](#install) ``` composer require authio/authio ``` Quickstart ---------- [](#quickstart) ``` use Authio\Authio; $authio = new Authio([ 'api_key' => getenv('AUTHIO_SECRET_KEY'), 'api_url' => 'https://api.authio.com', 'publishable_key' => getenv('AUTHIO_PUBLISHABLE_KEY'), ]); // In a controller / middleware: $session = $authio->verifyToken($_COOKIE['authio_session'] ?? null); if ($session === null) { header('Location: /auth/sign-in'); exit; } // $session->userId — always set // $session->orgId — string|null, null until the user picks an org // $session->role — string|null // $session->claims — custom T2.4 claims, merged ``` Laravel integration ------------------- [](#laravel-integration) The `create-authio-app --framework=laravel` template wires a singleton via `AppServiceProvider` and an `AuthenticateWithAuthio` middleware that uses `$authio->verifyToken()` on the `authio_session` cookie. API --- [](#api) MethodDescription`new Authio($options)`Construct with `api_key`, `api_url`, `publishable_key`.`verifyToken(?string $token): ?Session`Verify JWT against the cached JWKS. `null` on failure.`signIn(string $email, string $redirectUrl): array`POST to `/v1/auth/magic-link/start`.`Session` exposes `sessionId`, `userId`, `orgId`, `role`, `expiresAt`, `claims`, `isImpersonation`, `impersonatorEmail`. Requirements ------------ [](#requirements) - PHP 8.2+ - `ext-openssl` for EdDSA verification - `firebase/php-jwt` 6.x (installed automatically) License ------- [](#license) MIT ### Health Score 37 — LowBetter than 81% of packages Maintenance98 Actively maintained with recent releases Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity37 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 28d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/17088878?v=4)[Authio](/maintainers/Authio)[@authio](https://github.com/authio) --- Top Contributors [![tcast](https://avatars.githubusercontent.com/u/692305?v=4)](https://github.com/tcast "tcast (10 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/authio-authio/health.svg) ``` [![Health](https://phpackages.com/badges/authio-authio/health.svg)](https://phpackages.com/packages/authio-authio) ``` ### Alternatives [google/auth Google Auth Library for PHP 1.4k286.7M204](/packages/google-auth)[ellaisys/aws-cognito AWS Cognito package that allows Auth and other related features using the AWS SDK for PHP 121242.9k1](/packages/ellaisys-aws-cognito)[neuron-core/neuron-ai The PHP Agentic Framework. 1.9k496.1k33](/packages/neuron-core-neuron-ai)[civicrm/civicrm-core Open source constituent relationship management for non-profits, NGOs and advocacy organizations. 749284.3k35](/packages/civicrm-civicrm-core)[eslazarev/wildberries-sdk Wildberries OpenAPI clients (generated). 232.5k](/packages/eslazarev-wildberries-sdk)[forumify/forumify-platform 122.0k12](/packages/forumify-forumify-platform) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)