PHPackages bencolmer/laravel-fit-validator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. bencolmer/laravel-fit-validator ActiveLibrary[Validation & Sanitization](/categories/validation) bencolmer/laravel-fit-validator =============================== Validate Atlassian Forge Invocation Tokens (FITs) in Laravel 1.2.0(1mo ago)08MITPHPPHP ^8.1 Since Feb 1Pushed 1mo agoCompare [ Source](https://github.com/bencolmer/laravel-fit-validator)[ Packagist](https://packagist.org/packages/bencolmer/laravel-fit-validator)[ RSS](/packages/bencolmer-laravel-fit-validator/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (3)Dependencies (14)Versions (4)Used By (0) Laravel FIT Validator ===================== [](#laravel-fit-validator) [![Latest Version on Packagist](https://camo.githubusercontent.com/92a0b8be394cbbe348b634c4e5573d2d12c344bd6392b2daa075220cbc7054a7/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f62656e636f6c6d65722f6c61726176656c2d6669742d76616c696461746f722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/bencolmer/laravel-fit-validator) This package allows you to validate and use Atlassian [Forge Invocation Tokens](https://developer.atlassian.com/platform/forge/remote/essentials/#the-forge-invocation-token--fit-) (FITs) in Laravel. Installation ------------ [](#installation) 1. Install the package via composer: ``` composer require bencolmer/laravel-fit-validator ``` 2. Configure `.env` values: ``` FIT_APP_ID="example:id::app/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" # The ID of your Forge application FIT_JWKS_URL="https://forge.cdn.prod.atlassian-dev.net/.well-known/jwks.json" # The JWKS URL for your Forge application ``` 3. Add the `fit` middleware to any routes that should validate Forge Invocation Tokens. ``` Route::middleware('fit')->group(function () { // }); ``` Token Usage ----------- [](#token-usage) The `fit` middleware will validate the Forge Invocation Token and add the validated payload to the request input array. Example: ``` // in routes/api.php Route::middleware('fit')->group(function () { Route::get('example', [ExampleController::class, 'index']); }); ``` ``` // in app/Http/Controllers/ExampleController.php use Illuminate\Http\Request; class ExampleController extends Controller { public function index(Request $request) { $fit = $request->input('fit'); // ... } } ``` Advanced Usage -------------- [](#advanced-usage) You can configure the package to validate FIT tokens from multiple Forge applications: 1. Publish package configuration ``` php artisan vendor:publish --provider="BenColmer\LaravelFITValidator\Providers\ServiceProvider" ``` 2. Add your Forge application details to the `applications` array in `config/fit.php`: ``` // ... 'applications' => [ // ... // details for your other application 'otherApp' => [ 'appId' => (string) env('FIT_OTHER_APP_ID', ''), 'jwksUrl' => (string) env('FIT_OTHER_JWKS_URL', ''), ] ], ``` 3. Update the `fit` middleware to use the configuration for your new application ``` // in routes/api.php Route::middleware('fit')->group(function () { // validate FITs using the "default" application config }); Route::middleware('fit:otherApp')->group(function () { // validate FITs using the "otherApp" application config }); ``` Additional Configuration ------------------------ [](#additional-configuration) The following options can also be modified by publishing the package configuration: NameDefault ValueDescription`middlewareAlias``fit`The alias for the FIT validation middleware`issuer``forge/invocation-token`The expected Forge Invocation Token issuer`jwksCacheDuration`5 minutesThe cache duration for fetched JSON Web Key Sets. Setting this to `null` will disable cachingTesting ------- [](#testing) Run tests via PHPUnit: ``` ./vendor/bin/phpunit ``` Credits ------- [](#credits) - [Ben Colmer](https://github.com/bencolmer) License ------- [](#license) Laravel FIT Validator is open-sourced software licensed under the [MIT license](LICENSE.md). ### Health Score 39 — LowBetter than 86% of packages Maintenance91 Actively maintained with recent releases Popularity5 Limited adoption so far Community6 Small or concentrated contributor base Maturity45 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~28 days Total 3 Last Release 44d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/2b35214229c349af176065734509581603c542ee6811b6cfeee0d33ff52dc65a?d=identicon)[bencolmer](/maintainers/bencolmer) --- Top Contributors [![bencolmer](https://avatars.githubusercontent.com/u/72663325?v=4)](https://github.com/bencolmer "bencolmer (12 commits)") --- Tags atlassian-forgelaravellaravelatlassianFitforge ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/bencolmer-laravel-fit-validator/health.svg) ``` [![Health](https://phpackages.com/badges/bencolmer-laravel-fit-validator/health.svg)](https://phpackages.com/packages/bencolmer-laravel-fit-validator) ``` ### Alternatives [laravel/socialite Laravel wrapper around OAuth 1 & OAuth 2 libraries. 5.7k96.9M674](/packages/laravel-socialite)[laravel/passport Laravel Passport provides OAuth2 server support to Laravel. 3.4k85.0M532](/packages/laravel-passport)[proengsoft/laravel-jsvalidation Validate forms transparently with Javascript reusing your Laravel Validation Rules, Messages, and FormRequest 1.1k2.3M49](/packages/proengsoft-laravel-jsvalidation)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9682.1M97](/packages/roots-acorn)[omniphx/forrest A Laravel library for Salesforce 2724.4M8](/packages/omniphx-forrest)[stevebauman/purify An HTML Purifier / Sanitizer for Laravel 5325.6M19](/packages/stevebauman-purify) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)