PHPackages byjg/jwt-wrapper - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. byjg/jwt-wrapper ActiveLibrary[Authentication & Authorization](/categories/authentication) byjg/jwt-wrapper ================ A simple and flexible wrapper around the Firebase JWT library that makes JWT token handling easy and intuitive in PHP applications 6.1.0(2mo ago)498.1k—2.2%4[1 issues](https://github.com/byjg/php-jwt-wrapper/issues)3MITPHPPHP >=8.3 <8.6CI passing Since Feb 8Pushed 2mo ago1 watchersCompare [ Source](https://github.com/byjg/php-jwt-wrapper)[ Packagist](https://packagist.org/packages/byjg/jwt-wrapper)[ GitHub Sponsors](https://github.com/byjg)[ RSS](/packages/byjg-jwt-wrapper/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (3)Versions (16)Used By (3) sidebar\_key tags jwt-wrapper php cryptography authentication JWT Wrapper =========== [](#jwt-wrapper) A simple and flexible wrapper around the Firebase JWT library that makes JWT token handling easy and intuitive in PHP applications. [![Sponsor](https://camo.githubusercontent.com/fab14b7f7f475072ada0473f193d6f322561fd4a2958e0cc89910d053347cf27/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f53706f6e736f722d2532336561346161613f6c6f676f3d67697468756273706f6e736f7273266c6f676f436f6c6f723d7768697465266c6162656c436f6c6f723d306431313137)](https://github.com/sponsors/byjg)[![Build Status](https://github.com/byjg/php-jwt-wrapper/actions/workflows/phpunit.yml/badge.svg?branch=master)](https://github.com/byjg/php-jwt-wrapper/actions/workflows/phpunit.yml)[![Opensource ByJG](https://camo.githubusercontent.com/425c1bbccc0f292bf4d20569ae74a6b2e384fd648f1af8911bc61de9a8dcfc0b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6f70656e736f757263652d62796a672d737563636573732e737667)](http://opensource.byjg.com)[![GitHub source](https://camo.githubusercontent.com/88e61eb211719144efdd570290a0456b6e13099c2df8d973f1bb43fe33bf0039/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4769746875622d736f757263652d696e666f726d6174696f6e616c3f6c6f676f3d676974687562)](https://github.com/byjg/php-jwt-wrapper/)[![GitHub license](https://camo.githubusercontent.com/87446a8008eb141a50fa3c07f9272397cac4e950a25099645dcb0b167a702518/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f62796a672f7068702d6a77742d777261707065722e737667)](https://opensource.byjg.com/opensource/licensing.html)[![GitHub release](https://camo.githubusercontent.com/c57f89b3f7d5ad77484e64be3abdd67404ce4cbd34d7cbc4c20737696d3e37da/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f62796a672f7068702d6a77742d777261707065722e737667)](https://github.com/byjg/php-jwt-wrapper/releases/) Features -------- [](#features) - **Simple API**: Create and validate JWT tokens with minimal code - **Flexible Signing**: Support for both HMAC (shared secret) and RSA/ECDSA (public/private key) methods - **Automatic Claims**: Built-in handling of standard JWT claims (iat, exp, nbf) - **HTTP Integration**: Helper methods for extracting tokens from HTTP headers - **Key Management**: Intuitive interfaces for different key types Installation ------------ [](#installation) ``` composer require "byjg/jwt-wrapper" ``` Quick Example ------------- [](#quick-example) ``` // Create a JWT token using HMAC $server = "example.com"; $secret = new \ByJG\JwtWrapper\JwtHashHmacSecret(base64_encode("your_secret_key")); $jwtWrapper = new \ByJG\JwtWrapper\JwtWrapper($server, $secret); // Add custom data and set expiration $token = $jwtWrapper->generateToken( $jwtWrapper->createJwtData(["userId" => 123], 3600) ); // Validate and extract data try { $jwtData = $jwtWrapper->extractData($token); $userId = $jwtData->data->userId; } catch (\ByJG\JwtWrapper\JwtWrapperException $e) { // Handle invalid token } ``` Documentation ------------- [](#documentation) Detailed documentation: DocumentDescription[Overview](docs/overview.md)Introduction and core concepts[Key Types](docs/key-types.md)HMAC and OpenSSL key configuration[Creating Tokens](docs/creating-tokens.md)Token generation and customization[Validating Tokens](docs/validating-tokens.md)Token validation and data extraction[API Reference](docs/api-reference.md)Complete class and method documentationExamples -------- [](#examples) The library includes complete examples in the `example` directory showing: - Token creation with login.php - Token validation with api.php - Client-side usage with client.html ``` sequenceDiagram participant LOCAL participant CLIENT participant SERVER participant PRIVATE_RESOURCE LOCAL->>CLIENT: Retrieve Local Token CLIENT->>SERVER: Pass Token SERVER->>PRIVATE_RESOURCE: Validate Token PRIVATE_RESOURCE->>CLIENT: Return Result if token is valid CLIENT->>LOCAL: Store Token ``` Loading Running the tests ----------------- [](#running-the-tests) ``` vendor/bin/phpunit ``` Dependencies ------------ [](#dependencies) ``` flowchart TD byjg/jwt-wrapper --> firebase/php-jwt byjg/jwt-wrapper --> ext-openssl ``` Loading --- [Open source ByJG](http://opensource.byjg.com) ### Health Score 60 — FairBetter than 99% of packages Maintenance80 Actively maintained with recent releases Popularity37 Limited adoption so far Community14 Small or concentrated contributor base Maturity88 Battle-tested with a long release history Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~235 days Recently: every ~120 days Total 15 Last Release 86d ago Major Versions 1.0.1 → 2.0.02019-01-09 2.0.2 → 4.9.02023-05-21 4.9.3 → 5.0.x-dev2024-10-27 5.0.0 → 6.0.02025-11-22 PHP version history (2 changes)5.0.x-devPHP >=8.1 <8.4 6.0.0PHP >=8.3 <8.6 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/981924?v=4)[Joao Gilberto Magalhaes](/maintainers/byjg)[@byjg](https://github.com/byjg) --- Top Contributors [![byjg](https://avatars.githubusercontent.com/u/981924?v=4)](https://github.com/byjg "byjg (67 commits)") ### Code Quality TestsPHPUnit Static AnalysisPsalm Type Coverage Yes ### Embed Badge ![Health badge](/badges/byjg-jwt-wrapper/health.svg) ``` [![Health](https://phpackages.com/badges/byjg-jwt-wrapper/health.svg)](https://phpackages.com/packages/byjg-jwt-wrapper) ``` ### Alternatives [google/auth Google Auth Library for PHP 1.4k272.7M162](/packages/google-auth)[thenetworg/oauth2-azure Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2509.6M48](/packages/thenetworg-oauth2-azure)[stevenmaguire/oauth2-keycloak Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2275.9M27](/packages/stevenmaguire-oauth2-keycloak)[robsontenorio/laravel-keycloak-guard 🔑 Simple Keycloak Guard for Laravel 5161.1M3](/packages/robsontenorio-laravel-keycloak-guard)[patrickbussmann/oauth2-apple Sign in with Apple OAuth 2.0 Client Provider for The PHP League OAuth2-Client 1132.5M6](/packages/patrickbussmann-oauth2-apple)[wp-graphql/wp-graphql-jwt-authentication JWT Authentication for WPGraphQL 361118.4k1](/packages/wp-graphql-wp-graphql-jwt-authentication) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)