PHPackages                             ciricihq/jwt-client-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. ciricihq/jwt-client-bundle

ActiveSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

ciricihq/jwt-client-bundle
==========================

Symfony client for manage JWT login against external JWT server or to check if coming JWT token is valid

23.5k[2 issues](https://github.com/ciricihq/CiriciJWTClientBundle/issues)PHP

Since Sep 26Pushed 7y ago2 watchersCompare

[ Source](https://github.com/ciricihq/CiriciJWTClientBundle)[ Packagist](https://packagist.org/packages/ciricihq/jwt-client-bundle)[ RSS](/packages/ciricihq-jwt-client-bundle/feed)WikiDiscussions master Synced today

READMEChangelogDependenciesVersions (1)Used By (0)

CiriciJWTClientBundle
=====================

[](#ciricijwtclientbundle)

[![Build status](https://camo.githubusercontent.com/84f02fd8d21c71495c20ac0dcd7cebc1e8acffce2bda04eed2ffffb417c22544/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f63697269636968712f4369726963694a5754436c69656e7442756e646c652f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/ciricihq/CiriciJWTClientBundle)[![Code coverage](https://camo.githubusercontent.com/a1fcd2ed2b3cdd5e3dca4b77a739cf33eeabe993c466fb71640cfc88eab5efc1/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f63697269636968712f4369726963694a5754436c69656e7442756e646c652f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://codecov.io/gh/ciricihq/CiriciJWTClientBundle)[![License](https://camo.githubusercontent.com/7abf4adbc7b491351d938b20d02a30ca755b3663e30de43abe120bf8db205bfb/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f63697269636968712f4369726963694a5754436c69656e7442756e646c652e7376673f7374796c653d666c61742d737175617265)](https://github.com/ciricihq/CiriciJWTClientBundle/blob/master/LICENSE.md)[![Latest stable version](https://camo.githubusercontent.com/0fb14f539bf635c58903f600be06d6f46d84c3d9420c750bd4d5d90e7373ce05/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f63697269636968712f4369726963694a5754436c69656e7442756e646c652e7376673f7374796c653d666c61742d737175617265)](https://github.com/ciricihq/CiriciJWTClientBundle/releases)[![Total downloads](https://camo.githubusercontent.com/2282f39a03ab3941e0860092b40e85fcfd11aa7a37c4c23e1e099d059eb0fc76/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f63697269636968712f4369726963694a5754436c69656e7442756e646c652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/ciricihq/CiriciJWTClientBundle)[![Code climate](https://camo.githubusercontent.com/502b64b5b0fa014d56815bf3ce4f2c6972546d582f8dc774822ef4495c42e96f/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636c696d6174652f6769746875622f63697269636968712f4369726963694a5754436c69656e7442756e646c652e7376673f7374796c653d666c61742d737175617265)](https://codeclimate.com/github/ciricihq/CiriciJWTClientBundle)

This Bundle is used to login against a JWT server or to check the validity of a JWT Token

It has been based on [these instructions](http://ypereirareis.github.io/blog/2016/03/16/symfony-lexikjwtauthenticationbundle-client-user-authenticator-provider/).

WARNING! This bundle is Work In Progress and is not ready for production yet

Installation
------------

[](#installation)

```
composer require ciricihq/jwt-client-bundle:dev-master
```

Then add to `AppKernel.php`

```
        $bundles = [
            ...
            new Cirici\JWTClientBundle\CiriciJWTClientBundle(),
            ...
        ];
```

Configuration
-------------

[](#configuration)

If you are planning to use the bundle as a Authentication service against a JWT server, you should load the external token authenticator adding this to your `config.yml`

```
cirici_jwt_client:
    use_external_jwt_api: true
    external_api: "@eight_points_guzzle.client.api_jwt"
    jwt_token_path: /jwt/token # Endpoint where the token POST request will be done
```

And you must define the api using Guzzle configuration

```
guzzle:
    clients:
        api_jwt:
            base_url: %api_jwt_base_url%
```

Configure security for login form against external JWT server
-------------------------------------------------------------

[](#configure-security-for-login-form-against-external-jwt-server)

In order to make this bundle work you should define your `security.yml` like this

```
# To get started with security, check out the documentation:
security:
    providers:
        token:
            id: project.token.user_provider

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern: ^/
            provider: token
            anonymous: true
            simple_form:
                authenticator: project.token.external_authenticator
                check_path: login_check
                login_path: login
                # user_referer: true
                failure_path: login
            logout:
                path: /logout
                target: login
            remember_me:
                secret: '%secret%'
                lifetime: 86400
                path: /

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/registration, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_ADMIN }
```

In `routes.yml` you has to add a login path as those lines for the login fails redirect and add the bundle routes import as well:

```
jwt_client:
    resource: '@CiriciJWTClientBundle/Resources/config/routing.yml'
    prefix: /

login:
    path: /login
```

Setting up custom User class for incoming requests
--------------------------------------------------

[](#setting-up-custom-user-class-for-incoming-requests)

If you want to map the incoming token calls with a custom User class instead of ApiUser you should implement `Cirici\JWTClientBundle\Security\ApiUserInterface` in your custom User class. Then configure your custom User class in `config.yml`:

```
cirici_jwt_client:
    api_user_class: '\AppBundle\Entity\User'
```

Configure to validate incoming Authentication bearer
----------------------------------------------------

[](#configure-to-validate-incoming-authentication-bearer)

In your `security.yml` firewall you has to add the next lines:

```
security:
    providers:
        token:
            id: project.token.user_provider

    firewalls:
        api:
            pattern:   ^/api/user
            stateless: true
            guard:
                provider: token
                authenticators:
                    - project.token.authenticator
```

Extending login template
------------------------

[](#extending-login-template)

If you want to modify the default login template you should create the next folders

```
mkdir -P app/Resources/CiriciJWTClientBundle/views/Security
```

And then copy the file `login.html.twig` from the bundle to the folder created above.

Now your app will load the login template just copied and you can modify it without altering the bundle one. :)

###  Health Score

19

—

LowBetter than 9% of packages

Maintenance0

Infrequent updates — may be unmaintained

Popularity19

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity40

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/4225298?v=4)[Genar Trias Ortiz](/maintainers/gtrias)[@gtrias](https://github.com/gtrias)

![](https://avatars.githubusercontent.com/u/153305?v=4)[Òscar Casajuana](/maintainers/elboletaire)[@elboletaire](https://github.com/elboletaire)

---

Top Contributors

[![elboletaire](https://avatars.githubusercontent.com/u/153305?v=4)](https://github.com/elboletaire "elboletaire (6 commits)")

---

Tags

jwtjwt-serversymfonysymfony-bundle

### Embed Badge

![Health badge](/badges/ciricihq-jwt-client-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/ciricihq-jwt-client-bundle/health.svg)](https://phpackages.com/packages/ciricihq-jwt-client-bundle)
```

###  Alternatives

[kartik-v/yii2-password

Useful password strength validation utilities for Yii Framework 2.0

761.2M17](/packages/kartik-v-yii2-password)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)