PHPackages cleaniquecoders/token-vault - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. cleaniquecoders/token-vault ActiveLibrary[Authentication & Authorization](/categories/authentication) cleaniquecoders/token-vault =========================== A secure and extensible token manager for Laravel, designed to store, encrypt, and validate tokens or API keys from services like GitHub, GitLab, etc. 1.2.0(2mo ago)4436MITPHPPHP ^8.4CI passing Since Jul 19Pushed 2mo agoCompare [ Source](https://github.com/cleaniquecoders/token-vault)[ Packagist](https://packagist.org/packages/cleaniquecoders/token-vault)[ Docs](https://github.com/cleaniquecoders/token-vault)[ GitHub Sponsors](https://github.com/CleaniqueCoders)[ RSS](/packages/cleaniquecoders-token-vault/feed)WikiDiscussions main Synced 3w ago READMEChangelog (4)Dependencies (26)Versions (5)Used By (0) Laravel Token Vault =================== [](#laravel-token-vault) [![Latest Version on Packagist](https://camo.githubusercontent.com/8307569142153eff104737ebbb804dbf1203ee44534255f098dc240b93373ef1/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f636c65616e69717565636f646572732f746f6b656e2d7661756c742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/cleaniquecoders/token-vault)[![GitHub Tests Action Status](https://camo.githubusercontent.com/21acd3337b75f8f0cf1d30983430ac264705a190fbd30b2e634fc5a7dbfc3572/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f636c65616e69717565636f646572732f746f6b656e2d7661756c742f72756e2d74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/cleaniquecoders/token-vault/actions?query=workflow%3Arun-tests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/933d0d16d44b737a8415aa03a30d79dd7654c2d7b16c9193cc611700524aae0b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f636c65616e69717565636f646572732f746f6b656e2d7661756c742f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265)](https://github.com/cleaniquecoders/token-vault/actions?query=workflow%3A%22Fix+PHP+code+style+issues%22+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/21a9a184c063fedcfb85e96d12f00ba152dddd0617f7e59f62aa98f41e03d4e3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f636c65616e69717565636f646572732f746f6b656e2d7661756c742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/cleaniquecoders/token-vault) A secure and extensible token manager for Laravel, designed to store, encrypt, and decrypt tokens or API keys. This is useful when you are building an application that require to store sensitive information. Installation ------------ [](#installation) You can install the package via composer: ``` composer require cleaniquecoders/token-vault ``` You can publish and run the migrations with: ``` php artisan vendor:publish --tag="token-vault-migrations" php artisan migrate ``` You can publish the config file with: ``` php artisan vendor:publish --tag="token-vault-config" ``` Here’s the updated **Usage** guide for your `TokenVault` package, incorporating the `Provider` enum and clarifying token types: βœ… Usage ------- [](#-usage) ### 🧩 Setup Model [](#-setup-model) To allow a model (e.g. `User`) to have tokens: ``` use CleaniqueCoders\TokenVault\Concerns\InteractsWithTokenVault; class User extends Authenticatable { use InteractsWithTokenVault; } ``` ### 🏷️ Available Providers [](#️-available-providers) The package includes predefined providers for common services: ``` use CleaniqueCoders\TokenVault\Enums\Provider; // Available providers: Provider::GitHub // GitHub tokens Provider::GitLab // GitLab tokens Provider::Bitbucket // Bitbucket tokens Provider::Stripe // Stripe API keys Provider::Slack // Slack tokens Provider::Mailgun // Mailgun API keys Provider::AWS // AWS credentials Provider::Sentry // Sentry tokens Provider::Vercel // Vercel tokens Provider::Kong // Kong Gateway tokens ``` ### οΏ½ Available Token Types [](#-available-token-types) The package supports various token types for different authentication methods: ``` use CleaniqueCoders\TokenVault\Enums\Type; // Available token types: Type::AccessToken // General access tokens Type::ApiKey // API keys for services Type::BearerToken // Bearer tokens for authorization headers Type::RefreshToken // Tokens for refreshing access tokens Type::PersonalAccessToken // User-generated personal tokens Type::ServiceAccountKey // Service-to-service authentication keys Type::WebhookSecret // Webhook verification secrets Type::EncryptionKey // Data encryption keys Type::CertificateKey // Private keys for certificates Type::DatabasePassword // Database connection passwords Type::BasicAuth // Basic authentication credentials Type::OAuthToken // OAuth authorization tokens ``` ### οΏ½πŸ” Storing a Token [](#-storing-a-token) ``` use CleaniqueCoders\TokenVault\Enums\Provider; use CleaniqueCoders\TokenVault\Enums\Type; $user = User::find(1); // Store a GitHub Personal Access Token $user->tokens()->create([ 'provider' => Provider::GitHub, 'type' => Type::PersonalAccessToken, 'token' => 'ghp_xxxxxxxxxxxxxxxxxxxx', 'meta' => [ 'name' => 'Deployment Token', 'scopes' => ['repo', 'workflow'], 'note' => 'Used for CI/CD deployments' ], 'expires_at' => now()->addYear(), ]); // Store a Stripe API Key $user->tokens()->create([ 'provider' => Provider::Stripe, 'type' => Type::ApiKey, 'token' => 'sk_live_xxxxxxxxxxxxxxxxxxxx', 'meta' => [ 'environment' => 'live', 'permissions' => ['payments', 'customers'] ], ]); // Store an AWS Service Account Key $user->tokens()->create([ 'provider' => Provider::AWS, 'type' => Type::ServiceAccountKey, 'token' => json_encode([ 'access_key_id' => 'AKIAIOSFODNN7EXAMPLE', 'secret_access_key' => 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY' ]), 'meta' => [ 'region' => 'us-east-1', 'service' => 'S3' ], ]); ``` ### πŸ”“ Retrieving and Decrypting Tokens [](#-retrieving-and-decrypting-tokens) ``` $token = $user->tokens()->first(); // Get the decrypted token value $plainToken = $token->getDecryptedToken(); ``` > ⚠️ **Security Warning**: Only decrypt tokens when absolutely necessary and never log or expose raw tokens. ### πŸ‘οΈ Token Masking (Safe Display) [](#️-token-masking-safe-display) ``` $token->getMaskedToken(); // Returns: "ghp_****abcd" ``` Perfect for logs, audit trails, or UI displays where you need to show token identification without exposing the actual value. ### πŸ“‚ Retrieve Tokens by Provider and Type [](#-retrieve-tokens-by-provider-and-type) ``` use CleaniqueCoders\TokenVault\Enums\Provider; use CleaniqueCoders\TokenVault\Enums\Type; // Get all GitHub tokens for a user $githubTokens = $user->tokens() ->where('provider', Provider::GitHub) ->get(); // Get a specific Stripe API key $stripeApiKey = $user->tokens() ->where('provider', Provider::Stripe) ->where('type', Type::ApiKey) ->latest() ->first(); // Get all Personal Access Tokens $personalTokens = $user->tokens() ->where('type', Type::PersonalAccessToken) ->get(); ``` ### ⏰ Token Expiration Management [](#-token-expiration-management) ``` // Check if a token has expired if ($token->isExpired()) { // Handle expired token $token->delete(); } // Clean up all expired tokens for a user $user->tokens() ->where('expires_at', '', now()) ->where('expires_at', 'scopes', 'workflow') ->get(); // Get non-expired tokens for a specific provider $activeStripeTokens = $user->tokens() ->where('provider', Provider::Stripe) ->where(function ($query) { $query->whereNull('expires_at') ->orWhere('expires_at', '>', now()); }) ->get(); // Count tokens by type $tokenCounts = $user->tokens() ->selectRaw('type, count(*) as count') ->groupBy('type') ->pluck('count', 'type'); ``` Encryption Drivers (Optional) ----------------------------- [](#encryption-drivers-optional) To use a custom encryption method: ``` 'token-vault.encryptor' => \App\Drivers\OpenSslEncryptor::class, ``` And the class need to implements the `\CleaniqueCoders\TokenVault\Contracts\Encryptor` interface. Testing ------- [](#testing) ``` composer test ``` Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Contributing ------------ [](#contributing) Please see [CONTRIBUTING](CONTRIBUTING.md) for details. Security Vulnerabilities ------------------------ [](#security-vulnerabilities) Please review [our security policy](../../security/policy) on how to report security vulnerabilities. Credits ------- [](#credits) - [Nasrul Hazim Bin Mohamad](https://github.com/nasrulhazim) - [All Contributors](../../contributors) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 44 β€” FairBetter than 91% of packages Maintenance83 Actively maintained with recent releases Popularity17 Limited adoption so far Community8 Small or concentrated contributor base Maturity57 Maturing project, gaining track record Bus Factor1 Top contributor holds 95.5% of commits β€” single point of failure How is this calculated?**Maintenance (25%)** β€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** β€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** β€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** β€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~84 days Total 4 Last Release 87d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b57069d0f4b634f65eccc6e5d5848990e25968d45ec2cf46d626c6a4658f944b?d=identicon)[nasrulhazim.m](/maintainers/nasrulhazim.m) --- Top Contributors [![nasrulhazim](https://avatars.githubusercontent.com/u/10341422?v=4)](https://github.com/nasrulhazim "nasrulhazim (21 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (1 commits)") --- Tags laravelcleaniquecoderstoken-vault ### Code Quality TestsPest Static AnalysisPHPStan Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/cleaniquecoders-token-vault/health.svg) ``` [![Health](https://phpackages.com/badges/cleaniquecoders-token-vault/health.svg)](https://phpackages.com/packages/cleaniquecoders-token-vault) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k98.0M1.3k](/packages/spatie-laravel-permission)[spatie/laravel-pdf Create PDFs in Laravel apps 1.0k4.3M42](/packages/spatie-laravel-pdf)[spatie/laravel-passkeys Use passkeys in your Laravel app 470755.5k32](/packages/spatie-laravel-passkeys)[rawilk/profile-filament-plugin Profile & MFA starter kit for filament. 3913.7k](/packages/rawilk-profile-filament-plugin)[jeffgreco13/filament-breezy A custom package for Filament with login flow, profile and teams support. 1.0k1.9M53](/packages/jeffgreco13-filament-breezy)[dutchcodingcompany/filament-socialite Social login for Filament through Laravel Socialite 2191.1M10](/packages/dutchcodingcompany-filament-socialite) PHPackages Β© 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)