PHPackages                             daou/cakephp-auth0-jwt-auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. daou/cakephp-auth0-jwt-auth

ActiveCakephp-plugin[Authentication &amp; Authorization](/categories/authentication)

daou/cakephp-auth0-jwt-auth
===========================

A CakePHP 3 plugin for authenticating using Auth0's PHP SDK

1.0.9(6y ago)2183MITPHPPHP &gt;=5.6.0CI failing

Since Sep 15Pushed 6y ago2 watchersCompare

[ Source](https://github.com/Daou/cakephp-auth0-jwt-auth)[ Packagist](https://packagist.org/packages/daou/cakephp-auth0-jwt-auth)[ Docs](https://github.com/Daou/cakephp-auth0-jwt-auth)[ RSS](/packages/daou-cakephp-auth0-jwt-auth/feed)WikiDiscussions master Synced 5d ago

READMEChangelogDependencies (2)Versions (7)Used By (0)

cakephp-auth0-jwt-auth
======================

[](#cakephp-auth0-jwt-auth)

A CakePHP 3 plugin for authenticating using Auth0's PHP SDK

CakePHP JWT Authenticate plugin
===============================

[](#cakephp-jwt-authenticate-plugin)

Plugin containing AuthComponent's authenticate class for authenticating using the [Auth0 PHP SDK](https://github.com/auth0/auth0-PHP) and [JSON Web Tokens](http://jwt.io/).

Installation
------------

[](#installation)

```
composer require daou/cakephp-auth0-jwt-auth
```

Usage
-----

[](#usage)

In your app's `config/bootstrap.php` add:

```
// In config/bootstrap.php
Plugin::load('Daou/Auth0JwtAuth');
```

or using cake's console:

```
./bin/cake plugin load Daou/Auth0JwtAuth
```

Configuration:
--------------

[](#configuration)

Setup `AuthComponent`:

```
    // In your controller, for e.g. src/Api/AppController.php
    public function initialize()
    {
        parent::initialize();

        $this->loadComponent('Auth', [
            'storage' => 'Memory',
            'authenticate' => [
                'Daou/Auth0JwtAuth.Auth0' => [
                    'fields' => [
                        'username' => 'auth0id'
                    ]
                    'auth0ClientSecret' => '__CLIENT_SECRET__', // only for HS256
                    'auth0Audience' => '__API_AUDIENCE__',
                    'auth0Domain' => '__DOMAIN__'
                ]
            ],

            'unauthorizedRedirect' => false,
            'loginAction' => false
        ]);
    }
```

Working
-------

[](#working)

The authentication class checks for the token in the `HTTP_AUTHORIZATION` environment variable:

It checks if token is passed using `Authorization` request header. The value should be of form `Bearer `.

### Known Issue

[](#known-issue)

Some servers don't populate `$_SERVER['HTTP_AUTHORIZATION']` when `Authorization` header is set. So it's up to you to ensure that either `$_SERVER['HTTP_AUTHORIZATION']` or `$_ENV['HTTP_AUTHORIZATION']` is set.

For e.g. for apache you could use the following:

```
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

```

Notes
-----

[](#notes)

Please see Admad's CakePHP JWT Authenticate plugin if you are interested in JWT without Auth0 [here](https://github.com/ADmad/cakephp-jwt-auth).

License
-------

[](#license)

MIT. See [LICENSE](LICENSE).

###  Health Score

29

—

LowBetter than 59% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity13

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity61

Established project with proven stability

 Bus Factor1

Top contributor holds 86.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~61 days

Recently: every ~76 days

Total

6

Last Release

2494d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/1880056?v=4)[Andreas Daoutis](/maintainers/daou)[@Daou](https://github.com/Daou)

---

Top Contributors

[![daoutis](https://avatars.githubusercontent.com/u/27198161?v=4)](https://github.com/daoutis "daoutis (13 commits)")[![Daou](https://avatars.githubusercontent.com/u/1880056?v=4)](https://github.com/Daou "Daou (2 commits)")

---

Tags

jwtAuthenticationcakephpauth0

### Embed Badge

![Health badge](/badges/daou-cakephp-auth0-jwt-auth/health.svg)

```
[![Health](https://phpackages.com/badges/daou-cakephp-auth0-jwt-auth/health.svg)](https://phpackages.com/packages/daou-cakephp-auth0-jwt-auth)
```

###  Alternatives

[auth0/auth0-php

PHP SDK for Auth0 Authentication and Management APIs.

40820.2M68](/packages/auth0-auth0-php)[auth0/login

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

2745.0M3](/packages/auth0-login)[auth0/symfony

Symfony SDK for Auth0 Authentication and Management APIs.

128738.1k](/packages/auth0-symfony)[admad/cakephp-jwt-auth

CakePHP plugin for authenticating using JSON Web Tokens

160680.3k8](/packages/admad-cakephp-jwt-auth)[cakedc/users

Users Plugin for CakePHP

524897.0k16](/packages/cakedc-users)[auth0/wordpress

WordPress Plugin for Auth0

17419.5k](/packages/auth0-wordpress)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)