PHPackages envkey/envkey-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. envkey/envkey-php ActiveLibrary[Security](/categories/security) envkey/envkey-php ================= Keeps environment variables automatically in sync. Protects secrets with end-to-end encryption. 2.4.4(2y ago)3971[1 issues](https://github.com/envkey/envkey-php/issues)MITPHP Since May 17Pushed 2y ago1 watchersCompare [ Source](https://github.com/envkey/envkey-php)[ Packagist](https://packagist.org/packages/envkey/envkey-php)[ RSS](/packages/envkey-envkey-php/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (1)Versions (6)Used By (0) envkey-php ========== [](#envkey-php) Integrate [EnvKey](https://www.envkey.com) with your PHP projects to keep API keys, credentials, and other configuration securely and automatically in sync for developers and servers. [![envkey-php integration example](envkey-php.gif)](envkey-php.gif) This repo is mirrored in two locations: - [A subdirectory of EnvKey's v2 monorepo](https://github.com/envkey/envkey/tree/main/public/sdks/languages-and-frameworks/php). - [envkey-php package repo](https://github.com/envkey/envkey-php) Installation ------------ [](#installation) ``` $ composer require envkey/envkey-php ``` Usage ----- [](#usage) If you haven't already, download and install EnvKey from our [website](https://envkey.com), then create a new org. Next, follow the ~1 minute [integration quickstart](https://docs-v2.envkey.com/docs/integration-quickstart) to init an app with a `.envkey` file (for connecting development) or generate a server `ENVKEY` (for connecting a server). At the entry point of your application, be sure you're including the composer autoloader. ``` require_once 'vendor/autoload.php'; // Include the Composer autoloader ``` Now all your EnvKey variables will be available with `getenv('VARIABLE_NAME')`. ``` $stripe = new \Stripe\StripeClient(getenv('STRIPE_SECRET_KEY')); ``` ### Errors [](#errors) The package will throw an error if an `ENVKEY` is missing or invalid. ### Overriding Vars [](#overriding-vars) This package will not overwrite existing environment variables or additional variables set in the `.env` file you loaded your `ENVKEY` from. This can be convenient for customizing environments that otherwise share the same configuration. You can also use [branches or local overrides](https://docs-v2.envkey.com/docs/branches-and-local-overrides) for this purpose. ### PHP Request Model / Latency [](#php-request-model--latency) Unlike other EnvKey language libraries that expect a long-running server process, this library is designed for PHP's short-lived per-request processes. Instead of loading config from an EnvKey host on every request, which would add 100-500ms of latency (depending on location and connection speed), this library caches your encrypted config in RAM in a background process and keeps it up to date. After the first load of EnvKey on a server, subsequent requests will load config from this cache, with effectively zero latency (less than 1 millisecond). ### Working Offline [](#working-offline) As mentioned in the previous section, this package caches your encrypted config in RAM. Your config will still be available (though possibly not up-to-date) if you lose your internet connection. When the connection is reestablished, the latest config will be loaded immediately. envkey-source ------------- [](#envkey-source) Using a language-specific library like this one is the easiest and fastest method of integrating with EnvKey. That said, the [envkey-source](https://docs-v2.envkey.com/docs/envkey-source) executable, which this library wraps, provides additional options and functionality when used directly from the command line. If you need additional flexibility and it works for your use case, consider using envkey-source directly. x509 error / ca-certificates ---------------------------- [](#x509-error--ca-certificates) On a stripped down OS like Alpine Linux, you may get an `x509: certificate signed by unknown authority` error when attempting to load your config. You can fix it by ensuring that the `ca-certificates` dependency is installed. On Alpine you'll want to run: ``` apk add --no-cache ca-certificates ``` Further Reading --------------- [](#further-reading) For more on EnvKey in general: Read the [docs](https://docs-v2.envkey.com). Read the [integration quickstart](https://docs-v2.envkey.com/docs/integration-quickstart.html). Read the [security and cryptography overview](https://docs-v2.envkey.com/docs/security). Need help? Have questions, feedback, or ideas? ---------------------------------------------- [](#need-help-have-questions-feedback-or-ideas) Post an [issue](https://github.com/envkey/envkey/issues), start a [discussion](https://github.com/envkey/envkey/dicussions), or email us: . ### Health Score 23 — LowBetter than 27% of packages Maintenance13 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community8 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~39 days Total 5 Last Release 940d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/cf622f24652f8d55ec5281fdf38b9f35023e401f5267d055f848216beebdf129?d=identicon)[envkey](/maintainers/envkey) --- Top Contributors [![danenania](https://avatars.githubusercontent.com/u/545350?v=4)](https://github.com/danenania "danenania (9 commits)") --- Tags configurationsecurityencryptionenvdotenvconfiguration managementsecretssecrets-managementenvironment variablesend to end encryption ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/envkey-envkey-php/health.svg) ``` [![Health](https://phpackages.com/badges/envkey-envkey-php/health.svg)](https://phpackages.com/packages/envkey-envkey-php) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[johnathanmiller/secure-env-php Encrypt environment files for production use. 6054.3k2](/packages/johnathanmiller-secure-env-php)[ass/xmlsecurity The XmlSecurity library is written in PHP for working with XML Encryption and Signatures 955.6M30](/packages/ass-xmlsecurity)[nzo/url-encryptor-bundle The NzoUrlEncryptorBundle is a Symfony Bundle used to Encrypt and Decrypt data and variables in the Web application or passed through URL 961.0M2](/packages/nzo-url-encryptor-bundle)[tilleuls/url-signer-bundle Create and validate signed URLs with a limited lifetime in Symfony 81340.1k](/packages/tilleuls-url-signer-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)