PHPackages incvisio/sso - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. incvisio/sso ActiveLibrary[Authentication & Authorization](/categories/authentication) incvisio/sso ============ Simple Single Sign-On for PHP v1.0(9y ago)120MITPHPPHP >=5.5.0 Since Jan 18Pushed 9y ago1 watchersCompare [ Source](https://github.com/admaykin/SSO)[ Packagist](https://packagist.org/packages/incvisio/sso)[ Docs](http://www.incvisio.com)[ RSS](/packages/incvisio-sso/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependencies (1)Versions (2)Used By (0) Single Sign-On for PHP (SSO) ---------------------------- [](#single-sign-on-for-php-sso) Incvisio\\SSO is a relatively simply and straightforward solution for an single sign on (SSO) implementation. With SSO, logging into a single website will authenticate you for all affiliate sites. #### How it works [](#how-it-works) When using SSO, when can distinguish 3 parties: - Client - This is the browser of the visitor - Service - The website which is visited - Server - The place that holds the user info and credentials The service has an id and a secret. These are know to both the service and server. When the client visits the service, it creates a random token, which is stored in a cookie. The service will then send the client to the server, passing along the service's id and token. The server creates a hash using the service id, service secret and the token. This hash is used to create a link to the users session. When the link is created the server redirects the client back to the service. The service can create the same link hash using the token (from the cookie), the service id and the service secret. When doing requests, it passes that has as session id. The server will notice that the session id is a link and use the linked session. As such, the service and client are using the same session. When another service joins in, it will also use the same session. Installation ------------ [](#installation) Install this library through composer ``` composer require incvisio/sso ``` Usage ----- [](#usage) #### Server [](#server) `Incvisio\SSO\Server` is an abstract class. You need to create a your own class which implements the abstract methods. These methods are called fetch data from a data souce (like a DB). ``` class SSOServer extends Incvisio\SSO\Server { /** * Authenticate using user credentials * * @param string $username * @param string $password * @return \Incvisio\Validation */ abstract protected function authenticate($username, $password) { ... } /** * Get the secret key and other info of a service * * @param string $serviceId * @return array */ abstract protected function getServiceInfo($serviceId) { ... } /** * Get the information about a user * * @param string $username * @return array|object */ abstract protected function getUserInfo($username) { ... } } ``` The SSOServer class can be used as controller in an MVC framework. For more information, checkout the `server` example. #### Service [](#service) When creating a Incvisio\\SSO\\Service instance, you need to pass the server url, service id and service secret. The service id and secret needs to be registered at the server (so fetched when using `getServiceInfo($serviceId)`). **Be careful**: *The service id SHOULD be alphanumeric. In any case it MUST NOT contain the "-" character.* Next you need to call `attach()`. This will generate a token an redirect the client to the server to attach the token to the client's session. If the client is already attached, the function will simply return. When the session is attached you can do actions as login/logout or get the user's info. ``` $service = new Incvisio\SSO\Service($serverUrl, $serviceId, $serviceSecret); $service->attach(); $user = $service->getUserInfo(); echo json_encode($user); ``` For more information, checkout the `service` example. ### Health Score 25 — LowBetter than 36% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community4 Small or concentrated contributor base Maturity58 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3449d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/2572814?v=4)[incvisio](/maintainers/incvisio)[@incvisio](https://github.com/incvisio) --- Tags phpauthSSO ### Embed Badge ![Health badge](/badges/incvisio-sso/health.svg) ``` [![Health](https://phpackages.com/badges/incvisio-sso/health.svg)](https://phpackages.com/packages/incvisio-sso) ``` ### Alternatives [maicol07/flarum-ext-sso SSO for Flarum 468.7k](/packages/maicol07-flarum-ext-sso)[kinde-oss/kinde-auth-php Kinde PHP SDK for authentication 2280.2k3](/packages/kinde-oss-kinde-auth-php) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)