PHPackages jakub-onderka/openid-connect-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. jakub-onderka/openid-connect-php ActiveLibrary[Authentication & Authorization](/categories/authentication) jakub-onderka/openid-connect-php ================================ Bare-bones OpenID Connect client v1.4.0(2mo ago)1151.4k↓16.3%4[4 issues](https://github.com/JakubOnderka/OpenID-Connect-PHP/issues)Apache-2.0PHPPHP >=7.2CI passing Since Mar 4Pushed 2mo agoCompare [ Source](https://github.com/JakubOnderka/OpenID-Connect-PHP)[ Packagist](https://packagist.org/packages/jakub-onderka/openid-connect-php)[ RSS](/packages/jakub-onderka-openid-connect-php/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (8)Dependencies (6)Versions (27)Used By (0) PHP OpenID Connect Basic Client =============================== [](#php-openid-connect-basic-client) [![Latest Stable Version](https://camo.githubusercontent.com/e1c5412a914c03ff570c7dda7c9475676b1792c85d973c287c6b0f5dfd54fc76/687474703a2f2f706f7365722e707567782e6f72672f6a616b75622d6f6e6465726b612f6f70656e69642d636f6e6e6563742d7068702f76)](https://packagist.org/packages/jakub-onderka/openid-connect-php) [![Latest Unstable Version](https://camo.githubusercontent.com/72f3084e9d4b20d1da1e70607a2dbc84aa24d0db3703e3745259dc93d03be256/687474703a2f2f706f7365722e707567782e6f72672f6a616b75622d6f6e6465726b612f6f70656e69642d636f6e6e6563742d7068702f762f756e737461626c65)](https://packagist.org/packages/jakub-onderka/openid-connect-php) [![PHP Version Require](https://camo.githubusercontent.com/a149e4da9b975404b512fc2dbc00f7cdbf1fe7fd1dcbd19841caa945640f35b2/687474703a2f2f706f7365722e707567782e6f72672f6a616b75622d6f6e6465726b612f6f70656e69642d636f6e6e6563742d7068702f726571756972652f706870)](https://packagist.org/packages/jakub-onderka/openid-connect-php) A simple library that allows an application to authenticate a user through the basic OpenID Connect flow. This library hopes to encourage OpenID Connect use by making it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication. **This is a fork of [jumbojett/OpenID-Connect-PHP](https://github.com/jumbojett/OpenID-Connect-PHP)** Jumbojett`s library is great, but lacks of some features, proper testing, and it is not ready for new PHP versions. So I created this fork. This fork requires PHP 7.1 or greater, if you need to use older PHP version, please use original version. **Most important changes:** - Added support for elliptic curve (EC) JWT token signature algorithms, that are faster than RSA signatures - Added support for `client_secret_jwt` and `private_key_jwt` authentication methods to token endpoint, that are more secure that traditional method - JWT ID Token Validation compliant to OpenID Connect standard - Much higher code coverage by unit tests - A lot of small optimisations and fixes A special thanks goes to Michael Jett, original author of this library and Justin Richer and Amanda Anganes for their help and support of the protocol. Requirements ------------ [](#requirements) 1. PHP 7.2 or greater 2. CURL extension 3. JSON extension (or [simdjson\_php](https://github.com/JakubOnderka/simdjson_php) for better performance) 4. APCu for caching (optional) Install ------- [](#install) 1. Install library using composer ``` composer require jakub-onderka/openid-connect-php ``` 2. Include composer autoloader ``` require __DIR__ . '/vendor/autoload.php'; ``` Example 1: Basic Client ----------------------- [](#example-1-basic-client) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $oidc->authenticate(); $name = $oidc->requestUserInfo('given_name'); ``` [See openid spec for available user attributes](http://openid.net/specs/openid-connect-basic-1_0-15.html#id_res) Example 2: Dynamic Registration ------------------------------- [](#example-2-dynamic-registration) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient("https://id.provider.com"); $response = $oidc->register("Client Name"); $clientID = $response->client_id; $clientSecret = $response->client_secret; // Be sure to add logic to store the client id and client secret ``` Example 3: Network and Security ------------------------------- [](#example-3-network-and-security) ``` // Configure a proxy $oidc->setHttpProxy("http://my.proxy.com:80/"); // Configure a cert $oidc->setCertPath("/path/to/my.cert"); ``` Example 4: Request Client Credentials Token ------------------------------------------- [](#example-4-request-client-credentials-token) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $oidc->providerConfigParam(['token_endpoint' => 'https://id.provider.com/connect/token']); $oidc->addScope('my_scope'); // This assumes success (to validate check if the access_token property is there and a valid JWT): $clientCredentialsToken = $oidc->requestClientCredentialsToken()->access_token; ``` Example 5: Request Resource Owners Token (with client auth) ----------------------------------------------------------- [](#example-5-request-resource-owners-token-with-client-auth) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere','ClientSecretHere'); $oidc->providerConfigParam(['token_endpoint' => 'https://id.provider.com/connect/token']); $oidc->addScope('my_scope'); // Add username and password $oidc->addAuthParam([ 'username' => '', 'password' => '', ]); // Perform the auth and return the token (to validate check if the access_token property is there and a valid JWT): $token = $oidc->requestResourceOwnerToken(true)->access_token; ``` Example 6: Basic client for implicit flow e.g. with Azure AD B2C ---------------------------------------------------------------- [](#example-6-basic-client-for-implicit-flow-eg-with-azure-ad-b2c) See [https://openid.net/specs/openid-connect-core-1\_0.html#ImplicitFlowAuth](https://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $oidc->setResponseTypes(['id_token']); $oidc->addScope(['openid']); $oidc->setAllowImplicitFlow(true); $oidc->addAuthParam(['response_mode' => 'form_post']); $oidc->setCertPath('/path/to/my.cert'); $oidc->authenticate(); $sub = $oidc->getVerifiedClaims('sub'); ``` Example 7: Introspection of access token ---------------------------------------- [](#example-7-introspection-of-access-token) See ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere', 'ClientSecretHere'); $data = $oidc->introspectToken('an.access-token.as.given'); if (!$data->active) { // the token is no longer usable } ``` Example 8: PKCE Client ---------------------- [](#example-8-pkce-client) ``` use JakubOnderka\OpenIDConnectClient; $oidc = new OpenIDConnectClient('https://id.provider.com', 'ClientIDHere'); $oidc->setCodeChallengeMethod('S256'); $oidc->authenticate(); $name = $oidc->requestUserInfo('given_name'); ``` Development Environments ------------------------ [](#development-environments) In some cases you may need to disable SSL security on your development systems. Note: This is not recommended on production systems. ``` $oidc->setVerifyHost(false); $oidc->setVerifyPeer(false); ``` Also, your local system might not support HTTPS, so you might disable upgrading to it: ``` $oidc->httpUpgradeInsecureRequests(false); ``` ### Todo [](#todo) - Dynamic registration does not support registration auth tokens and endpoints Contributing ------------ [](#contributing) - All pull requests, once merged, should be added to the CHANGELOG.md file. ### Health Score 54 — FairBetter than 97% of packages Maintenance78 Regular maintenance activity Popularity38 Limited adoption so far Community21 Small or concentrated contributor base Maturity68 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~165 days Recently: every ~368 days Total 23 Last Release 76d ago Major Versions v0.9.5 → v1.0.0-alpha2022-02-03 PHP version history (5 changes)0.1.0PHP >=5.2 0.3.0PHP >=5.4 v1.0.0-alphaPHP >=7.0 v1.2.0PHP >=7.1 v1.3.0PHP >=7.2 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/163343?v=4)[Jakub Onderka](/maintainers/JakubOnderka)[@JakubOnderka](https://github.com/JakubOnderka) --- Top Contributors [![JakubOnderka](https://avatars.githubusercontent.com/u/163343?v=4)](https://github.com/JakubOnderka "JakubOnderka (210 commits)")[![jumbojett](https://avatars.githubusercontent.com/u/410057?v=4)](https://github.com/jumbojett "jumbojett (176 commits)")[![azmeuk](https://avatars.githubusercontent.com/u/60163?v=4)](https://github.com/azmeuk "azmeuk (31 commits)")[![DeepDiver1975](https://avatars.githubusercontent.com/u/1005065?v=4)](https://github.com/DeepDiver1975 "DeepDiver1975 (16 commits)")[![radenui](https://avatars.githubusercontent.com/u/9445250?v=4)](https://github.com/radenui "radenui (9 commits)")[![rasodu](https://avatars.githubusercontent.com/u/13222196?v=4)](https://github.com/rasodu "rasodu (9 commits)")[![JuliusPC](https://avatars.githubusercontent.com/u/15018932?v=4)](https://github.com/JuliusPC "JuliusPC (8 commits)")[![kenguest](https://avatars.githubusercontent.com/u/234118?v=4)](https://github.com/kenguest "kenguest (7 commits)")[![morcs](https://avatars.githubusercontent.com/u/555420?v=4)](https://github.com/morcs "morcs (6 commits)")[![mcouillard](https://avatars.githubusercontent.com/u/18841?v=4)](https://github.com/mcouillard "mcouillard (5 commits)")[![guss77](https://avatars.githubusercontent.com/u/381782?v=4)](https://github.com/guss77 "guss77 (5 commits)")[![jdreed](https://avatars.githubusercontent.com/u/4193101?v=4)](https://github.com/jdreed "jdreed (5 commits)")[![baru](https://avatars.githubusercontent.com/u/688602?v=4)](https://github.com/baru "baru (5 commits)")[![corentingi](https://avatars.githubusercontent.com/u/3458976?v=4)](https://github.com/corentingi "corentingi (4 commits)")[![freddieleeman](https://avatars.githubusercontent.com/u/6225998?v=4)](https://github.com/freddieleeman "freddieleeman (4 commits)")[![nikosev](https://avatars.githubusercontent.com/u/29930145?v=4)](https://github.com/nikosev "nikosev (4 commits)")[![stijnster](https://avatars.githubusercontent.com/u/27271?v=4)](https://github.com/stijnster "stijnster (3 commits)")[![bobvandevijver](https://avatars.githubusercontent.com/u/1835343?v=4)](https://github.com/bobvandevijver "bobvandevijver (3 commits)")[![capile](https://avatars.githubusercontent.com/u/3648974?v=4)](https://github.com/capile "capile (3 commits)")[![GlitchedAxiom](https://avatars.githubusercontent.com/u/8281157?v=4)](https://github.com/GlitchedAxiom "GlitchedAxiom (3 commits)") --- Tags oidcopenid-connectjwtoauth2OpenIdoidc ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/jakub-onderka-openid-connect-php/health.svg) ``` [![Health](https://phpackages.com/badges/jakub-onderka-openid-connect-php/health.svg)](https://phpackages.com/packages/jakub-onderka-openid-connect-php) ``` ### Alternatives [auth0/auth0-php PHP SDK for Auth0 Authentication and Management APIs. 40820.2M68](/packages/auth0-auth0-php)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[ronvanderheijden/openid-connect OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport. 61755.5k](/packages/ronvanderheijden-openid-connect)[facile-it/php-openid-client OpenID (OIDC) Client 42592.7k7](/packages/facile-it-php-openid-client)[jeremy379/laravel-openid-connect OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport. 55342.3k2](/packages/jeremy379-laravel-openid-connect)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)