PHPackages jinomdeveloper/jinom-token-management - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. jinomdeveloper/jinom-token-management ActiveLibrary[Authentication & Authorization](/categories/authentication) jinomdeveloper/jinom-token-management ===================================== Laravel SDK for Keycloak token management - store, refresh, and introspect OAuth tokens 079↓50%[2 PRs](https://github.com/jinomdeveloper/jinom-token-management/pulls)PHPCI passing Since Mar 4Pushed 1mo agoCompare [ Source](https://github.com/jinomdeveloper/jinom-token-management)[ Packagist](https://packagist.org/packages/jinomdeveloper/jinom-token-management)[ RSS](/packages/jinomdeveloper-jinom-token-management/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependenciesVersions (3)Used By (0) Keycloak SDK for Laravel ======================== [](#keycloak-sdk-for-laravel) Laravel package for Keycloak token management - store, refresh, introspect, and manage OAuth tokens. Supports both User tokens (Authorization Code Flow) and Client tokens (Client Credentials Flow). Installation ------------ [](#installation) ``` composer require jinom/keycloak-sdk ``` Publish the config file: ``` php artisan vendor:publish --tag="keycloak-config" ``` Configuration ------------- [](#configuration) Add these environment variables to your `.env`: ``` KEYCLOAK_BASE_URL=https://your-keycloak-server.com KEYCLOAK_REALM=your-realm KEYCLOAK_CLIENT_ID=your-client-id KEYCLOAK_CLIENT_SECRET=your-client-secret # Service Account (Client Credentials) - Optional # Falls back to KEYCLOAK_CLIENT_ID/SECRET if not set KEYCLOAK_SERVICE_ACCOUNT_ENABLED=true KEYCLOAK_SERVICE_CLIENT_ID=your-service-client-id KEYCLOAK_SERVICE_CLIENT_SECRET=your-service-client-secret # Token Cache - Optional KEYCLOAK_TOKEN_CACHE_PREFIX=keycloak_tokens KEYCLOAK_TOKEN_CACHE_TTL=2592000 KEYCLOAK_TOKEN_BUFFER_SECONDS=30 KEYCLOAK_CLIENT_TOKEN_TTL=300 ``` Usage ----- [](#usage) ### User Token (Authorization Code Flow) [](#user-token-authorization-code-flow) For operations on behalf of a user: ``` use Jinom\Keycloak\Facades\KeycloakSdk; // Store tokens after OAuth callback KeycloakSdk::storeTokens($userId, [ 'access_token' => $token, 'refresh_token' => $refreshToken, 'expires_in' => 300, ]); // Get a valid token (auto-refreshes if expired) $token = KeycloakSdk::getValidToken($userId); // Check if user has valid tokens if (KeycloakSdk::hasValidTokens($userId)) { // User is authenticated } // Get all token data $tokenData = KeycloakSdk::getTokenData($userId); // Introspect a token $introspection = KeycloakSdk::introspectToken($token); // Clear tokens (e.g., on logout) KeycloakSdk::clearTokens($userId); ``` ### Client Token (Client Credentials Flow) [](#client-token-client-credentials-flow) For service-to-service communication without user context: ``` use Jinom\Keycloak\Facades\KeycloakSdk; // Get client token for system operations $clientToken = KeycloakSdk::getClientToken(); // Use for API calls Http::withToken($clientToken)->get('https://api.example.com/users'); ``` ### Using Dependency Injection [](#using-dependency-injection) ``` use Jinom\Keycloak\Contracts\TokenManagerInterface; class MyController extends Controller { public function __construct( private TokenManagerInterface $tokenManager ) {} public function userAction(int $userId) { // User token $token = $this->tokenManager->getValidToken($userId); } public function systemAction() { // Client token $token = $this->tokenManager->getClientToken(); } } ``` When to Use Which Token? ------------------------ [](#when-to-use-which-token) OperationToken TypeReasonCheck user exists**Client Token**System checking, no user contextCreate/Register user**Client Token**System provisioningUpdate user by self**User Token**User changing own dataUpdate user by system**Client Token**System/admin syncDelete user**Client Token**Admin operationGet own profile**User Token**User accessing own dataList all users**Client Token**Admin/system operationAPI Reference ------------- [](#api-reference) MethodDescription`storeTokens($userId, $tokenData)`Store tokens from OAuth callback`getValidToken($userId)`Get valid user access token (auto-refresh)`getClientToken()`Get client token (Client Credentials flow)`refreshToken($userId, $refreshToken)`Manually refresh the access token`clearTokens($userId)`Clear all tokens for a user`hasValidTokens($userId)`Check if user has valid tokens`getTokenData($userId)`Get all stored token data`introspectToken($token)`Introspect token with Keycloak serverKeycloak Setup for Client Credentials ------------------------------------- [](#keycloak-setup-for-client-credentials) 1. Go to Keycloak Admin Console 2. Select your realm 3. Go to **Clients** → Select your client 4. Enable **Service Account Enabled** under **Settings** 5. Add required **Service Account Roles** under **Service Account Roles** tab License ------- [](#license) MIT ### Health Score 24 — LowBetter than 31% of packages Maintenance60 Regular maintenance activity Popularity13 Limited adoption so far Community6 Small or concentrated contributor base Maturity15 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/29f8343484c8567d8f24dcf1e4fb4978f2ac8442e90448c6405a32ba511ee246?d=identicon)[rupadana](/maintainers/rupadana) --- Top Contributors [![yudadh](https://avatars.githubusercontent.com/u/100004095?v=4)](https://github.com/yudadh "yudadh (2 commits)") ### Embed Badge ![Health badge](/badges/jinomdeveloper-jinom-token-management/health.svg) ``` [![Health](https://phpackages.com/badges/jinomdeveloper-jinom-token-management/health.svg)](https://phpackages.com/packages/jinomdeveloper-jinom-token-management) ``` ### Alternatives [kartik-v/yii2-password Useful password strength validation utilities for Yii Framework 2.0 761.2M17](/packages/kartik-v-yii2-password) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)