PHPackages                             jonston/symfony-sanctum-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. jonston/symfony-sanctum-bundle

ActiveSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

jonston/symfony-sanctum-bundle
==============================

A Symfony bundle that provides Laravel Sanctum-like personal access token authentication

v0.1.0-alpha(10mo ago)136MITPHPPHP &gt;=8.1

Since Sep 1Pushed 9mo agoCompare

[ Source](https://github.com/Jonston/symfony-sunctum-bundle)[ Packagist](https://packagist.org/packages/jonston/symfony-sanctum-bundle)[ RSS](/packages/jonston-symfony-sanctum-bundle/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (6)Versions (3)Used By (0)

Symfony Sanctum Bundle
======================

[](#symfony-sanctum-bundle)

[![Latest Version](https://camo.githubusercontent.com/9686cfc79d05440d3bb4a8b92f793235f97f7b3c45aba288dec2257d71a8d687/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6a6f6e73746f6e2f73796d666f6e792d73616e6374756d2d62756e646c652e737667)](https://packagist.org/packages/jonston/symfony-sanctum-bundle)[![License](https://camo.githubusercontent.com/461d386fe69a08c679718fd7182820733eff12767a85dc653f33aa49f001d5b2/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f6a6f6e73746f6e2f73796d666f6e792d73616e6374756d2d62756e646c652e737667)](https://packagist.org/packages/jonston/symfony-sanctum-bundle)

A bundle for generating and managing access tokens (AccessToken) in Symfony. Inspired by Laravel Sanctum, it provides a flexible architecture for linking tokens to any owner entities without modifying their source code.

Table of contents
-----------------

[](#table-of-contents)

- [Features](#features)
- [Installation](#installation)
- [Configuration](#configuration)
- [Security configuration](#security-configuration)
- [User Entity Setup](#user-entity-setup)
- [Usage](#usage)
    - [Creating tokens](#creating-tokens)
    - [Usage in controllers](#usage-in-controllers)
    - [Revoking tokens](#revoking-tokens)
- [Commands](#commands)
- [Multiple token owners](#multiple-token-owners)
- [What the package publishes and why](#what-the-package-publishes-and-why)
- [Requirements](#requirements)
- [License](#license)

Features
--------

[](#features)

- 🔧 **Flexible architecture** – dynamic relationship configuration via Doctrine
- 🔒 **Security** – tokens are hashed before being stored in the database
- ⏰ **Lifetime management** – support for tokens with limited validity
- 🎯 **Easy integration** – minimal changes to existing code
- 🧹 **Automatic cleanup** – command for removing expired tokens
- 🔐 **Authentication** – ready-to-use authenticator for Symfony Security

Installation
------------

[](#installation)

```
composer require jonston/symfony-sanctum-bundle
```

Configuration
-------------

[](#configuration)

⚠️ Note: by default the bundle uses the App\\Entity\\User class as the owner of access tokens for the AccessToken `owner` mapping. If you want to override this and use your own entity, create a configuration file (config/packages/sanctum.yaml) and set the `owner_class` parameter to your entity class. When `owner_class` is provided the bundle will prepend a `resolve_target_entities` entry mapping `Jonston\SanctumBundle\Contract\HasAccessTokensInterface` to your class so Doctrine can correctly map the interface to your entity.

Create the file `config/packages/sanctum.yaml` (the recipe publishes a sample):

```
sanctum:
    # Owner entity class
    owner_class: App\Entity\User

    # Token length (default: 40)
    token_length: 40

    # Default expiration in hours (null = unlimited)
    default_expiration_hours: 24
```

### Security configuration

[](#security-configuration)

Below is an example `security.yaml` configuration for an API route group using the bundle's custom TokenAuthenticator. It enables the new authenticator manager, registers a firewall that matches routes starting with `/api`, marks the firewall as stateless and uses the custom authenticator. You can allow anonymous access to specific endpoints (e.g. login) by adding an access control rule before the protected rule.

```
security:
    enable_authenticator_manager: true

    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email

    firewalls:
        api:
            pattern: ^/api
            stateless: true
            custom_authenticators:
                - Jonston\SanctumBundle\Security\TokenAuthenticator
            provider: app_user_provider

    access_control:
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
```

User Entity Setup
-----------------

[](#user-entity-setup)

To use the bundle, your owner entity must:

- Implement the `HasAccessTokensInterface` interface
- Implement Symfony's `UserInterface` interface (since the authenticator returns the entity directly)
- Use the `HasAccessTokensTrait` for token management (optional helper)
- Add the `accessTokens` property with a OneToMany annotation (if you want a bidirectional relation)

### Example Implementation

[](#example-implementation)

```
