PHPackages juniyasyos/auth-bridge-client - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. juniyasyos/auth-bridge-client ActiveLibrary[Authentication & Authorization](/categories/authentication) juniyasyos/auth-bridge-client ============================= Laravel package for IAM SSO integration with JIT user provisioning v1.2.18(2w ago)0149MITPHPPHP ^8.1CI passing Since Apr 22Pushed 2d agoCompare [ Source](https://github.com/juniyasyos/auth-bridge-client)[ Packagist](https://packagist.org/packages/juniyasyos/auth-bridge-client)[ RSS](/packages/juniyasyos-auth-bridge-client/feed)WikiDiscussions master Synced 1w ago READMEChangelog (10)Dependencies (5)Versions (23)Used By (0) Auth Bridge Client ================== [](#auth-bridge-client) Laravel package for IAM Single Sign-On (SSO), JWT verification, and JIT user provisioning. Why use this package? --------------------- [](#why-use-this-package) This package is designed for client applications that need to: - authenticate users via IAM - provision users automatically during login - synchronize roles and application access - verify tokens on every request - support optional unit kerja sync Highlights ---------- [](#highlights) - ✅ Minimal setup for a Laravel client - ✅ IIS-compatible JWT verification - ✅ JIT user provisioning from the IAM token - ✅ Optional role sync with Spatie Permission - ✅ Built-in IAM sync endpoints for user/role data - ✅ Optional Livewire app switcher for current IAM applications Requirements ------------ [](#requirements) - PHP `^8.1` - Laravel `^10.0 | ^11.0 | ^12.0` - `firebase/php-jwt` - `spatie/laravel-permission` (optional) Quick setup ----------- [](#quick-setup) ### 1. Install the package [](#1-install-the-package) ``` composer require juniyasyos/auth-bridge-client ``` ### 2. Publish config [](#2-publish-config) ``` php artisan vendor:publish --tag=iam-config ``` ### 3. Run migrations [](#3-run-migrations) ``` php artisan migrate ``` ### 4. Set environment variables [](#4-set-environment-variables) ``` IAM_ENABLED=true IAM_APP_KEY=your-app-key IAM_JWT_SECRET=your-jwt-secret IAM_BASE_URL=https://iam.example.com IAM_VERIFY_ENDPOINT=https://iam.example.com/api/verify IAM_PRESERVE_SESSION_ID=true IAM_SYNC_ROLES=true ``` ### 5. Configure your User model [](#5-configure-your-user-model) ``` use Illuminate\Foundation\Auth\User as Authenticatable; use Spatie\Permission\Traits\HasRoles; class User extends Authenticatable { use HasRoles; protected $fillable = [ 'iam_id', 'name', 'email', 'status', ]; } ``` > Use `status` instead of `active`. The package expects `status` values like `active`, `inactive`, or `suspended`. ### 6. Configure routes [](#6-configure-routes) The package already registers the main IAM routes automatically when enabled. If you need protected pages, use middleware: ``` Route::middleware(['iam.auth:web'])->group(function () { Route::get('/dashboard', DashboardController::class); }); ``` ### 7. Add a login link [](#7-add-a-login-link) Use the built-in login route: ``` Login via IAM ``` Configuration overview ---------------------- [](#configuration-overview) Open `config/iam.php` and adjust the following sections. ### SSO settings [](#sso-settings) - `iam.app_key` — IAM application key - `iam.jwt_secret` — shared JWT secret for validating tokens - `iam.base_url` — base URL of the IAM server - `iam.login_route` / `iam.callback_route` — local login/callback URLs - `iam.default_redirect_after_login` — where to send users after login - `iam.guard` — auth guard used by default ### User sync settings [](#user-sync-settings) - `iam.user_fields` — map database columns to JWT claims - `iam.identifier_field` — primary field used to identify users - `iam.sync_users` — exposes `/api/iam/sync-users` for IAM data requests - `iam.sync_roles` — enable role sync during provisioning ### Token verification [](#token-verification) - `iam.verify_each_request` — validate token on every request - `iam.attach_verify_middleware` — automatically add `iam.verify` into the `web` middleware group ### Unit Kerja sync (optional) [](#unit-kerja-sync-optional) - `iam.unit_kerja_field` — JWT claim name for unit/org data - `iam.require_unit_kerja` — reject login if unit/org is missing - `iam.sync_unit_kerja` — sync `unitKerjas()` relation on the user model - `iam.unit_kerja_model` — model for unit/org records Routes registered by the package -------------------------------- [](#routes-registered-by-the-package) The package exposes these routes when enabled: Route API IAM didefinisikan di `routes/iam-api.php`, sedangkan route web SSO didefinisikan di `routes/iam-client.php`. - `iam.sso.login` — redirect user to IAM login - `iam.sso.callback` — handle callback and provisioning - `iam.logout` — logout and clear IAM session - `iam.sync-users` — endpoint permintaan data user dari client (read-only) - `iam.sync-roles` — endpoint permintaan data role dari client (read-only) - `iam.client-roles` — alias endpoint permintaan data role dari client (read-only) - `iam.push-roles` — endpoint sinkronisasi role oleh IAM ke client app - `iam.push-users` — endpoint sinkronisasi user oleh IAM ke client app - `iam.health` — health check endpoint Middleware aliases ------------------ [](#middleware-aliases) - `iam.auth` — ensures the user is authenticated - `iam.verify` — verifies token on each request - `iam.backchannel.verify` — verifies IAM back-channel payload signatures Usage steps for client apps --------------------------- [](#usage-steps-for-client-apps) 1. Install the package and publish config. 2. Run migrations. 3. Set `IAM_ENABLED=true`, `IAM_APP_KEY`, `IAM_JWT_SECRET`, and `IAM_BASE_URL`. 4. Confirm your `User` model has `iam_id`, `email`, `name`, and `status`. 5. Protect routes with `iam.auth:web`. 6. Add a login link using `route('iam.sso.login')`. 7. If needed, publish views for customization: ``` php artisan vendor:publish --tag=iam-views ``` Example token payload --------------------- [](#example-token-payload) IAM should send a JWT payload like: ``` { "type": "access", "app_key": "your-app-key", "sub": 123, "name": "John Doe", "email": "john@example.com", "nip": "123456", "roles": [{"slug": "admin"}], "unit_kerja": ["Finance", "IT"], "exp": 1234567890 } ``` Custom field mapping -------------------- [](#custom-field-mapping) Update `config/iam.php`: ``` 'user_fields' => [ 'iam_id' => 'sub', 'name' => 'name', 'email' => 'email', 'nip' => 'nip', 'nik' => 'nik', ], 'identifier_field' => 'iam_id', ``` Events ------ [](#events) A successful login dispatches the `IamAuthenticated` event. Use it for auditing or custom actions. ``` use Juniyasyos\IamClient\Events\IamAuthenticated; Event::listen(IamAuthenticated::class, function ($event) { // $event->user // $event->payload // $event->guard }); ``` License ------- [](#license) This project is proprietary software. Copyright © 2026 Ahmad Ilyas. All Rights Reserved. No permission is granted to use, modify, distribute, or sublicense this software without explicit written approval. ### Health Score 46 — FairBetter than 92% of packages Maintenance99 Actively maintained with recent releases Popularity15 Limited adoption so far Community6 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 22 Last Release 16d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/13dafb0bb45c4dbf74b7d4a75e9e1d2c335fcaa1fb4e32f135ac4fb4fee5f1aa?d=identicon)[Ahmad Ilyas](/maintainers/Ahmad%20Ilyas) --- Top Contributors [![juniyasyos](https://avatars.githubusercontent.com/u/111669845?v=4)](https://github.com/juniyasyos "juniyasyos (79 commits)") --- Tags jwtlaravelAuthenticationSSOiam ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/juniyasyos-auth-bridge-client/health.svg) ``` [![Health](https://phpackages.com/badges/juniyasyos-auth-bridge-client/health.svg)](https://phpackages.com/packages/juniyasyos-auth-bridge-client) ``` ### Alternatives [php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 83910.6M60](/packages/php-open-source-saver-jwt-auth)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2795.2M3](/packages/auth0-login) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)