PHPackages leandrose/laravel-keycloak-guard - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. leandrose/laravel-keycloak-guard ActiveLibrary[Authentication & Authorization](/categories/authentication) leandrose/laravel-keycloak-guard ================================ A Laravel authentication guard for Keycloak OAuth2 resource servers with token introspection and optional caching support. v1.0.0(2mo ago)00MITPHPPHP ^8.2 Since Mar 9Pushed 2mo agoCompare [ Source](https://github.com/leandrose/laravel-keycloak-guard)[ Packagist](https://packagist.org/packages/leandrose/laravel-keycloak-guard)[ Docs](https://github.com/leandrose/laravel-keycloak-guard)[ RSS](/packages/leandrose-laravel-keycloak-guard/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (9)Versions (2)Used By (0) Laravel Keycloak Guard ====================== [](#laravel-keycloak-guard) A lightweight **Laravel authentication guard** for applications acting as **OAuth2 / OpenID Connect resource servers using Keycloak**. This package validates **Bearer tokens issued by Keycloak** by first verifying the JWT signature locally with the realm public key and then confirming the token through the **token introspection endpoint**. It also provides **optional caching of introspection responses** to reduce load on the Keycloak server and improve API performance. --- Features -------- [](#features) - Stateless **Bearer Token authentication** - **Keycloak OAuth2 / OpenID Connect** integration - Token validation via **local JWT verification** plus **introspection endpoint** - Optional **introspection caching** - Cache TTL automatically respecting token expiration (`exp`) - Custom Laravel **Guard** - Works with **Laravel 10, 11 and 12** --- Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 10 / 11 / 12 - Keycloak server with OAuth2 / OpenID Connect enabled - Keycloak realm public key available to the application Version Compatibility --------------------- [](#version-compatibility) Package VersionLaravel 10Laravel 11Laravel 12`v1.0`✅✅✅--- Installation ------------ [](#installation) Install the package via Composer: ``` composer require leandrose/laravel-keycloak-guard ``` Publish the configuration file: ``` php artisan vendor:publish --provider="LeandroSe\\KeycloakGuard\\KeycloakAuthServiceProvider" ``` Add this to the `guards` array in `config/auth.php`: ``` 'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'keycloak' => [ 'driver' => 'keycloak', 'provider' => 'users', ], ], ``` Configure the Keycloak connection in your environment: ``` KEYCLOAK_BASE_URL=https://keycloak.example.com KEYCLOAK_REALM=your-realm KEYCLOAK_CLIENT_ID=your-client-id KEYCLOAK_CLIENT_SECRET=your-client-secret KEYCLOAK_REALM_PUBLIC_KEY="..." ``` `KEYCLOAK_REALM_PUBLIC_KEY` can be provided either as a full PEM or as the raw base64 body of the public key. ### Health Score 36 — LowBetter than 82% of packages Maintenance87 Actively maintained with recent releases Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 65d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/cf9f36cc05f1058def9c5eb9396c7f2c75fe331f42377c8a608b32af33dee38f?d=identicon)[LeandroSe](/maintainers/LeandroSe) --- Top Contributors [![leandrose](https://avatars.githubusercontent.com/u/545876?v=4)](https://github.com/leandrose "leandrose (3 commits)") --- Tags laravelAuthenticationoauth2OpenID Connectkeycloakguardresource serverbearer token ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/leandrose-laravel-keycloak-guard/health.svg) ``` [![Health](https://phpackages.com/badges/leandrose-laravel-keycloak-guard/health.svg)](https://phpackages.com/packages/leandrose-laravel-keycloak-guard) ``` ### Alternatives [tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M350](/packages/tymon-jwt-auth)[php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 8359.8M53](/packages/php-open-source-saver-jwt-auth)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9682.1M97](/packages/roots-acorn)[laragear/two-factor On-premises 2FA Authentication for out-of-the-box. 339785.3k8](/packages/laragear-two-factor)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 245.2k](/packages/aedart-athenaeum)[alajusticia/laravel-logins Session management in Laravel apps, user notifications on new access, support for multiple separate remember tokens, IP geolocation, User-Agent parser 2011.0k](/packages/alajusticia-laravel-logins) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)