PHPackages mrblackus/oauth2-server - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. mrblackus/oauth2-server ActiveLibrary[Authentication & Authorization](/categories/authentication) mrblackus/oauth2-server ======================= A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 3.2.4(11y ago)017MITPHPPHP >=5.4.0 Since Aug 27Pushed 11y ago1 watchersCompare [ Source](https://github.com/mrblackus/oauth2-server)[ Packagist](https://packagist.org/packages/mrblackus/oauth2-server)[ RSS](/packages/mrblackus-oauth2-server/feed)WikiDiscussions master Synced 6d ago READMEChangelogDependencies (2)Versions (44)Used By (0) PHP OAuth 2.0 Server ==================== [](#php-oauth-20-server) [![Latest Stable Version](https://camo.githubusercontent.com/478ebfddd2af414497613f1ac498a794e09059bd7c4c3a0531527dc489340f53/68747470733a2f2f706f7365722e707567782e6f72672f6c65616775652f6f61757468322d7365727665722f762f737461626c652e706e67)](https://packagist.org/packages/league/oauth2-server) [![Coverage Status](https://camo.githubusercontent.com/7bfd883b9e0b1eef8bbcc607588bca60b3dd9f5476708c47db57926fbb5a0a3f/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f7468657068706c65616775652f6f61757468322d7365727665722f62616467652e706e673f6272616e63683d6d6173746572)](https://coveralls.io/r/thephpleague/oauth2-server?branch=master) [![Total Downloads](https://camo.githubusercontent.com/9ffded6481dc47a377f2e3858fd6864fd7c1799c11b517653f240bbb311013df/68747470733a2f2f706f7365722e707567782e6f72672f6c65616775652f6f61757468322d7365727665722f646f776e6c6f6164732e706e67)](https://packagist.org/packages/league/oauth2-server) [![Bitdeli Badge](https://camo.githubusercontent.com/f8a84519e82d3e96331ba8fd3092e8326581e5c36a075d344fc114acd657c9a1/68747470733a2f2f64327765637a68766c38323376302e636c6f756466726f6e742e6e65742f7468657068706c65616775652f6f61757468322d7365727665722f7472656e642e706e67)](https://bitdeli.com/free "Bitdeli Badge") A standards compliant [OAuth 2.0](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-v2/) authorization server and resource server written in PHP. Package Installation -------------------- [](#package-installation) The framework is provided as a Composer package which can be installed by adding the package to your `composer.json` file: ``` { "require": { "league/oauth2-server": "3.*" } } ``` ### Framework Integrations [](#framework-integrations) - [Laravel Service Provider](https://packagist.org/packages/lucadegasperi/oauth2-server-laravel) by @lucadegasperi - [Laravel Eloquent implementation](https://github.com/ScubaClick/scubaclick-oauth2) by @ScubaClick (under development) --- The library features 100% unit test code coverage. To run the tests yourself run `phpunit` from the project root. [![Build Status](https://camo.githubusercontent.com/83073a767147ede802cdc415aad62c9429fdc7d74d57692cb306957cb8c4f65c/68747470733a2f2f7472617669732d63692e6f72672f7468657068706c65616775652f6f61757468322d7365727665722e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/thephpleague/oauth2-server) \[master\] [![Build Status](https://camo.githubusercontent.com/1c1133bd744a4f8861c6a9e56493fc1ee6fd0cb66c8a4dd9c6b6a6a605a5c72d/68747470733a2f2f7472617669732d63692e6f72672f7468657068706c65616775652f6f61757468322d7365727665722e706e673f6272616e63683d646576656c6f70)](https://travis-ci.org/thephpleague/oauth2-server) \[develop\] Current Features ---------------- [](#current-features) ### Authorization Server [](#authorization-server) The authorization server is a flexible class and the following core specification grants are implemented: - authorization code ([section 4.1](http://tools.ietf.org/html/rfc6749#section-4.1)) - refresh token ([section 6](http://tools.ietf.org/html/rfc6749#section-6)) - client credentials ([section 2.3.1](http://tools.ietf.org/html/rfc6749#section-2.3.1)) - password (user credentials) ([section 4.3](http://tools.ietf.org/html/rfc6749#section-4.3)) ### Resource Server [](#resource-server) The resource server allows you to secure your API endpoints by checking for a valid OAuth access token in the request and ensuring the token has the correct scope(s) (i.e. permissions) to access resources. ### Custom grants [](#custom-grants) Custom grants can be created easily by implementing an interface. Changelog --------- [](#changelog) [See the project releases page](https://github.com/thephpleague/oauth2-server/releases) Contributing ------------ [](#contributing) Please see [CONTRIBUTING](https://github.com/thephpleague/oauth2-server/blob/master/CONTRIBUTING.md) for details. Support ------- [](#support) Bugs and feature request are tracked on [GitHub](https://github.com/thephpleague/oauth2-server/issues) License ------- [](#license) This package is released under the MIT License. See the bundled [LICENSE](https://github.com/thephpleague/oauth2-server/blob/master/LICENSE) file for details. Credits ------- [](#credits) This code is principally developed and maintained by [Alex Bilbie](https://twitter.com/alexbilbie). Special thanks to: - [Dan Horrigan](https://github.com/dandoescode) - [Nick Jackson](https://github.com/jacksonj04) - [Michael Gooden](https://github.com/MichaelGooden) - [Phil Sturgeon](https://github.com/philsturgeon) - [and all the other contributors](https://github.com/thephpleague/oauth2-server/contributors) The initial code was developed as part of the [Linkey](http://linkey.blogs.lincoln.ac.uk) project which was funded by [JISC](http://jisc.ac.uk) under the Access and Identity Management programme. [![Bitdeli Badge](https://camo.githubusercontent.com/f8a84519e82d3e96331ba8fd3092e8326581e5c36a075d344fc114acd657c9a1/68747470733a2f2f64327765637a68766c38323376302e636c6f756466726f6e742e6e65742f7468657068706c65616775652f6f61757468322d7365727665722f7472656e642e706e67)](https://bitdeli.com/free "Bitdeli Badge") ### Health Score 31 — LowBetter than 68% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community19 Small or concentrated contributor base Maturity71 Established project with proven stability Bus Factor1 Top contributor holds 94.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~18 days Recently: every ~27 days Total 42 Last Release 4268d ago Major Versions 0.4.2 → 1.0.02013-02-15 1.0.8 → 2.02013-05-09 1.0.9 → 3.02013-12-02 2.1.3 → 3.2.12014-07-11 PHP version history (2 changes)0.2PHP >=5.3.0 3.0PHP >=5.4.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/ea04b0b553a78318976011a0b3c03b2382e7e5d9782cf8dcd7395743d45e3e55?d=identicon)[mrblackus](/maintainers/mrblackus) --- Top Contributors [![alexbilbie](https://avatars.githubusercontent.com/u/77991?v=4)](https://github.com/alexbilbie "alexbilbie (803 commits)")[![dhrrgn](https://avatars.githubusercontent.com/u/149921?v=4)](https://github.com/dhrrgn "dhrrgn (11 commits)")[![toopay](https://avatars.githubusercontent.com/u/534245?v=4)](https://github.com/toopay "toopay (7 commits)")[![MichaelGooden](https://avatars.githubusercontent.com/u/1275012?v=4)](https://github.com/MichaelGooden "MichaelGooden (5 commits)")[![cziegenberg](https://avatars.githubusercontent.com/u/1983424?v=4)](https://github.com/cziegenberg "cziegenberg (4 commits)")[![mrblackus](https://avatars.githubusercontent.com/u/2353980?v=4)](https://github.com/mrblackus "mrblackus (4 commits)")[![acairns](https://avatars.githubusercontent.com/u/705212?v=4)](https://github.com/acairns "acairns (2 commits)")[![daveWid](https://avatars.githubusercontent.com/u/116173?v=4)](https://github.com/daveWid "daveWid (2 commits)")[![julien-c](https://avatars.githubusercontent.com/u/326577?v=4)](https://github.com/julien-c "julien-c (2 commits)")[![dschniepp](https://avatars.githubusercontent.com/u/1108670?v=4)](https://github.com/dschniepp "dschniepp (1 commits)")[![GrahamCampbell](https://avatars.githubusercontent.com/u/2829600?v=4)](https://github.com/GrahamCampbell "GrahamCampbell (1 commits)")[![jacksonj04](https://avatars.githubusercontent.com/u/619082?v=4)](https://github.com/jacksonj04 "jacksonj04 (1 commits)")[![jasongrimes](https://avatars.githubusercontent.com/u/847646?v=4)](https://github.com/jasongrimes "jasongrimes (1 commits)")[![alexmcroberts](https://avatars.githubusercontent.com/u/189079?v=4)](https://github.com/alexmcroberts "alexmcroberts (1 commits)")[![barryvdh](https://avatars.githubusercontent.com/u/973269?v=4)](https://github.com/barryvdh "barryvdh (1 commits)")[![andersonamuller](https://avatars.githubusercontent.com/u/1681800?v=4)](https://github.com/andersonamuller "andersonamuller (1 commits)")[![nhorvath](https://avatars.githubusercontent.com/u/165084?v=4)](https://github.com/nhorvath "nhorvath (1 commits)")[![philipbrown](https://avatars.githubusercontent.com/u/1579059?v=4)](https://github.com/philipbrown "philipbrown (1 commits)")[![reinink](https://avatars.githubusercontent.com/u/882133?v=4)](https://github.com/reinink "reinink (1 commits)")[![rjmackay](https://avatars.githubusercontent.com/u/7965?v=4)](https://github.com/rjmackay "rjmackay (1 commits)") --- Tags apiauthAuthenticationserveroauthoauth2authorizationsecureresourceprotect ### Embed Badge ![Health badge](/badges/mrblackus-oauth2-server/health.svg) ``` [![Health](https://phpackages.com/badges/mrblackus-oauth2-server/health.svg)](https://phpackages.com/packages/mrblackus-oauth2-server) ``` ### Alternatives [league/oauth2-server A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 6.6k136.0M248](/packages/league-oauth2-server)[auth0/auth0-php PHP SDK for Auth0 Authentication and Management APIs. 40820.2M68](/packages/auth0-auth0-php)[chervand/yii2-oauth2-server OAuth 2.0 server for Yii 2.0 with MAC tokens support. 1524.2k1](/packages/chervand-yii2-oauth2-server)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony)[ezralazuardy/heimdall Painless OAuth 2.0 Server for CodeIgniter 4 454.2k](/packages/ezralazuardy-heimdall) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)