PHPackages                             rhertogh/yii2-oauth2-server - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. rhertogh/yii2-oauth2-server

ActiveYii2-extension[Authentication &amp; Authorization](/categories/authentication)

rhertogh/yii2-oauth2-server
===========================

A Yii2 Oauth 2 and OpenID Connect server based on thephpleague/oauth2-server

1.0.0-alpha19(1y ago)1912.8k↑575%13[2 issues](https://github.com/rhertogh/yii2-oauth2-server/issues)[2 PRs](https://github.com/rhertogh/yii2-oauth2-server/pulls)Apache-2.0PHPPHP &gt;=7.4.0CI failing

Since Nov 11Pushed 1w ago4 watchersCompare

[ Source](https://github.com/rhertogh/yii2-oauth2-server)[ Packagist](https://packagist.org/packages/rhertogh/yii2-oauth2-server)[ RSS](/packages/rhertogh-yii2-oauth2-server/feed)WikiDiscussions master Synced 2d ago

READMEChangelogDependencies (24)Versions (21)Used By (0)

 [ ![Yii2](https://avatars0.githubusercontent.com/u/993323) ](https://github.com/yiisoft) [ ![Oauth 2](https://camo.githubusercontent.com/23153ef62a94819ae8383eb2cba315d75687985edd4d184e0d46017546be50b1/68747470733a2f2f6f617574682e6e65742f696d616765732f6f617574682d322d736d2e706e67) ](https://oauth.net/2/) [ ![OpenID Connect](https://camo.githubusercontent.com/0bdbf895e7eafc19698308fd68223a32c75f881650d40e9c97add1897f3843c8/68747470733a2f2f75706c6f61642e77696b696d656469612e6f72672f77696b6970656469612f636f6d6d6f6e732f7468756d622f612f61322f4f70656e49445f6c6f676f5f322e7376672f36343070782d4f70656e49445f6c6f676f5f322e7376672e706e67) ](https://openid.net/)

Oauth2 + OpenID Connect Extension for Yii 2
===========================================

[](#oauth2--openid-connect-extension-for-yii-2)

[![Latest Stable Version](https://camo.githubusercontent.com/2956d26362068a7e1a9f3bc1301b58ce4b2c45c06925623584b7ba1e58ec3b98/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f72686572746f67682f796969322d6f61757468322d7365727665722e737667)](https://packagist.org/packages/rhertogh/yii2-oauth2-server)[![build Status](https://github.com/rhertogh/yii2-oauth2-server/actions/workflows/build.yml/badge.svg)](https://github.com/rhertogh/yii2-oauth2-server/actions/workflows/build.yml)[![Code Coverage](https://camo.githubusercontent.com/ac724780fc6a717be5ecb64b69039526e4506808dee85df1166f505115b4fab0/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f72686572746f67682f796969322d6f61757468322d7365727665722f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/rhertogh/yii2-oauth2-server/?branch=master)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/3d5820b7210d4a6e44a0f62d088d1d841560aa10e984569d3185a012c8cbedc5/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f72686572746f67682f796969322d6f61757468322d7365727665722f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/rhertogh/yii2-oauth2-server/?branch=master)[![GitHub](https://camo.githubusercontent.com/fe44dea716b3932f6779ccf5a42c495432c38fbe2cb711cfc98dcfb922d9c1b7/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f72686572746f67682f796969322d6f61757468322d7365727665723f636f6c6f723d627269676874677265656e)](https://github.com/rhertogh/yii2-oauth2-server/blob/master/LICENSE.md)

The Yii2-Oauth2-Server is an extension for [Yii framework 2.0](http://www.yiiframework.com) applications and provides an [Oauth2](https://oauth.net/2/) server based on the [League OAuth2 server](https://github.com/thephpleague/oauth2-server). The server also supports [OpenID Connect Core](https://openid.net/specs/openid-connect-core-1_0.html).

### 📑 Contents

[](#-contents)

- [Getting started](#-getting-started)
- [Test Drive](#%EF%B8%8F-test-drive)
- [Documentation](#-documentation)
- [FAQ](#-faq)
- [Implemented Standards](#-implemented-standards)
- [Importing/Migrating](#-importingmigrating)
- [Versioning &amp; Change Log](#-versioning--change-log)
- [Reporting Security issues](#-reporting-security-issues)
- [Directory Structure](#-directory-structure)
- [Contributing](#-contributing)
- [Credits](#-credits)
- [License](#-license)

---

🐣 Getting started
-----------------

[](#-getting-started)

If you're not yet familiar with Oauth 2 we recommend to check out [An Illustrated Guide to OAuth and OpenID Connect](https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc)

#### Requirements:

[](#requirements)

- The minimum required PHP version is 7.4 (compatibility tested up till and including PHP 8.1).
- The minimum required Yii version is 2.0.49 (2.0.50 when using SQLite).

#### Installation:

[](#installation)

The preferred way to install this extension is through [composer](https://getcomposer.org/download/).

```
composer require rhertogh/yii2-oauth2-server
```

Full installation and configuration details can be found in the docs under [Installing the Yii2-Oauth2-Server](docs/guide/start-installation.md)

🏎️ Test Drive
-------------

[](#️-test-drive)

You can run a local preview instance using [Docker](https://docker.com/):

```
docker run --rm -p 82:80 --name Yii2Oauth2Server ghcr.io/rhertogh/yii2-oauth2-server:master
```

After the container is started you can access the Oauth2 server on [localhost:82](http://localhost:82).

> Hint: The port number on the host machine is specified by the first part of the `-p` argument. This can be changed if desired (e.g. `-p 88:80`).

To access the CLI of the Docker container you can run:

```
docker container exec -it Yii2Oauth2Server bash
```

📖 Documentation
---------------

[](#-documentation)

There are two main sections in the documentation:

- [Usage Guide](docs/guide/README.md) for using the Yii2-Oauth2-Server in your own project.
- [Development Guide](docs/internals/README.md) for contributing to the Yii2-Oauth2-Server.

🔮 FAQ
-----

[](#-faq)

This is a quick FAQ, the full version can be found [here](docs/guide/faq.md).

#### *Where can I find the Oauth2 endpoints?*

[](#where-can-i-find-the-oauth2-endpoints)

To see an overview of the endpoints and other configuration you can run: `./yii oauth2/debug/config`

#### *How can I see the configured clients?*

[](#how-can-i-see-the-configured-clients)

To see an overview of the clients you can run: `./yii oauth2/client/list`

#### *The Oauth2 server throws an error, what should I do?*

[](#the-oauth2-server-throws-an-error-what-should-i-do)

Please check out the [full FAQ](docs/guide/faq.md#error-messages) first. If that doesn't solve the problem, please [report an issue](docs/internals/report-an-issue.md).

📒 Implemented Standards
-----------------------

[](#-implemented-standards)

NameRFC / SpecsSinceOAuth 2.0[RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749)1.0.0¹The OAuth 2.0 Authorization Framework: Bearer Token Usage[RFC 6750](https://datatracker.ietf.org/doc/html/rfc6750)1.0.0¹Proof Key for Code Exchange by OAuth Public Clients (PKCE)[RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636)1.0.0¹OAuth 2.0 Token Revocation[RFC 7009](https://datatracker.ietf.org/doc/html/rfc7009)1.0.0OpenID Connect Core 1.0[Specifications](https://openid.net/specs/openid-connect-core-1_0.html)1.0.0OpenID Connect Discovery 1.0[Specifications](https://openid.net/specs/openid-connect-discovery-1_0.html)1.0.0OpenID Connect RP-Initiated Logout[Specifications](https://openid.net/specs/openid-connect-rpinitiated-1_0.html)1.0.0Initiating User Registration via OpenID Connect[Specifications](https://openid.net/specs/openid-connect-prompt-create-1_0.html)1.0.0¹ Provided via [PHP OAuth 2.0 Server](https://oauth2.thephpleague.com/).

↘️ Importing/Migrating
----------------------

[](#️-importingmigrating)

To ease migrating from another project, the Yii2-Oauth2-Server supports importing data from other projects. For example from the [filsh/yii2-oauth2-server](https://github.com/filsh/yii2-oauth2-server)

Please see [Importing/Migrating from other servers](docs/guide/importing-migrating.md) for more information.

📜 Versioning &amp; Change Log
-----------------------------

[](#-versioning--change-log)

The Yii2-Oauth2-Server follows [Semantic Versioning 2.0](https://semver.org/spec/v2.0.0.html)
Please see the [Change Log](CHANGELOG.md) for more information on version history and the [Upgrading Instructions](UPGRADE.md) when upgrading to a newer version.

🔎 Reporting Security issues
---------------------------

[](#-reporting-security-issues)

In case you found a security issue please [contact us directly](https://forms.gle/8aEGxmN51Hvb7oLJ7)DO NOT use the issue tracker or discuss it in public as it will cause more damage than help.

Please note that as a non-commercial OpenSource project we are not able to pay bounties.

📂 Directory Structure
---------------------

[](#-directory-structure)

```
docker/     Docker container definition
docs/       Documentation (for both usage and development)
sample/     Sample app for the server
src/        Yii2-Oauth2-Server source
tests/      Codeception unit and functional tests

```

🚀 Contributing
--------------

[](#-contributing)

The Yii2-Oauth2-Server is [Open Source](LICENSE.md). You can help by:

- [Report an issue](docs/internals/report-an-issue.md)
- [Contribute with new features or bug fixes](docs/internals/pull-request-qa.md)

Thanks in advance for your contribution!

🎉 Credits
---------

[](#-credits)

- [Rutger Hertogh](https://github.com/rhertogh)
- [All Contributors](https://github.com/rhertogh/yii2-oauth2-server/graphs/contributors)

✒️ License
----------

[](#️-license)

The Yii2-Oauth2-Server is free software. It is released under the terms of the Apache License. Please see [`LICENSE.md`](LICENSE.md) for more information.

###  Health Score

45

—

FairBetter than 91% of packages

Maintenance72

Regular maintenance activity

Popularity37

Limited adoption so far

Community19

Small or concentrated contributor base

Maturity45

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 98.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~69 days

Recently: every ~157 days

Total

19

Last Release

435d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/769cc6e6d7fcc3c1c56ed0d1bddde57f225e59467e2d02486198ac067c696213?d=identicon)[rhertogh](/maintainers/rhertogh)

---

Top Contributors

[![rhertogh](https://avatars.githubusercontent.com/u/1292337?v=4)](https://github.com/rhertogh "rhertogh (356 commits)")[![SOHELAHMED7](https://avatars.githubusercontent.com/u/6770119?v=4)](https://github.com/SOHELAHMED7 "SOHELAHMED7 (2 commits)")[![bada02](https://avatars.githubusercontent.com/u/11148052?v=4)](https://github.com/bada02 "bada02 (1 commits)")[![dmmike](https://avatars.githubusercontent.com/u/1354288?v=4)](https://github.com/dmmike "dmmike (1 commits)")[![ms48](https://avatars.githubusercontent.com/u/13364378?v=4)](https://github.com/ms48 "ms48 (1 commits)")[![mtangoo](https://avatars.githubusercontent.com/u/1502872?v=4)](https://github.com/mtangoo "mtangoo (1 commits)")

---

Tags

oauth2oauth2-serveroidcoidc-serverphpyii2yii2-extensionoauth 2yii2OpenID Connect

###  Code Quality

TestsCodeception

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/rhertogh-yii2-oauth2-server/health.svg)

```
[![Health](https://phpackages.com/badges/rhertogh-yii2-oauth2-server/health.svg)](https://phpackages.com/packages/rhertogh-yii2-oauth2-server)
```

###  Alternatives

[craftcms/cms

Craft CMS

3.6k3.6M3.1k](/packages/craftcms-cms)[jeremy379/laravel-openid-connect

OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport.

59437.0k9](/packages/jeremy379-laravel-openid-connect)[simplesamlphp/simplesamlphp-module-oidc

A SimpleSAMLphp module adding support for the OpenID Connect protocol

5018.2k1](/packages/simplesamlphp-simplesamlphp-module-oidc)[league/openid-connect-claims

An OpenID Connect ID claims set implementation

17260.2k4](/packages/league-openid-connect-claims)[chervand/yii2-oauth2-server

OAuth 2.0 server for Yii 2.0 with MAC tokens support.

1524.7k1](/packages/chervand-yii2-oauth2-server)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
