PHPackages                             webignition/guzzle-http-authentication-middleware - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. webignition/guzzle-http-authentication-middleware

ActiveLibrary[HTTP &amp; Networking](/categories/http)

webignition/guzzle-http-authentication-middleware
=================================================

Http authentication middleware for Guzzle6

0.5(7y ago)38.6kMITPHPPHP &gt;=7.2.0

Since May 11Pushed 7y ago2 watchersCompare

[ Source](https://github.com/webignition/guzzle-http-authentication-middleware)[ Packagist](https://packagist.org/packages/webignition/guzzle-http-authentication-middleware)[ Docs](https://github.com/webignition/guzzle-http-authentication-middleware)[ RSS](/packages/webignition-guzzle-http-authentication-middleware/feed)WikiDiscussions master Synced 2mo ago

READMEChangelog (5)Dependencies (4)Versions (6)Used By (0)

Guzzle HTTP Authentication Middleware
=====================================

[](#guzzle-http-authentication-middleware)

Overview
--------

[](#overview)

[Middleware](http://docs.guzzlephp.org/en/stable/handlers-and-middleware.html#middleware) for [Guzzle 6](http://docs.guzzlephp.org/en/stable/) for setting [basic http authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) on all requests sent by a client.

An authentication header is added to any valid request. A valid request is one where the request host matches a pre-specified domain name.

Useful if your circumstances match all or some of the following:

- you need to set HTTP authentication on all requests sent by a client for a specific domain only
- you don't want to specifically add an authorization header to each request made, particularly if there are many points across an application where requests are made
- you cannot determine in advance to which domains requests might be made and you don't want to leak credentials by means of setting an authorization header on every single request that your client sends

Maybe, just maybe, this is for you.

Usage example
-------------

[](#usage-example)

```
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
use webignition\Guzzle\Middleware\HttpAuthentication\AuthorizationType;
use webignition\Guzzle\Middleware\HttpAuthentication\AuthorizationHeader;
use webignition\Guzzle\Middleware\HttpAuthentication\CredentialsFactory;
use webignition\Guzzle\Middleware\HttpAuthentication\HttpAuthenticationMiddleware;

// Creating a client that uses the middleware
$httpAuthenticationMiddleware = new HttpAuthenticationMiddleware();

$handlerStack = HandlerStack::create();
$handlerStack->push($httpAuthenticationMiddleware, 'http-auth');

$client = new Client([
    'handler' => $handlerStack,
]);

// Setting credentials on the middleware
$basicCredentials = CredentialsFactory::createBasicCredentials('username', 'password');
$httpAuthenticationMiddleware->setType(AuthorizationType::BASIC);
$httpAuthenticationMiddleware->setCredentials($credentials);
$httpAuthenticationMiddleware->setHost('example.com');

// All requests to example.com (or *.example.com) will now have
// a correct Authorization header set for basic HTTP authentication
```

Application-level considerations
--------------------------------

[](#application-level-considerations)

Let's assume you are building a modern PHP application that utilises controllers, services and so on.

Define your `HttpAuthenticationMiddleware` instance as a *service*. Use dependency injection to inject that service into whichever part of your application needs to set HTTP authentication credentials. Call `HttpAuthenticationMiddleware::setHttpAuthenticationCredentials()` as needed, passing in a `HttpAuthenticationCredentials` instance containing relevant values.

###  Health Score

29

—

LowBetter than 59% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity52

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~79 days

Total

5

Last Release

2611d ago

PHP version history (2 changes)0.1PHP &gt;=5.6.0

0.3PHP &gt;=7.2.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/278be37d1b614ef0c40b22b777663e545a1f6d69dd4f908888cbb557ad7e608f?d=identicon)[webignition](/maintainers/webignition)

---

Top Contributors

[![webignition](https://avatars.githubusercontent.com/u/76546?v=4)](https://github.com/webignition "webignition (10 commits)")

---

Tags

guzzle-middlewaremiddlewareGuzzlepsr7http authentication

###  Code Quality

TestsPHPUnit

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/webignition-guzzle-http-authentication-middleware/health.svg)

```
[![Health](https://phpackages.com/badges/webignition-guzzle-http-authentication-middleware/health.svg)](https://phpackages.com/packages/webignition-guzzle-http-authentication-middleware)
```

###  Alternatives

[kevinrob/guzzle-cache-middleware

A HTTP/1.1 Cache for Guzzle 6. It's a simple Middleware to be added in the HandlerStack. (RFC 7234)

43117.4M104](/packages/kevinrob-guzzle-cache-middleware)[rtheunissen/guzzle-log-middleware

Guzzle middleware to log requests and responses

842.3M17](/packages/rtheunissen-guzzle-log-middleware)[akrabat/ip-address-middleware

PSR-15 middleware that determines the client IP address and stores it as a ServerRequest attribute

1702.5M18](/packages/akrabat-ip-address-middleware)[eljam/guzzle-jwt-middleware

A jwt authentication middleware for guzzle 6

28722.5k3](/packages/eljam-guzzle-jwt-middleware)[rtheunissen/guzzle-rate-limiter

Guzzle 6 middleware used to delay requests dynamically

52177.2k1](/packages/rtheunissen-guzzle-rate-limiter)[akrabat/proxy-detection-middleware

PSR-7/PSR-15 Middleware that determines the scheme, host and port from the 'X-Forwarded-Proto', 'X-Forwarded-Host' and 'X-Forwarded-Port' headers and updates the Request's Uri object.

3190.4k1](/packages/akrabat-proxy-detection-middleware)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)