PHPackages wheniwork/frontegg-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. wheniwork/frontegg-php ActiveLibrary[API Development](/categories/api) wheniwork/frontegg-php ====================== PHP SDK for Frontegg 0105PHP Since Jul 1Pushed 9mo ago1 watchersCompare [ Source](https://github.com/wheniwork/frontegg-php)[ Packagist](https://packagist.org/packages/wheniwork/frontegg-php)[ RSS](/packages/wheniwork-frontegg-php/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (3)Used By (0) Note ==== [](#note) This library is very much a work in progress. some endpoints are not implemented and others may be incorrect. Frontegg PHP ============ [](#frontegg-php) This is a PHP client for the [Frontegg](https://frontegg.com) API. Installation ------------ [](#installation) ``` composer require wheniwork/frontegg-php ``` Usage ----- [](#usage) ``` use Frontegg\Client; use Frontegg\Config\FronteggConfig; // Initialize the client $config = new FronteggConfig([ 'clientId' => 'your-client-id', 'apiKey' => 'your-api-key', // Optional configurations 'region' => 'us', // default 'endpoint' => 'https://api.us.frontegg.com', // default 'httpOptions' => [] // Additional Guzzle options ]); $frontegg = new Client($config); // Example: Self-service operations (using user token) // The identity manager will automatically detect the token type $frontegg->identity()->addToken('your-jwt-token'); $frontegg->authenticate('your-jwt-token'); // is just a convenience method that calls addToken // Now use self-service operations $profile = $frontegg->selfService()->users()->getProfile(); // Example: Parse and validate a JWT token $token = 'your-jwt-token'; try { // The identity manager will automatically fetch and validate tokens // using the JWKS endpoint (/.well-known/jwks.json) $identityManager = $frontegg->identity(); // Add and validate the token $identityManager->addToken($token); // Get the parsed claims $claims = $identityManager->parseToken($token); // Access claims based on token type if ($claims instanceof UserTokenClaims) { echo "User: " . $claims->getName(); echo "Email: " . $claims->getEmail(); } elseif ($claims instanceof TenantTokenClaims) { echo "Created by user: " . $claims->getCreatedByUserId(); } // Common claims available on all token types echo "Tenant ID: " . $claims->getTenantId(); echo "Permissions: " . implode(", ", $claims->getPermissions()); } catch (\Frontegg\Exception\HttpException $e) { echo "Token validation failed: " . $e->getMessage(); } // Example: Management operations (using vendor token) $users = $frontegg->management()->users()->getUsers(); // Example: Parse and validate a JWT token $token = 'your-jwt-token'; try { // The identity manager will automatically fetch and validate tokens // using the JWKS endpoint (/.well-known/jwks.json) $identityManager = $frontegg->identity(); // Add and validate the token $identityManager->addToken($token); // Get the parsed claims $claims = $identityManager->parseToken($token); // Access claims based on token type if ($claims instanceof UserTokenClaims) { echo "User: " . $claims->getName(); echo "Email: " . $claims->getEmail(); } elseif ($claims instanceof TenantTokenClaims) { echo "Created by user: " . $claims->getCreatedByUserId(); } // Common claims available on all token types echo "Tenant ID: " . $claims->getTenantId(); echo "Permissions: " . implode(", ", $claims->getPermissions()); } catch (\Frontegg\Exception\HttpException $e) { echo "Token validation failed: " . $e->getMessage(); } ``` Configuration ------------- [](#configuration) You can configure the client using environment variables: - `FRONTEGG_CLIENT_ID`: Your Frontegg Client ID - `FRONTEGG_API_KEY`: Your Frontegg API Key Or pass them directly to the `FronteggConfig` constructor as shown in the usage example. Authentication -------------- [](#authentication) The SDK supports two types of authentication: ### Vendor Authentication [](#vendor-authentication) Used for management operations. The SDK automatically handles vendor token acquisition and renewal: ``` // Uses vendor token automatically $users = $frontegg->management()->users()->getUsers(); $tenants = $frontegg->management()->tenants()->getTenants(); ``` ### User Authentication [](#user-authentication) Required for self-service operations. You can add any JWT token and the SDK will automatically determine its type: ``` // Add a token (automatically detects type and validates) $frontegg->identity()->addToken($userJwtToken); // Now you can use self-service operations $profile = $frontegg->selfService()->users()->getProfile(); // Check if authenticated if ($frontegg->identity()->hasToken()) { // Do something } // Clear token when needed $frontegg->identity()->clearToken(); ``` Token Validation ---------------- [](#token-validation) The SDK automatically validates JWT tokens using Frontegg's JWKS endpoint (/.well-known/jwks.json). This provides several benefits: 1. **Automatic Key Rotation**: The SDK fetches the latest public keys from Frontegg's JWKS endpoint 2. **Standards Compliance**: Uses standard JWT validation practices with RSA public keys 3. **Security**: Validates token signatures and claims according to JWT standards 4. **Automatic Type Detection**: Determines if a token is a user token, tenant token, or vendor token ``` // The identity manager handles token validation automatically $identityManager = $frontegg->identity(); // Add a token (automatically validates and determines type) $identityManager->addToken($token); // Get the current token $token = $identityManager->getToken(); // Validate a token without storing it if ($identityManager->validateToken($token)) { echo "Token is valid"; } ``` Available Clients ----------------- [](#available-clients) The SDK provides access to various Frontegg services through dedicated clients: ### Management Clients [](#management-clients) - `users()`: User management operations - `tenants()`: Tenant management operations - `roles()`: Role management operations - `permissions()`: Permission management operations - `events()`: Event management operations - `audits()`: Audit log operations - `groups()`: Group management operations ### Self-Service Clients [](#self-service-clients) - `users()`: User self-service operations - `tenants()`: Tenant self-service operations - `sso()`: SSO configuration operations - `events()`: Event reporting operations ### Identity Manager [](#identity-manager) The `identity()` client provides token management and validation: - Token parsing and validation - JWKS-based signature verification - Automatic token type detection - Token claims access with type safety Token Claims ------------ [](#token-claims) The SDK provides strongly-typed access to token claims through dedicated classes: - `TokenClaims`: Base claims (type, metadata, permissions, etc.) - `UserTokenClaims`: User-specific claims (name, email, etc.) - `TenantTokenClaims`: Tenant-specific claims (createdByUserId) Error Handling -------------- [](#error-handling) The SDK uses custom exceptions for error handling: - `HttpException`: Base exception for all HTTP-related errors - `UnauthorizedException`: Authentication/authorization errors - `ValidationException`: Input validation errors - `NotFoundException`: Resource not found - `RateLimitException`: API rate limit exceeded Example: ``` try { $users = $frontegg->management()->users()->getUsers(); } catch (UnauthorizedException $e) { // Handle authentication errors echo "Authentication failed: " . $e->getMessage(); } catch (HttpException $e) { // Handle other API errors echo "API error: " . $e->getMessage(); } ``` ### Health Score 19 — LowBetter than 10% of packages Maintenance40 Moderate activity, may be stable Popularity9 Limited adoption so far Community7 Small or concentrated contributor base Maturity17 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/e06ff0975473f7673aed90148a65feb46e290427917a07b95740e28c9bb061bc?d=identicon)[th3fallen](/maintainers/th3fallen) --- Top Contributors [![th3fallen](https://avatars.githubusercontent.com/u/291859?v=4)](https://github.com/th3fallen "th3fallen (16 commits)") ### Embed Badge ![Health badge](/badges/wheniwork-frontegg-php/health.svg) ``` [![Health](https://phpackages.com/badges/wheniwork-frontegg-php/health.svg)](https://phpackages.com/packages/wheniwork-frontegg-php) ``` ### Alternatives [stripe/stripe-php Stripe PHP Library 4.0k143.3M480](/packages/stripe-stripe-php)[twilio/sdk A PHP wrapper for Twilio's API 1.6k92.9M272](/packages/twilio-sdk)[facebook/php-business-sdk PHP SDK for Facebook Business 90821.9M34](/packages/facebook-php-business-sdk)[meilisearch/meilisearch-php PHP wrapper for the Meilisearch API 74513.7M114](/packages/meilisearch-meilisearch-php)[google/gax Google API Core for PHP 265103.1M454](/packages/google-gax)[google/common-protos Google API Common Protos for PHP 173103.7M50](/packages/google-common-protos) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)