PHP: Getting Started using Auth0-PHP
The Auth0-PHP SDK integrates into your PHP applications providing straightforward user login and signup. It supports social identity providers such as Facebook, Google, or Twitter, as well as enterprise providers such as Active Directory. The SDK provides convenient methods for accessing Auth0's Authentication and Management endpoints.
The Auth0-PHP repository is open source and hosted on GitHub. We appreciate all contributions, including bug reports, enhancement proposals, and pull requests.
Requirements
PHP 7.4+ (8.0+ recommended)
Installation
Installing the Auth0 PHP SDK requires Composer, the standard dependency management utility for PHP. Composer allows you to declare the dependent libraries your project needs and installs them for you. Please ensure Composer is installed and accessible from your shell before continuing.
Next, run the following shell command within your project directory to install the SDK:
composer require auth0/auth0-php
Was this helpful?
vendor
subfolder within your project and download all the dependencies needed to use the PHP SDK. This will also create a vendor/autoload.php
file necessary for the SDK to work with your application, which we'll import later.Getting Started
To use the Auth0 Authentication and Management APIs, you'll need a free Auth0 account and an Application:
Go to auth0.com/signup and create your account.
Once you are in the dashboard, go to Applications, then Create Application.
Give your Application a name, select Regular Web Application, then Create
Click the Settings tab for the required credentials used below. To learn more, see Application Settings.
Configure the SDK
You should use environment variables to store and load sensitive Auth0 credentials. This eliminates the need for hard-coding them into your application. Let's create an .env
file within the root of our project directory to store our application's credentials:
The easiest way to use environment variables in your project is to use a library like PHP Dotenv along with a local .env
file. Create a .env
file (make sure this is not accessible publicly and is excluded from version control) and add the following values:
# The URL of our Auth0 Tenant Domain.
# If we're using a Custom Domain, be sure to set this to that value instead.
AUTH0_DOMAIN='https://{yourDomain}'
# Our Auth0 application's Client ID.
AUTH0_CLIENT_ID='{yourClientId}'
# Our Auth0 application's Client Secret.
AUTH0_CLIENT_SECRET='{yourClientSecret}'
# A long secret value we'll use to encrypt session cookies. This can be generated using `openssl rand -hex 32` from our shell.
AUTH0_COOKIE_SECRET='SEE COMMENT ABOVE'
# The base URL of our application.
AUTH0_BASE_URL='http://127.0.0.1:3000'
Was this helpful?
You should never commit this file to version control or share it in an unsecure manner. The contents should be handled with care and treated like a password.
As PHP is unable to read our .env
file natively, you'll need to install a PHP library to do so. For the purposes of this documentation we'll be using vlucas/phpdotenv
, but any "dotenv" library you prefer will work. From our project directory, run the following shell command to install the library:
composer require vlucas/phpdotenv
Was this helpful?
Initialize the SDK
We're ready to configure and initialize an instance of the SDK within our new PHP application. Let's start by creating the PHP source file we'll be working with for this demonstration, index.php
, and use the following snippet to get started:
<?php
// Import the Composer Autoloader to make the SDK classes accessible:
require 'vendor/autoload.php';
// Load our environment variables from the .env file:
(Dotenv\Dotenv::createImmutable(__DIR__))->load();
// Now instantiate the Auth0 class with our configuration:
$auth0 = new \Auth0\SDK\Auth0([
'domain' => $_ENV['AUTH0_DOMAIN'],
'clientId' => $_ENV['AUTH0_CLIENT_ID'],
'clientSecret' => $_ENV['AUTH0_CLIENT_SECRET'],
'cookieSecret' => $_ENV['AUTH0_COOKIE_SECRET']
]);
Was this helpful?