Skip to content

zitadel/zitadel-php

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

89 Commits
.github
.github
 
 
.phpdoc/template
.phpdoc/template
 
 
docs
docs
 
 
lib
lib
 
 
spec
spec
 
 
test
test
 
 
.commitlintrc.json
.commitlintrc.json
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.php-cs-fixer.dist.php
.php-cs-fixer.dist.php
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.releaserc.json
.releaserc.json
 
 
AGENTS.md
AGENTS.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
SKILLS.md
SKILLS.md
 
 
VERSIONING.md
VERSIONING.md
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
devbox.json
devbox.json
 
 
devbox.lock
devbox.lock
 
 
lefthook.yml
lefthook.yml
 
 
phpdoc.xml
phpdoc.xml
 
 
phpstan.neon
phpstan.neon
 
 
phpunit.xml
phpunit.xml
 
 
qodana.yaml
qodana.yaml
 
 
rector.php
rector.php
 
 

Repository files navigation

Zitadel PHP SDK

Official PHP middleware library for Zitadel authentication using the OAuth 2.0 Authorization Code + PKCE flow.

  • Zero server-side sessions — all state in encrypted HttpOnly cookies
  • Zero custom routes — middleware intercepts callback and logout automatically
  • Zero external runtime dependencies — only ext-openssl, ext-sodium, ext-curl
  • PHP 8.3+ with full readonly class immutability
  • Supports Laravel, Symfony, Yii 3, CodeIgniter 4, and Phalcon

Installation

composer require zitadel/sdk

Quick Start

Laravel

Auto-discovered. Set environment variables and optionally publish config:

php artisan vendor:publish --tag=zitadel-config

Symfony

// config/bundles.php
Zitadel\Sdk\Bridge\Symfony\ZitadelBundle::class => ['all' => true],

Yii 3

Register the bridge middleware and its router bindings in config/web/di.php:

use Zitadel\Sdk\Bridge\Yii\ZitadelMiddleware;
use Yiisoft\Router\FastRoute\UrlMatcher;
use Yiisoft\Router\UrlMatcherInterface;
// ... see docs/yii.rst for the full DI config

Place ZitadelMiddleware::class before Router::class in your middleware pipeline.

Slim 4 / Mezzio (PSR-15 native)

use Zitadel\Sdk\Middleware\ZitadelMiddleware;

$app->add(new ZitadelMiddleware($config, $validator, $responseFactory));

Configuration

$config = new ZitadelConfig(
    issuerUrl:    'https://my.zitadel.cloud',
    clientId:     'your-client-id',
    redirectUri:  'https://myapp.com/zitadel/callback',
    cookieSecret: bin2hex(random_bytes(32)),  // generate once, store in env
    protectAll:   true,
    ignoredRoutes: ['/health', '/'],
);

Documentation

See docs/index.rst or the per-framework guides in docs/.

License

Apache 2.0 — see LICENSE.

About

Official Zitadel PKCE authentication middleware for PHP — Laravel, Symfony, CodeIgniter 4, Phalcon, Yii 3, Slim 4, Mezzio

zitadel.com

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages