PHP

Authenticate requests and manage Passage users with PHP.

Packagist License

Prerequisites

Passage App ID and API Key from Passage Console

Install

Install the passage-php (opens in a new tab) package.

composer require passageidentity/passage-php

Initialize

use Passage\Client\Passage;
 
$passage = new Passage(
  $_ENV['PASSAGE_APP_ID'],
  $_ENV['PASSAGE_API_KEY'],
);

Authenticating requests

The Passkey Complete PHP SDK provides a way to validate JWT-authenticated requests. To learn more, see our full guide on JWTs.

#[Route('/protected-route', methods: ['GET'])]
public function controller(Request $request)
{
    // Get Passage JWT from the request's Authorization header
    $authHeader = $request->headers->get('Authorization');
    // Drop the 'Bearer' prefix
    $token = explode(' ', $authHeader)[1];
 
    try {
        $userId = $passage->auth->validateJwt($token);
 
        // Token is valid
        $user = $passage->user->get($userId);
 
        print_r($user);
    } catch (\Exception $err) {
        // Token is invalid
    }
}

User management

In addition to authenticating requests, the Passkey Complete PHP SDK also provides a way to securely manage users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.

The functionality currently available on a user is:

  • Get a user's information (including any defined user metadata fields)
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user's information (email address or phone number)
  • Revoke a user's refresh tokens
  • Delete a user
  • Create a user

User device management

The functionality currently available is:

  • List all devices for a user
  • Revoke a particular device from a user

Creating Magic Links

The Passkey Complete PHP SDK can be used to generate custom Magic Links for users, that can be embedded into any content medium. To learn more, see our full guide on Embedded Magic Links.

// With an email
$args = new MagicLinkWithEmailArgs(
    email: 'test.email@mail.com',
    type: MagicLinkType::LOGIN,
    send: true,
);
$magicLink = $passage->auth->createMagicLink($args);
 
// With a phone number
$args = new MagicLinkWithPhoneArgs(
    phone: '+15125550000',
    type: MagicLinkType::LOGIN,
    send: true,
);
$magicLink = $passage->auth->createMagicLink($args);
 
// With a passage user id
$args = new MagicLinkWithUserArgs(
    userId: $passageUserId,
    channel: MagicLinkChannel::EMAIL,
    type: MagicLinkType::LOGIN,
    send: true,
);
$magicLink = $passage->auth->createMagicLink($args);
 
// Any of the above with options
$options = new MagicLinkOptions(
    language: MagicLinkLanguage::ES,
    magicLinkPath: '/some/url/path',
    redirectUrl: '/redirect/to/dashboard/path',
    ttl: 20, // minutes
);
$magicLink = $passage->auth->createMagicLink($args, $options);