Skip to content

laravel-oidc

Turn your Laravel app into a full OpenID Connect identity provider — signed id_tokens, discovery, JWKS, userinfo, token exchange, and a complete authentication engine.

OIDC provider

Signed RS256 id_tokens, a discovery document, JWKS, userinfo, RP-initiated and back-channel logout, RFC 7662 introspection, and RFC 7009 revocation — the full protocol surface of an identity provider.

RFC 9068 + RFC 8693

Structured at+jwt access tokens, and optional token exchange so a client can trade a token for a narrowly-scoped one aimed at a downstream resource server.

Auth engine

A complete set of package-owned flows — login, registration, password reset, email verification, password confirmation, and multi-factor (TOTP, recovery codes, passkeys) — that your app fills with its own views and actions.

Adaptive login

A post-login pipeline with a single decision hook (requireMfa / deny / add claims) and acr / amr emission on the id_token.

  • PHP ^8.4
  • Laravel 11, 12, or 13
  • laravel/passport ^13.4 — the OAuth2 core the package builds on