diff --git a/main/docs/libraries/auth0-php.mdx b/main/docs/libraries/auth0-php.mdx index f7d56e4640..edd8840336 100644 --- a/main/docs/libraries/auth0-php.mdx +++ b/main/docs/libraries/auth0-php.mdx @@ -10,8 +10,12 @@ The Auth0-PHP repository is open source and [hosted on GitHub](https://github.co ## Requirements -* PHP 7.4+ (8.0+ recommended) +* PHP 8.2+ * [Composer](https://getcomposer.org/doc/00-intro.md) +* PHP `mbstring` extension +* A [PSR-18 HTTP Client](https://packagist.org/providers/psr/http-client-implementation) implementation +* A [PSR-17 HTTP Factory](https://packagist.org/providers/psr/http-factory-implementation) implementation +* A [PSR-7 HTTP Messages](https://packagist.org/providers/psr/http-message-implementation) implementation ## Installation @@ -42,7 +46,7 @@ The easiest way to use environment variables in your project is to use a library export const codeExample = `# The URL of our Auth0 Tenant Domain. # If we're using a Custom Domain, be sure to set this to that value instead. -AUTH0_DOMAIN='https://{yourDomain}' +AUTH0_DOMAIN='{yourDomain}' # Our Auth0 application's Client ID. AUTH0_CLIENT_ID='{yourClientId}' @@ -83,7 +87,8 @@ $auth0 = new \Auth0\SDK\Auth0([ 'domain' => $_ENV['AUTH0_DOMAIN'], 'clientId' => $_ENV['AUTH0_CLIENT_ID'], 'clientSecret' => $_ENV['AUTH0_CLIENT_SECRET'], - 'cookieSecret' => $_ENV['AUTH0_COOKIE_SECRET'] + 'cookieSecret' => $_ENV['AUTH0_COOKIE_SECRET'], + 'redirectUri' => $_ENV['AUTH0_BASE_URL'], ]); ``` diff --git a/main/docs/libraries/auth0-php/auth0-php-basic-use.mdx b/main/docs/libraries/auth0-php/auth0-php-basic-use.mdx index 8a2c1b2c22..d777130a19 100644 --- a/main/docs/libraries/auth0-php/auth0-php-basic-use.mdx +++ b/main/docs/libraries/auth0-php/auth0-php-basic-use.mdx @@ -1,6 +1,7 @@ --- -description: Integrate a frictionless login and signup experience for your PHP applications. title: 'PHP: Logging in, out, and returning user profiles with Auth0-PHP' +description: Integrate a frictionless login and signup experience for your PHP applications. +validatedOn: 2026-06-29 --- The Auth0-PHP SDK bundles three core classes: `Auth0\SDK\Auth0`, `Auth0\SDK\API\Authentication` and `Auth0\SDK\API\Management`, each offering interfaces for different functionality across Auth0's APIs. If you're building a stateful web application that needs to keep track of users' sessions, the base `Auth0` class is what you'll be working with the most. It provides methods for handling common authentication and session handling tasks such as logging in and out, retrieving user credentials, checking of an available session, and callback handling. These tasks are explained below. @@ -12,7 +13,7 @@ The documentation below assumes that you followed the steps in the [Auth0-PHP](/ ### Logging In -The default login process in the PHP SDK uses an [Authentication Code grant](/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/call-your-api-using-the-authorization-code-flow) combined with Auth0's Universal Login Page. In short, that process is: +The default login process in the PHP SDK uses an [Authorization Code grant](/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/call-your-api-using-the-authorization-code-flow) combined with Auth0's Universal Login Page. In short, that process is: 1. A user requesting access is redirected to the Universal Login Page. 2. The user authenticates using one of [many possible connections](/docs/authenticate/identity-providers): social (Google, X, Facebook), database (email and password), passwordless (email, SMS), or enterprise (ActiveDirectory, ADFS, Office 365). @@ -41,8 +42,8 @@ if ($auth0->getExchangeParameters()) { // Check if the user is logged in already $session = $auth0->getCredentials(); -if ($session === null) { - // User is not logged in! +if ($session === null || $session->accessTokenExpired) { + // User is not logged in, or their access token has expired. // Redirect to the Universal Login Page for authentication. header("Location: " . $auth0->login()); exit; @@ -85,7 +86,7 @@ In addition to logging in, we also want users to be able to log out. When users ```php lines // Log out of the application. -header("Location: $auth0->logout()); +header("Location: " . $auth0->logout()); ``` If you're using Single Sign-on (SSO) and also want to end their Auth0 session, see the [SSO Logout section here](/docs/libraries/auth0-php/using-the-authentication-api-with-auth0-php). More information about logging out, in general, can be found [here](/docs/authenticate/login/logout).