Skip to content
A sample backend that demonstrates how to generate a Virgil JWT using PHP SDK
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Sample Backend for PHP

This repository contains a sample backend code that demonstrates how to generate a Virgil JWT using the PHP SDK

Do not use this authentication in production. Requests to /virgil-jwt endpoint must be allowed for authenticated users. Use your application authorization strategy.



  • PHP 5.6 and newer
  • virgil_crypto_php extension

Add virgil_crypto_php extension before install this sample backend:

  • Download virgil_crypto_{latest version} archive from the CDN according to your server operating system and PHP version
  • Place* file from the archive into the directory with extensions
  • Add string to the php.ini file
  • Restart your web-service (apache or nginx): sudo service {apache2 / nginx} restart
  • PHP version: phpversion() / php --version
  • OS Version: PHP_OS
  • php.ini and extensions directory: phpinfo() / php -i / php-config --extension_dir

Clone the repository and make composer update

$ git clone
$ composer update

Get Virgil Credentials

If you don't have an account yet, sign up for one using your e-mail.

To generate a JWT the following values are required:

Variable Name Description
API_PRIVATE_KEY Private key of your API key that is used to sign the JWTs.
API_KEY_ID ID of your API key. A unique string value that identifies your account in the Virgil Cloud.
APP_ID ID of your Virgil Application.

Add Virgil Credentials to .env

  • open the project folder
  • create a .env file
  • fill it with your account credentials (take a look at the .env.example file to find out how to setup your own .env file)
  • save the .env file

Configure and Run Server

Make sure that ./app/public/ is a public-accessible directory with a index.php file. Also, you need to make a front-controller and rewrite all requests to the index.php file.

More info on how to configure and run a Apache/nginx/hhvm server can be found here.


/authenticate endpoint

This endpoint is an example of users authentication. It takes user identity and responds with unique token.

POST https://<server_name>/authenticate HTTP/1.1
Content-type: application/json;

    "identity": "string"


    "authToken": "string"

/virgil-jwt endpoint

This endpoint checks whether a user is authorized by an authorization header. It takes user's authToken, finds related user identity and generates a virgilToken (which is JSON Web Token) with this identity in a payload. Use this token to make authorized api calls to Virgil Cloud.

GET https://<server_name>/virgil-jwt HTTP/1.1
Content-type: application/json;
Authorization: Bearer <authToken>


    "virgilToken": "string"

Virgil JWT Generation

To generate JWT, you need to use the JwtGenerator class from the SDK.

    $privateKeyStr = $_ENV['PRIVATE_KEY'];
    $apiKeyData = base64_decode($privateKeyStr);

    $crypto = new VirgilCrypto();
    $privateKey = $crypto->importPrivateKey($apiKeyData);

    $accessTokenSigner = new VirgilAccessTokenSigner();

    $appId = $_ENV['APP_ID'];
    $apiKeyId = $_ENV['API_KEY_ID'];
    $ttl = 3600;

    $jwtGenerator = new JwtGenerator($privateKey, $apiKeyId, $accessTokenSigner, $appId, $ttl);

    $token = $jwtGenerator->generateToken($identity);

    $jwt = $token->__toString();

Then you need to provide an HTTP endpoint which will return the JWT with the user's identity as a JSON.

For more details take a look at the JWTGenerator.php file.


This library is released under the 3-clause BSD License.


Our developer support team is here to help you. Find out more information on our Help Center.

You can find us on Twitter or send us email

Also, get extra help from our support team on Slack.

You can’t perform that action at this time.