Skip to content


Repository files navigation

An OAuth2 client manager for Craft CMS

Join the chat at Latest Version Software License Build Status Coverage Status Quality Score Total Downloads

Patron is an OAuth2 client manager; Providing an easy to use interface for managing OAuth2 providers and tokens.



This plugin requires Craft CMS 3.0 or later.


Choose one of the following ways to add Patron to your project:

  1. Composer:

    Simply run the following command from your project root:

    composer require flipboxfactory/patron
  2. Craft CMS Plugin Store:

    Within your Craft CMS project admin panel, navigate to the 'Plugin Store' and search for 'Patron'. Installation is a button click away.

Once the plugin is included in your project, navigate to the Control Panel, go to Settings → Plugins and click the “Install” button for Patron.


Patron provides an Craft CMS admin interface for The PHP League's OAuth2 client package. Additional features include:


The craft.patron template variable provides access to the entire Patron plugin. However, there are two useful tags worth highlighting:

Retrieving providers:

{% set providerQuery = craft.patron.providers %}
{% set provider = providerQuery.handle('providerHandle').one() %}

Retrieving tokens:

{% set tokenQuery = craft.patron.tokens %}
{% set token = tokenQuery.provider('providerHandle').one() %} {# a token associated to a provider #}







The settings (including provider configurations) can be overridden with the plugins configuration file: config/patron.php

It's recommended that sensitive data (such as the client secret) is accessed via environmental variables:

    'providerHandle' => [
        'clientId' => getenv('SOME_PROVIDER_CLIENT_ID'),
        'clientSecret' => getenv('SOME_PROVIDER_CLIENT_SECRET'),
    'anotherProviderHandle' => [
            'clientId' => getenv('SOME_OTHER_PROVIDER_CLIENT_ID'),
            'clientSecret' => getenv('SOME_OTHER_PROVIDER_CLIENT_SECRET'),

Third Party Providers

Adding addition providers to Patron is handled through the following events:

  1. Register a compatible The PHP League OAuth2 provider using a fully qualified class name. The PHP League has an extensive list that have been contributed by the community.

        function (\flipbox\patron\events\RegisterProviders $event) {
            $event->providers[] = '\your\fully\qualified\provider\class\name'; // Ex: \Stevenmaguire\OAuth2\Client\Provider\Salesforce::class
  2. [Optional] Register a settings interface for the Provider. If your provider can be configured, the settings interface will enable configuration inputs via the Craft CP. The settings interface will be registered on the same provider class in step 1.

        '\your\fully\qualified\provider\class\name', // Ex: \Stevenmaguire\OAuth2\Client\Provider\Salesforce::class
        function (\flipbox\patron\events\RegisterProviderSettings $event) {
            $event->class = '\your\fully\qualified\settings\class\name';  // Ex: \flipbox\patron\salesforce\settings\SalesforceSettings::class
  3. [Optional] Register additional info for the Provider. Throughout the Craft CP we use a provider name and icon. Register the following in order to specify these values:

        function (\flipbox\patron\events\RegisterProviderInfo $event) {
            $event->info['\your\fully\qualified\provider\class\name] = [
                'name' => 'Your Provider', 
                'icon' => '/path/to/icon.svg' // Ex: '@vendor/flipboxfactory/patron-salesforce/icons/salesforce.svg'

As an example, here are a few third-party provider packages to reference:

Provider Locking

A provider can be 'locked' by a plugin. As a result, only the plugin (that locked it) can delete the provider. This is useful when another plugin is using Patron to manage it's OAuth2 connections, which may not be apparent.


/** @var \flipbox\patron\records\Provider $provider */
/** @var \craft\base\PluginInterface $yourPlugin */




Please see CONTRIBUTING for details.



The MIT License (MIT). Please see License File for more information.