PHP, meet OAuth
Pull request Compare This branch is 14 commits ahead, 1289 commits behind thephpleague:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

PHP OAuth 2.0 Server

A standards compliant OAuth 2.0 authorization server and resource server written in PHP.

Package Installation

The framework is provided as a Composer package which can be installed by adding the package to your composer.json file:

	"require": {
		"league/oauth2-server": "2.*"

Master branch

Latest stable version - Latest Stable Version Code coverage - Coverage Status Downloads - Total Downloads

Develop branch

Latest unstable version - Latest Unstable Version Code coverage - Coverage Status

The library features 100% unit test code coverage. To run the tests yourself run phpunit from the project root.

Current Features

Authorization Server

The authorization server is a flexible class and the following core specification grants are implemented:

An overview of the different OAuth 2.0 grants can be found in the wiki

Resource Server

The resource server allows you to secure your API endpoints by checking for a valid OAuth access token in the request and ensuring the token has the correct scope(s) (i.e. permissions) to access resources.

Custom grants

Custom grants can be created easily by implementing an interface. Check out a guide here

PDO driver

If you are using MySQL and want to very quickly implement the library then all of the storage interfaces have been implemented with PDO classes. Check out the guide here

Tutorials and documentation

The wiki has lots of guides on how to use this library, check it out -

A simple tutorial on how to use the authorization server can be found at

A simple tutorial on how to use the resource server to secure an API server can be found at


See the project releases page


Please see CONTRIBUTING for details.


Bugs and feature request are tracked on GitHub


This package is released under the MIT License. See the bundled LICENSE file for details.


This code is principally developed and maintained by Alex Bilbie.

Special thanks to:

The initial code was developed as part of the Linkey project which was funded by JISC under the Access and Identity Management programme.