Skip to content
A helper library for working with JWT's for Okta
Branch: develop
Clone or download
heyjones and bretterer Update
Re-worded JWT library dependency requirement and fixed composer instructions for guzzlehttp.
Latest commit 1cef606 Aug 16, 2018

Okta JWT Verifier for PHP

This library helps you verify tokens that have been issued by Okta. To learn more about verification cases and Okta's tokens please read Working With OAuth 2.0 Tokens


The Okta JWT Verifier can be installed through composer.

composer require okta/jwt-verifier

This library requires a JWT library. We currently support spomky-labs/jose and firebase/php-jwt. You will have to install one of these or create your own adaptor.

composer require spomky-labs/jose

To create your own adaptor, just implement the Okta/JwtVerifier/Adaptors/Adaptor in your own class.

You will also need to install a PSR-7 compliant library. We suggest that you use guzzlehttp/psr7 in your project.

composer require guzzlehttp/psr7


$jwt = 'eyJhbGciOiJSUzI1Nqd0FfRzh6X0ZsOGlJRnNoUlRuQUkweVUifQ.eyJ2ZXIiOjEsiOiJwaHBAb2t0YS5jb20ifQ.ZGrn4fvIoCq0QdSyA';

$jwtVerifier = (new \Okta\JwtVerifier\JwtVerifierBuilder())
    ->setDiscovery(new \Okta\JwtVerifier\Discovery\Oauth) // This is not needed if using oauth.  The other option is OIDC
    ->setAdaptor(new \Okta\JwtVerifier\Adaptors\SpomkyLabsJose)

$jwt = $jwtVerifier->verify($jwt);

dump($jwt); //Returns instance of \Okta\JwtVerifier\JWT

dump($jwt->toJson()); // Returns Claims as JSON Object

dump($jwt->getClaims()); // Returns Claims as they come from the JWT Package used

dump($jwt->getIssuedAt()); // returns Carbon instance of issued at time
dump($jwt->getIssuedAt(false)); // returns timestamp of issued at time

dump($jwt->getExpirationTime()); //returns Carbon instance of Expiration Time
dump($jwt->getExpirationTime(false)); //returns timestamp of Expiration Time
You can’t perform that action at this time.