{"id":33974258,"url":"https://github.com/wheniwork/frontegg-php","last_synced_at":"2025-12-13T01:40:37.490Z","repository":{"id":275981609,"uuid":"927821999","full_name":"wheniwork/frontegg-php","owner":"wheniwork","description":null,"archived":false,"fork":false,"pushed_at":"2025-07-30T18:08:33.000Z","size":70,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-05T11:11:55.807Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wheniwork.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-02-05T15:48:48.000Z","updated_at":"2025-07-30T18:08:36.000Z","dependencies_parsed_at":"2025-07-01T17:23:22.974Z","dependency_job_id":"ce32b739-83f4-45c0-88b7-48cae0cff050","html_url":"https://github.com/wheniwork/frontegg-php","commit_stats":null,"previous_names":["wheniwork/frontegg-php"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/wheniwork/frontegg-php","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wheniwork%2Ffrontegg-php","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wheniwork%2Ffrontegg-php/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wheniwork%2Ffrontegg-php/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wheniwork%2Ffrontegg-php/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wheniwork","download_url":"https://codeload.github.com/wheniwork/frontegg-php/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wheniwork%2Ffrontegg-php/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27697876,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-12T02:00:06.775Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-13T01:40:36.878Z","updated_at":"2025-12-13T01:40:37.484Z","avatar_url":"https://github.com/wheniwork.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Note\nThis library is very much a work in progress. some endpoints are not implemented and others may be incorrect.\n\n# Frontegg PHP\n\nThis is a PHP client for the [Frontegg](https://frontegg.com) API.\n\n## Installation\n\n```bash\ncomposer require wheniwork/frontegg-php\n```\n\n## Usage\n\n```php\nuse Frontegg\\Client;\nuse Frontegg\\Config\\FronteggConfig;\n\n// Initialize the client\n$config = new FronteggConfig([\n    'clientId' =\u003e 'your-client-id',\n    'apiKey' =\u003e 'your-api-key',\n    // Optional configurations\n    'region' =\u003e 'us', // default\n    'endpoint' =\u003e 'https://api.us.frontegg.com', // default\n    'httpOptions' =\u003e [] // Additional Guzzle options\n]);\n\n$frontegg = new Client($config);\n\n// Example: Self-service operations (using user token)\n// The identity manager will automatically detect the token type\n$frontegg-\u003eidentity()-\u003eaddToken('your-jwt-token');\n$frontegg-\u003eauthenticate('your-jwt-token'); // is just a convenience method that calls addToken\n\n// Now use self-service operations\n$profile = $frontegg-\u003eselfService()-\u003eusers()-\u003egetProfile();\n\n// Example: Parse and validate a JWT token\n$token = 'your-jwt-token';\ntry {\n    // The identity manager will automatically fetch and validate tokens\n    // using the JWKS endpoint (/.well-known/jwks.json)\n    $identityManager = $frontegg-\u003eidentity();\n    \n    // Add and validate the token\n    $identityManager-\u003eaddToken($token);\n    \n    // Get the parsed claims\n    $claims = $identityManager-\u003eparseToken($token);\n    \n    // Access claims based on token type\n    if ($claims instanceof UserTokenClaims) {\n        echo \"User: \" . $claims-\u003egetName();\n        echo \"Email: \" . $claims-\u003egetEmail();\n    } elseif ($claims instanceof TenantTokenClaims) {\n        echo \"Created by user: \" . $claims-\u003egetCreatedByUserId();\n    }\n    \n    // Common claims available on all token types\n    echo \"Tenant ID: \" . $claims-\u003egetTenantId();\n    echo \"Permissions: \" . implode(\", \", $claims-\u003egetPermissions());\n} catch (\\Frontegg\\Exception\\HttpException $e) {\n    echo \"Token validation failed: \" . $e-\u003egetMessage();\n}\n\n// Example: Management operations (using vendor token)\n$users = $frontegg-\u003emanagement()-\u003eusers()-\u003egetUsers();\n\n// Example: Parse and validate a JWT token\n$token = 'your-jwt-token';\ntry {\n    // The identity manager will automatically fetch and validate tokens\n    // using the JWKS endpoint (/.well-known/jwks.json)\n    $identityManager = $frontegg-\u003eidentity();\n    \n    // Add and validate the token\n    $identityManager-\u003eaddToken($token);\n    \n    // Get the parsed claims\n    $claims = $identityManager-\u003eparseToken($token);\n    \n    // Access claims based on token type\n    if ($claims instanceof UserTokenClaims) {\n        echo \"User: \" . $claims-\u003egetName();\n        echo \"Email: \" . $claims-\u003egetEmail();\n    } elseif ($claims instanceof TenantTokenClaims) {\n        echo \"Created by user: \" . $claims-\u003egetCreatedByUserId();\n    }\n    \n    // Common claims available on all token types\n    echo \"Tenant ID: \" . $claims-\u003egetTenantId();\n    echo \"Permissions: \" . implode(\", \", $claims-\u003egetPermissions());\n} catch (\\Frontegg\\Exception\\HttpException $e) {\n    echo \"Token validation failed: \" . $e-\u003egetMessage();\n}\n```\n\n## Configuration\n\nYou can configure the client using environment variables:\n- `FRONTEGG_CLIENT_ID`: Your Frontegg Client ID\n- `FRONTEGG_API_KEY`: Your Frontegg API Key\n\nOr pass them directly to the `FronteggConfig` constructor as shown in the usage example.\n\n## Authentication\n\nThe SDK supports two types of authentication:\n\n### Vendor Authentication\nUsed for management operations. The SDK automatically handles vendor token acquisition and renewal:\n```php\n// Uses vendor token automatically\n$users = $frontegg-\u003emanagement()-\u003eusers()-\u003egetUsers();\n$tenants = $frontegg-\u003emanagement()-\u003etenants()-\u003egetTenants();\n```\n\n### User Authentication\nRequired for self-service operations. You can add any JWT token and the SDK will automatically determine its type:\n```php\n// Add a token (automatically detects type and validates)\n$frontegg-\u003eidentity()-\u003eaddToken($userJwtToken);\n\n// Now you can use self-service operations\n$profile = $frontegg-\u003eselfService()-\u003eusers()-\u003egetProfile();\n\n// Check if authenticated\nif ($frontegg-\u003eidentity()-\u003ehasToken()) {\n    // Do something\n}\n\n// Clear token when needed\n$frontegg-\u003eidentity()-\u003eclearToken();\n```\n\n## Token Validation\n\nThe SDK automatically validates JWT tokens using Frontegg's JWKS endpoint (/.well-known/jwks.json). This provides several benefits:\n\n1. **Automatic Key Rotation**: The SDK fetches the latest public keys from Frontegg's JWKS endpoint\n2. **Standards Compliance**: Uses standard JWT validation practices with RSA public keys\n3. **Security**: Validates token signatures and claims according to JWT standards\n4. **Automatic Type Detection**: Determines if a token is a user token, tenant token, or vendor token\n\n```php\n// The identity manager handles token validation automatically\n$identityManager = $frontegg-\u003eidentity();\n\n// Add a token (automatically validates and determines type)\n$identityManager-\u003eaddToken($token);\n\n// Get the current token\n$token = $identityManager-\u003egetToken();\n\n// Validate a token without storing it\nif ($identityManager-\u003evalidateToken($token)) {\n    echo \"Token is valid\";\n}\n```\n\n## Available Clients\n\nThe SDK provides access to various Frontegg services through dedicated clients:\n\n### Management Clients\n- `users()`: User management operations\n- `tenants()`: Tenant management operations\n- `roles()`: Role management operations\n- `permissions()`: Permission management operations\n- `events()`: Event management operations\n- `audits()`: Audit log operations\n- `groups()`: Group management operations\n\n### Self-Service Clients\n- `users()`: User self-service operations\n- `tenants()`: Tenant self-service operations\n- `sso()`: SSO configuration operations\n- `events()`: Event reporting operations\n\n### Identity Manager\nThe `identity()` client provides token management and validation:\n- Token parsing and validation\n- JWKS-based signature verification\n- Automatic token type detection\n- Token claims access with type safety\n\n## Token Claims\n\nThe SDK provides strongly-typed access to token claims through dedicated classes:\n- `TokenClaims`: Base claims (type, metadata, permissions, etc.)\n- `UserTokenClaims`: User-specific claims (name, email, etc.)\n- `TenantTokenClaims`: Tenant-specific claims (createdByUserId)\n\n## Error Handling\n\nThe SDK uses custom exceptions for error handling:\n\n- `HttpException`: Base exception for all HTTP-related errors\n  - `UnauthorizedException`: Authentication/authorization errors\n  - `ValidationException`: Input validation errors\n  - `NotFoundException`: Resource not found\n  - `RateLimitException`: API rate limit exceeded\n\nExample:\n```php\ntry {\n    $users = $frontegg-\u003emanagement()-\u003eusers()-\u003egetUsers();\n} catch (UnauthorizedException $e) {\n    // Handle authentication errors\n    echo \"Authentication failed: \" . $e-\u003egetMessage();\n} catch (HttpException $e) {\n    // Handle other API errors\n    echo \"API error: \" . $e-\u003egetMessage();\n}\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwheniwork%2Ffrontegg-php","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwheniwork%2Ffrontegg-php","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwheniwork%2Ffrontegg-php/lists"}