### Install PHPdotenv and FastRoute Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md Install the dotenv and routing libraries required for the demo application. ```bash composer require vlucas/phpdotenv nikic/fast-route ``` -------------------------------- ### Install Auth0 PHP SDK v9 Beta Source: https://github.com/auth0/auth0-php/blob/main/README.md Use this command to install the beta version of the Auth0 PHP SDK, which includes a rewritten Management API client. ```bash composer require auth0/auth0-php:9.0.0-beta.0 ``` -------------------------------- ### Users Management Source: https://context7.com/auth0/auth0-php/llms.txt Examples for managing users, including retrieving all users, creating a new user, updating an existing user, assigning roles, and getting user permissions. ```APIDOC ## Users Management ### Get all users (paginated, with totals) ```php use Auth0\SDK\Utility\HttpResponse; // Get all users (paginated, with totals) $response = $mgmt->users()->getAll( parameters: ['fields' => 'user_id,email,name', 'include_totals' => 'true', 'per_page' => 25, 'page' => 0], ); $users = HttpResponse::decodeContent($response); print_r($users); ``` ### Create a user ```php $response = $mgmt->users()->create( connection: 'Username-Password-Authentication', body: [ 'email' => 'newuser@example.com', 'password' => 'SecurePass123!', 'email_verified' => true, 'user_metadata' => ['tier' => 'premium'], ], ); ``` ### Update a user ```php $response = $mgmt->users()->update( id: 'auth0|abc123', body: ['name' => 'Updated Name', 'blocked' => false], ); ``` ### Assign roles to a user ```php $mgmt->users()->addRoles(id: 'auth0|abc123', roles: ['rol_xyz789']); ``` ### Get user permissions ```php $response = $mgmt->users()->getPermissions(id: 'auth0|abc123'); ``` ``` -------------------------------- ### Install PSR7 and Buzz Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md Install PSR-17 (HTTP factory) and PSR-18 (HTTP client) implementations. ```bash composer require nyholm/psr7 kriswallsmith/buzz ``` -------------------------------- ### Install Auth0 PHP SDK and HTTP Client Source: https://context7.com/auth0/auth0-php/llms.txt Install the SDK via Composer, ensuring you include a compatible PSR-18 HTTP client and PSR-17 factory implementation. ```bash composer require auth0/auth0-php # Example compatible HTTP libraries (pick one set): composer require guzzlehttp/guzzle guzzlehttp/psr7 # or composer require kriswallsmith/buzz nyholm/psr7 ``` -------------------------------- ### Install Auth0 PHP SDK Source: https://github.com/auth0/auth0-php/blob/main/README.md Add the Auth0 PHP SDK to your application using Composer. Ensure you have the necessary dependencies installed beforehand. ```bash composer require auth0/auth0-php ``` -------------------------------- ### Run PHP Demo Application Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md Start the local PHP development server to run the demo application. Access it via http://localhost:3000. ```bash php -S localhost:3000 -t public/bootstrap.php ``` -------------------------------- ### Clients Management Source: https://context7.com/auth0/auth0-php/llms.txt Example for retrieving a list of clients with specified fields. ```APIDOC ## Clients Management ### Get all clients (with fields filter) ```php $response = $mgmt->clients()->getAll(parameters: ['fields' => 'client_id,name,app_type']); ``` ``` -------------------------------- ### Resource Servers (APIs) Management Source: https://context7.com/auth0/auth0-php/llms.txt Example for creating a new resource server (API). ```APIDOC ## Resource Servers (APIs) Management ### Create a resource server ```php $response = $mgmt->resourceServers()->create(body: [ 'identifier' => 'https://my-new-api.example.com', 'name' => 'My New API', 'signing_alg' => 'RS256', 'token_lifetime' => 86400, ]); ``` ``` -------------------------------- ### Connections Management Source: https://context7.com/auth0/auth0-php/llms.txt Example for retrieving connections filtered by strategy. ```APIDOC ## Connections Management ### Get all connections (filtered by strategy) ```php $response = $mgmt->connections()->getAll(parameters: ['strategy' => 'auth0']); ``` ``` -------------------------------- ### Logs Management Source: https://context7.com/auth0/auth0-php/llms.txt Example for retrieving logs with pagination and totals included. ```APIDOC ## Logs Management ### Get all logs (paginated, with totals) ```php $response = $mgmt->logs()->getAll(parameters: ['per_page' => 50, 'include_totals' => 'true']); ``` ``` -------------------------------- ### Get Configuration Source: https://github.com/auth0/auth0-php/blob/main/docs/API/Auth0.md Retrieves the SdkConfiguration instance used during SDK initialization. ```APIDOC ## configuration ### Description Returns the [SdkConfiguration](Configuration/SdkConfiguration.md) instance that was passed during SDK initialization. ### Method (Implicitly called via SDK instance) ``` -------------------------------- ### Get Action Versions Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves all versions of a specific action. ```APIDOC ## GET /api/v2/actions/actions/{actionId}/versions ### Description Retrieves all versions of a specific action. ### Method GET ### Endpoint /api/v2/actions/actions/{actionId}/versions ### Parameters #### Path Parameters - **actionId** (string) - Required - The ID of the action whose versions are to be retrieved. ### Response #### Success Response (200) - **versions** (array) - An array of version objects for the specified action. - **id** (string) - The unique identifier for the version. - **created_at** (string) - The timestamp when the version was created. - **updated_at** (string) - The timestamp when the version was last updated. - **status** (string) - The status of the version (e.g., 'current', 'draft'). ### Response Example ```json { "versions": [ { "id": "av_versionid1", "created_at": "2023-01-01T10:00:00.000Z", "updated_at": "2023-01-01T10:00:00.000Z", "status": "current" }, { "id": "av_versionid2", "created_at": "2023-01-02T09:00:00.000Z", "updated_at": "2023-01-02T09:00:00.000Z", "status": "draft" } ], "total": 2, "start": 0, "limit": 10 } ``` ``` -------------------------------- ### Initialize Management API and Retrieve Connections Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to set up the SDK configuration, instantiate the Management API, and retrieve all connections. Includes an example of iterating through paginated results. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // Connections API methods are available from the Management class' connections() method. $connections = $management->connections(); // Retrieves the first batch of results results. $results = $connections->getAll(); // You can then iterate (and auto-paginate) through all available results. foreach ($connections->getResponsePaginator() as $connection) { // Do something with the connection. } // Or, just work with the initial batch from the response. var_dump(HttpResponse::decode($results)); // [ // { // "name": "", // "display_name": "", // "options": {}, // "id": "", // "strategy": "", // "realms": [ // "" // ], // "is_domain_connection": false, // "metadata": {} // } // ] ``` -------------------------------- ### Roles Management Source: https://context7.com/auth0/auth0-php/llms.txt Examples for managing roles, including retrieving roles with filters and assigning permissions to a role. ```APIDOC ## Roles Management ### Get all roles (with filter) ```php $response = $mgmt->roles()->getAll(parameters: ['name_filter' => 'admin']); ``` ### Assign permissions to a role ```php $mgmt->roles()->addPermissions( id: 'rol_xyz789', permissions: [['permission_name' => 'read:reports', 'resource_server_identifier' => 'https://api.example.com']], ); ``` ``` -------------------------------- ### Initialize Auth0 SDK and Access Management API Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to set up the SDK configuration and instantiate the Auth0 client. The Management API is then accessed through the `management()` method. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The Users class is accessible from the Management API's users() method. $users = $management->users(); ``` -------------------------------- ### Get All Users Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a list of all users. This method corresponds to the GET /api/v2/users endpoint. ```APIDOC ## GET /api/v2/users ### Description Retrieves a list of all users. ### Method GET ### Endpoint /api/v2/users ### Parameters #### Query Parameters - **fields** (array) - Optional - Specifies the fields to include in the response. - **include_fields** (boolean) - Optional - Determines whether to include or exclude specified fields. - **page** (integer) - Optional - Specifies the page number of the results to retrieve. - **per_page** (integer) - Optional - Specifies the number of results per page. - **q** (string) - Optional - A query string to search for users. - **search_engine** (string) - Optional - The search engine to use. - **sort** (string) - Optional - Specifies the field to sort the results by. - **include_totals** (boolean) - Optional - Indicates whether to include total counts in the response. - **connection** (string) - Optional - Filters users by a specific connection. ### Response #### Success Response (200) - **users** (array) - An array of user objects. - **total** (integer) - The total number of users found. - **start** (integer) - The starting index of the returned results. - **limit** (integer) - The maximum number of users to return per page. ``` -------------------------------- ### Initialize Authentication Client Source: https://context7.com/auth0/auth0-php/llms.txt Instantiate the `Authentication` client with SDK configuration. Ensure all configuration parameters are correctly set. ```php use Auth0\SDK\API\Authentication; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; $config = new SdkConfiguration( strategy: SdkConfiguration::STRATEGY_REGULAR, domain: 'your-tenant.auth0.com', clientId: 'YOUR_CLIENT_ID', clientSecret: 'YOUR_CLIENT_SECRET', redirectUri: 'https://example.com/callback', cookieSecret: 'replace-with-a-long-random-secret', ); $auth = new Authentication($config); ``` -------------------------------- ### Get All Clients Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a batch of clients. You can iterate through all available results using the response paginator. ```APIDOC ## GET /api/v2/clients ### Description Retrieves a list of clients. This method fetches the first batch of results and provides a paginator for subsequent results. ### Method GET ### Endpoint /api/v2/clients ### SDK Method `clients()->getAll()` ### Response #### Success Response (200) - **clients** (array) - An array of client objects. ### Request Example ```php // Retrieves the first batch of results $results = $clients->getAll(); // Iterate through all available results (auto-pagination) foreach ($clients->getResponsePaginator() as $client) { // Do something with the client. } // Decode the initial batch of results var_dump(HttpResponse::decode($results)); ``` ### Response Example ```json [ { "client_id": "", "tenant": "", "name": "", ... } ] ``` ``` -------------------------------- ### Get Login URL Source: https://context7.com/auth0/auth0-php/llms.txt Generate a direct URL for initiating the Auth0 login flow. ```APIDOC ## Get login URL string directly ### Description Generate a direct URL that can be used to redirect users to the Auth0 login page. This is useful for initiating the authentication flow without making direct API calls for token exchange. ### Method `getLoginLink` ### Parameters - `state` (string) - Required - A unique, opaque value used to maintain state between the request and callback. Recommended to be a random string. - `redirectUri` (string) - Required - The URL to redirect the user to after authentication. - `params` (array) - Optional - Additional parameters to include in the login URL, such as 'organization'. ### Request Example ```php $loginUrl = $auth->getLoginLink( state: bin2hex(random_bytes(16)), redirectUri: 'https://example.com/callback', params: ['organization' => 'org_xyz'], ); ``` ### Response #### Success Response Returns a string representing the complete login URL. #### Response Example ``` https://your-tenant.auth0.com/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=https%3A%2F%2Fexample.com%2Fcallback&state=random_state_string&scope=openid%20profile%20email&organization=org_xyz ``` ``` -------------------------------- ### Initialize Management API and Access Resource Servers Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to set up the Auth0 SDK configuration, instantiate the Management API, and access the Resource Servers endpoint. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The Resource Servers endpoint is accessible from the Management class' resourceServers() method. $resourceServers = $management->resourceServers(); ``` -------------------------------- ### Initiate Login Flow Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md Redirect users to Auth0's Universal Login Page to start the authentication process. This route should be accessible via '/login'. ```php login()); ``` -------------------------------- ### Organizations Management Source: https://context7.com/auth0/auth0-php/llms.txt Examples for managing organizations, including retrieving all organizations and adding members to an organization. ```APIDOC ## Organizations Management ### Get all organizations ```php $response = $mgmt->organizations()->getAll(); $orgs = HttpResponse::decodeContent($response); ``` ### Add members to an organization ```php $mgmt->organizations()->addMembers( id: 'org_abc123', members: ['auth0|user1', 'auth0|user2'], ); ``` ``` -------------------------------- ### Initialize Auth0 SDK and Access Management API Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates the basic setup for using the Auth0 PHP SDK, including configuration and instantiation of the Management API client. This is a prerequisite for all subsequent Management API calls. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); ``` -------------------------------- ### Get User Blocks Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a list of all user blocks. This method corresponds to the GET /api/v2/user-blocks endpoint. ```APIDOC ## GET /api/v2/user-blocks ### Description Retrieves a list of all user blocks. ### Method GET ### Endpoint /api/v2/user-blocks ### Parameters #### Query Parameters - **id** (string) - Required - The ID of the user to retrieve blocks for. ### Response #### Success Response (200) - **blocked_for** (array) - A list of objects, where each object contains the identifier and IP address for which the user is blocked. ### Response Example ```json { "blocked_for": [ { "identifier": "...", "ip": "..." } ] } ``` ``` -------------------------------- ### Get All Actions Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a list of all actions. Supports pagination for handling large result sets. ```APIDOC ## GET /api/v2/actions/actions ### Description Retrieves a list of all actions. This method supports pagination. ### Method GET ### Endpoint /api/v2/actions/actions ### Parameters #### Query Parameters - **limit** (integer) - Optional - The number of results to return per page. - **offset** (integer) - Optional - The number of results to skip before returning results. ### Response #### Success Response (200) - **actions** (array) - An array of action objects. - **id** (string) - The unique identifier for the action. - **name** (string) - The name of the action. - **supported_triggers** (array) - An array of supported trigger IDs. - **protected** (boolean) - Indicates if the action is protected. - **status** (string) - The current status of the action (e.g., 'enabled', 'disabled'). - **created_at** (string) - The timestamp when the action was created. - **updated_at** (string) - The timestamp when the action was last updated. ### Request Example ```http GET /api/v2/actions/actions?limit=10&offset=0 HTTP/1.1 Host: YOUR_AUTH0_DOMAIN Authorization: Bearer YOUR_API_TOKEN ``` ### Response Example ```json { "actions": [ { "id": "act_abcdef1234567890", "name": "MyFirstAction", "supported_triggers": [{"id": "post-login", "version": "v2"}], "protected": false, "status": "enabled", "created_at": "2023-01-01T10:00:00.000Z", "updated_at": "2023-01-01T10:00:00.000Z" } ], "total": 1, "start": 0, "limit": 10 } ``` ``` -------------------------------- ### Get User by ID Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a specific user by their ID. This method corresponds to the GET /api/v2/users/{id} endpoint. ```APIDOC ## GET /api/v2/users/{id} ### Description Retrieves a specific user by their ID. ### Method GET ### Endpoint /api/v2/users/{id} ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user to retrieve. #### Query Parameters - **fields** (array) - Optional - Specifies the fields to include in the response. - **include_fields** (boolean) - Optional - Determines whether to include or exclude specified fields. ### Response #### Success Response (200) - **user_id** (string) - The ID of the user. - **email** (string) - The email address of the user. - **username** (string) - The username of the user. - **name** (string) - The full name of the user. - **given_name** (string) - The first name of the user. - **family_name** (string) - The last name of the user. - **picture** (string) - The URL of the user's profile picture. - **created_at** (string) - The timestamp when the user was created. - **updated_at** (string) - The timestamp when the user was last updated. - **email_verified** (boolean) - Whether the user's email is verified. - **blocked** (boolean) - Whether the user account is blocked. - **user_metadata** (object) - Custom data associated with the user. - **app_metadata** (object) - Application-specific metadata. ``` -------------------------------- ### Get User Permissions Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the permissions granted to a user. This method corresponds to the GET /api/v2/users/{id}/permissions endpoint. ```APIDOC ## GET /api/v2/users/{id}/permissions ### Description Retrieves the permissions granted to a user. ### Method GET ### Endpoint /api/v2/users/{id}/permissions ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user. ### Response #### Success Response (200) - **permissions** (array) - An array of permission objects granted to the user. ``` -------------------------------- ### Initialize Auth0 Management API and Retrieve Actions Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to initialize the Auth0 SDK with configuration, access the Management API, and retrieve a batch of Actions. Includes an example of iterating through paginated results. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // Actions API methods are available from the Management class' actions() method. $actions = $management->actions(); // Retrieves the first batch of results results. $results = $actions->getAll(); // You can then iterate (and auto-paginate) through all available results. foreach ($actions->getResponsePaginator() as $action) { // Do something with the action. } ``` -------------------------------- ### XSS via URL parameters Source: https://github.com/auth0/auth0-php/blob/main/tests/Data/XssTestCollection.txt Shows examples of potential XSS vulnerabilities through URL parameters, indicated by '??XSS??'. ```url http://www.simpatie.ro/index.php?page=friends&member=781339&javafunctionname=Pageclick&javapgno=2 javapgno=2 ??XSS?? ``` ```url http://www.simpatie.ro/index.php?page=top_movies&cat=13&p=2 p=2 ??XSS?? ``` -------------------------------- ### Get User Roles Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the roles assigned to a user. This method corresponds to the GET /api/v2/users/{id}/roles endpoint. ```APIDOC ## GET /api/v2/users/{id}/roles ### Description Retrieves the roles assigned to a user. ### Method GET ### Endpoint /api/v2/users/{id}/roles ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user. ### Response #### Success Response (200) - **roles** (array) - An array of role objects assigned to the user. ``` -------------------------------- ### Initialize SDK and Get User by Email Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to set up the Auth0 SDK configuration, instantiate the SDK, access the Management API, and then use the UsersByEmail class to retrieve a user's details via their email address. Ensure your SDK configuration is correctly set with your Auth0 domain, client ID, and client secret. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The UsersByEmail class is accessible from the Management API's usersByEmail() method. $usersByEmail = $management->usersByEmail(); // Get a single user by email. $result = $usersByEmail->get('...'); dump(HttpResponse::decodedBody($result)); // { // "user_id": "...", // "email": "...", // "email_verified": true, // ... // } ``` -------------------------------- ### Get User Logs Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the logs associated with a user. This method corresponds to the GET /api/v2/users/{id}/logs endpoint. ```APIDOC ## GET /api/v2/users/{id}/logs ### Description Retrieves the logs associated with a user. ### Method GET ### Endpoint /api/v2/users/{id}/logs ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user. #### Query Parameters - **page** (integer) - Optional - Specifies the page number of the logs to retrieve. - **per_page** (integer) - Optional - Specifies the number of logs per page. - **sort** (string) - Optional - Specifies the field to sort the logs by. - **include_totals** (boolean) - Optional - Indicates whether to include total counts in the response. ### Response #### Success Response (200) - **logs** (array) - An array of log objects associated with the user. - **total** (integer) - The total number of logs found. - **start** (integer) - The starting index of the returned logs. - **limit** (integer) - The maximum number of logs to return per page. ``` -------------------------------- ### Initialize Auth0 Management API and Get Clients Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md This snippet demonstrates how to set up the Auth0 SDK configuration, instantiate the SDK, access the Management API, and retrieve the first batch of clients. It also shows how to iterate through all paginated results using `getResponsePaginator`. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // Clients API methods are available from the Management class' clients() method. $clients = $management->clients(); // Retrieves the first batch of results results. $results = $clients->getAll(); // You can then iterate (and auto-paginate) through all available results. foreach ($clients->getResponsePaginator() as $client) { // Do something with the client. } // Or, just work with the initial batch from the response. var_dump(HttpResponse::decode($results)); // [ // { // "client_id": "", // "tenant": "", // "name": "", // ... // } // ] ``` -------------------------------- ### Initiate Email Passwordless Authentication Source: https://github.com/auth0/auth0-php/blob/main/EXAMPLES.md Starts the email passwordless authentication flow. Requires `domain`, `clientId`, `clientSecret`, and `cookieSecret` to be configured. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '..', cookieSecret: '...', ); $auth0 = new Auth0($configuration); $api = $auth0->authentication(); $api->emailPasswordlessStart( email: 'someone@somewhere.com', ); ``` -------------------------------- ### Get User Organizations Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the organizations a user belongs to. This method corresponds to the GET /api/v2/users/{id}/organizations endpoint. ```APIDOC ## GET /api/v2/users/{id}/organizations ### Description Retrieves the organizations a user belongs to. ### Method GET ### Endpoint /api/v2/users/{id}/organizations ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user. ### Response #### Success Response (200) - **organizations** (array) - An array of organization objects the user belongs to. ``` -------------------------------- ### Initialize Auth0 Management API and Access Organizations Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to set up the SDK configuration, instantiate the Auth0 client, and access the Organizations class for management operations. Ensure your SDK configuration includes the necessary domain, clientId, and clientSecret. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The Organizations class is accessible from the Management class' organizations() method. $organizations = $management->organizations(); ``` -------------------------------- ### Get User Enrollments Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the MFA enrollments for a user. This method corresponds to the GET /api/v2/users/{id}/enrollments endpoint. ```APIDOC ## GET /api/v2/users/{id}/enrollments ### Description Retrieves the MFA enrollments for a user. ### Method GET ### Endpoint /api/v2/users/{id}/enrollments ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user whose enrollments to retrieve. ### Response #### Success Response (200) - **enrollments** (array) - An array of MFA enrollment objects for the user. ``` -------------------------------- ### Initialize Auth0 Management API and Manage Roles Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Demonstrates how to initialize the Auth0 SDK, access the Management API, and perform common role operations like creating and retrieving roles. Includes examples for iterating through paginated results or processing the initial batch. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The Roles endpoint class is accessible from the Management class' roles() method. $roles = $management->roles(); // Create a new role. $roles->create( name: 'My Example Role', body: [ 'description' => 'This is an example role.', ] ); // Get all roles. $results = $roles->getAll(); // You can then iterate (and auto-paginate) through all available results. foreach ($logStreams->getResponsePaginator() as $logStream) { // Do something with the log stream. dump($logStream); // { // "id": "", // "name": "", // "description": "", // } } // Or, just work with the initial batch from the response. var_dump(HttpResponse::decode($results)); // [ // { // "id": "", // "name": "", // "description": "", // } // ] ``` -------------------------------- ### PHPDoc Block Example Source: https://github.com/auth0/auth0-php/blob/main/CONTRIBUTING.md All public methods and classes should be documented with PHPDoc blocks. Note the specific formatting for the @param attribute. ```php /** * Register a binding with the container. * * @param string|array $abstract * @param \Closure|string|null $concrete * @param bool $shared * @return void * * @throws \Exception */ public function bind($abstract, $concrete = null, $shared = false) { // } ``` -------------------------------- ### Get User Authentication Methods Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves the authentication methods for a user. This method corresponds to the GET /api/v2/users/{user}/authentication-methods endpoint. ```APIDOC ## GET /api/v2/users/{user}/authentication-methods ### Description Retrieves the authentication methods for a user. ### Method GET ### Endpoint /api/v2/users/{user}/authentication-methods ### Parameters #### Path Parameters - **user** (string) - Required - The ID of the user. ### Response #### Success Response (200) - **authentication_methods** (array) - An array of authentication method objects. ``` -------------------------------- ### Create Project with Demo Skeleton Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md Use this Composer command to create a new project with a pre-configured demo skeleton. ```bash composer create-project auth0/auth0-php:demo-skeleton auth0-php-demo ``` -------------------------------- ### Get User Blocks By Identifier Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves user blocks by a specific identifier. This method corresponds to the GET /api/v2/user-blocks/{id} endpoint. ```APIDOC ## GET /api/v2/user-blocks/{id} ### Description Retrieves user blocks by a specific identifier. ### Method GET ### Endpoint /api/v2/user-blocks/{id} ### Parameters #### Path Parameters - **id** (string) - Required - The identifier of the user to retrieve blocks for. ### Response #### Success Response (200) - **blocked_for** (array) - A list of objects, where each object contains the identifier and IP address for which the user is blocked. ### Response Example ```json { "blocked_for": [ { "identifier": "...", "ip": "..." } ] } ``` ``` -------------------------------- ### Initialize Auth0 SDK and Access Management API Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md This snippet demonstrates how to configure the Auth0 SDK with your domain, client ID, and client secret, and then access the Management API instance. Ensure your SDK configuration is correct before proceeding. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); ``` -------------------------------- ### Get User Authentication Method by ID Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a specific authentication method for a user. This method corresponds to the GET /api/v2/users/{id}/authentication-methods/{method} endpoint. ```APIDOC ## GET /api/v2/users/{id}/authentication-methods/{method} ### Description Retrieves a specific authentication method for a user. ### Method GET ### Endpoint /api/v2/users/{id}/authentication-methods/{method} ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the user. - **method** (string) - Required - The ID of the authentication method. ``` -------------------------------- ### Bootstrap Application with Auth0 SDK Source: https://github.com/auth0/auth0-php/blob/main/docs/Getting Started/README.md This PHP script sets up the autoloader, loads environment variables, configures the Auth0 SDK, and defines application routes. ```php load(); // Configure and instantiate the SDK require __DIR__ . '/../auth0.php'; if (getenv('HTTP_HOST') !== 'localhost') { die('Please invoke this application from `localhost`.'); } // Setup the routes for the application $dispatcher = FastRoute\simpleDispatcher(function(FastRoute\RouteCollector $r) { $r->addRoute('GET', '/', 'index'); $r->addRoute('GET', '/login', 'login'); $r->addRoute('GET', '/callback', 'callback'); $r->addRoute('GET', '/logout', 'logout'); }); // Fetch method and URI of the incoming request $httpMethod = $_SERVER['REQUEST_METHOD']; $uri = $_SERVER['REQUEST_URI']; // Strip query string (?foo=bar) and decode URI if (false !== $pos = strpos($uri, '?')) { $uri = substr($uri, 0, $pos); } $uri = rawurldecode($uri); // Match the incoming request against the routes $routeInfo = $dispatcher->dispatch($httpMethod, $uri); switch ($routeInfo[0]) { case FastRoute\Dispatcher::NOT_FOUND: // ... 404 Not Found break; case FastRoute\Dispatcher::METHOD_NOT_ALLOWED: $allowedMethods = $routeInfo[1]; // ... 405 Method Not Allowed break; case FastRoute\Dispatcher::FOUND: $handler = $routeInfo[1]; $vars = $routeInfo[2]; // Include the route's matching PHP file require __DIR__ . '/routes/' . $handler . '.php'; break; } ``` -------------------------------- ### Initialize Auth0 SDK and Handle Web App Flow Source: https://context7.com/auth0/auth0-php/llms.txt Initializes the Auth0 SDK with configuration and demonstrates the complete web application authentication flow, including login redirection, callback processing, session checking, token renewal, and logout. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Token; $auth0 = new Auth0(new SdkConfiguration( domain: 'your-tenant.auth0.com', clientId: 'YOUR_CLIENT_ID', clientSecret: 'YOUR_CLIENT_SECRET', redirectUri: 'https://example.com/callback', cookieSecret: 'a-very-long-random-secret-string-at-least-32-bytes', scope: ['openid', 'profile', 'email', 'offline_access'], )); // --- Login: redirect to Auth0 Universal Login page --- if (null === $auth0->getExchangeParameters()) { $loginUrl = $auth0->login( redirectUrl: 'https://example.com/callback', params: ['prompt' => 'login'], ); header('Location: ' . $loginUrl); exit; } // --- Callback: exchange authorization code for tokens --- try { $auth0->exchange(redirectUri: 'https://example.com/callback'); } catch (\Throwable $e) { echo 'Exchange failed: ' . $e->getMessage(); exit; } // --- Check authentication state --- $session = $auth0->getCredentials(); if (null === $session || $session->accessTokenExpired) { header('Location: ' . $auth0->login()); exit; } // $session is an object with: // - $session->user (array of ID token claims) // - $session->accessToken (string) // - $session->idToken (string) // - $session->refreshToken (string|null) // - $session->accessTokenExpiration (int timestamp) // - $session->accessTokenExpired (bool) // - $session->accessTokenScope (array of strings) echo 'Hello, ' . ($session->user['name'] ?? 'user'); echo 'Access token: ' . $session->accessToken; // --- Renew tokens using refresh token --- if ($session->accessTokenExpired) { try { $auth0->renew(); $session = $auth0->getCredentials(); // updated session } catch (\Throwable $e) { header('Location: ' . $auth0->login()); exit; } } // --- Logout: clear session and redirect --- $logoutUrl = $auth0->logout(returnUri: 'https://example.com/'); header('Location: ' . $logoutUrl); exit; ``` -------------------------------- ### XSS via Inline Script Execution Source: https://github.com/auth0/auth0-php/blob/main/tests/Data/XssTestCollection.txt This example shows a basic XSS attack where JavaScript code is directly embedded within a SCRIPT tag. The 'alert' function is commonly used in examples to demonstrate script execution. ```html ``` -------------------------------- ### Initialize Management API and Access User Blocks Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md This snippet demonstrates how to set up the Auth0 SDK configuration, instantiate the SDK, access the Management API, and then retrieve the User Blocks endpoint class. It shows the initial setup required before interacting with user block functionalities. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The User Blocks endpoint class is accessible from the Management class' userBlocks() method. $userBlocks = $management->userBlocks(); // Retrieve a list of all user blocks. $results = $userBlocks->get('...'); var_dump(HttpResponse::decode($results)); // { // "blocked_for": [ // { // "identifier": "...", // "ip": "..." // } // ] // } ``` -------------------------------- ### Get Client by ID Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a specific client by its ID. ```APIDOC ## GET /api/v2/clients/{id} ### Description Retrieves a specific client using its unique identifier. ### Method GET ### Endpoint /api/v2/clients/{id} ### SDK Method `clients()->get(string $id)` ### Parameters #### Path Parameters - **id** (string) - Required - The unique identifier of the client to retrieve. ### Request Example ```php $client = $clients->get('some_client_id'); ``` ``` -------------------------------- ### Initialize Auth0 Management API and Access Email Templates Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md This snippet demonstrates the initial setup for using the Auth0 PHP SDK. It shows how to configure the SDK with your Auth0 domain, client ID, and client secret, then instantiate the Management API client. Finally, it accesses the emailTemplates() method to prepare for email template operations. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // Email Templates API methods are available from the Management class' emailTemplates() method. $templates = $management->emailTemplates(); ``` -------------------------------- ### Get Triggers Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md Retrieves a list of all available action triggers. ```APIDOC ## GET /api/v2/actions/triggers ### Description Retrieves a list of all available action triggers. ### Method GET ### Endpoint /api/v2/actions/triggers ### Response #### Success Response (200) - **triggers** (array) - An array of trigger objects. - **id** (string) - The unique identifier for the trigger. - **name** (string) - The name of the trigger. - **supported_flows** (array) - An array of supported flow types for the trigger. ### Response Example ```json { "triggers": [ { "id": "post-login", "name": "Post Login", "supported_flows": ["user- மாற்றம்"] }, { "id": "credentials-exchange", "name": "Credentials Exchange", "supported_flows": [] } ], "total": 2, "start": 0, "limit": 10 } ``` ``` -------------------------------- ### Manage Auth0 Rules with PHP SDK Source: https://github.com/auth0/auth0-php/blob/main/docs/Management.md This snippet demonstrates how to initialize the Auth0 SDK, access the Management API, and perform operations on Rules. It shows how to create a new rule, retrieve all rules, and iterate through paginated results. Ensure the SDK is configured with your Auth0 domain, client ID, and client secret. ```php use Auth0\SDK\Auth0; use Auth0\SDK\Configuration\SdkConfiguration; use Auth0\SDK\Utility\HttpResponse; // Set up the SDK configuration object. $configuration = new SdkConfiguration( domain: '...', clientId: '...', clientSecret: '...', ) // Instantiate the SDK using the configuration. $auth0 = new Auth0($configuration); // The Management API class is accessible from the SDK's management() method. $management = $auth0->management(); // The Rules endpoint class is accessible from the Management class' rules() method. $rules = $management->rules(); // Create a new rule. $rules->create( name: 'My Example Rule', script: 'function (user, context, callback) { callback(null, user, context); }' ); // Get all rules. $results = $rules->getAll(); // You can then iterate (and auto-paginate) through all available results. foreach ($logStreams->getResponsePaginator() as $logStream) { // Do something with the log stream. dump($logStream); // { // "id": "", // "name": "", // "script": "", // "enabled": true, // "order": 0, // "stage": "login_success", // } } // Or, just work with the initial batch from the response. var_dump(HttpResponse::decode($results)); // [ // { // "id": "", // "name": "", // "script": "", // "enabled": true, // "order": 0, // "stage": "login_success", // } // ] ```