evansims / openfga-php
PHP SDK for OpenFGA.
Requires
Requires (Dev)
- ergebnis/composer-normalize: ^2
- friendsofphp/php-cs-fixer: ^3
- kriswallsmith/buzz: ^1.3
- nyholm/psr7: ^1.8
- open-telemetry/api: ^1.1
- open-telemetry/sdk: ^1.1
- pestphp/pest: ^3
- phpstan/phpstan: ^2
- phpstan/phpstan-strict-rules: ^2
- psr-mock/http-client-implementation: ^1
- psr-mock/http-factory-implementation: ^1
- psr-mock/http-message-implementation: ^1
- rector/rector: ^2
- vimeo/psalm: ^6
- wikimedia/composer-merge-plugin: ^2
Suggests
- open-telemetry/api: For observability support with metrics, tracing and logging
- open-telemetry/sdk: For OpenTelemetry SDK implementation
- tbachert/spi: For automatic service provider registration in SPI-compatible frameworks
This package is auto-updated.
Last update: 2025-06-02 20:56:35 UTC
README
OpenFGA PHP SDK
Stop writing authorization logic. Start asking questions.
Read the documentation to get started.
Why OpenFGA?
Every app needs permissions. Most developers end up with authorization logic scattered across controllers, middleware, and business logic. Changes break things. New features require touching dozens of files.
OpenFGA solves this. Define your authorization rules once, query them anywhere. This SDK provides a modern PHP interface to OpenFGA and Auth0 FGA.
Quick start
composer require evansims/openfga-php
use OpenFGA\Client; use function OpenFGA\{allowed, tuple}; $client = new Client(url: 'http://localhost:8080'); // Instead of scattered if statements in your controllers: if ($user->isAdmin() || $user->owns($document) || $user->team->canEdit($document)) { // ... } // Ask OpenFGA: $canEdit = allowed( client: $client, store: 'my-store', model: 'my-model', tuple: tuple('user:alice', 'editor', 'document:readme') ); // Zero business logic coupling. Pure authorization.
Highlights
- Zero business logic coupling — Authorization stays separate from your domain code
- Scalable architecture — Battle-tested relationship-based access control patterns inspired by Google Zanzibar
- Type-safe by design — Complete type hints, strict typing, and full IDE support
- Human-readable DSL — Define authorization models with intuitive syntax
- Production ready — OpenTelemetry observability, retry logic, and circuit breakers included
- Developer experience first — Stewarded by 30+ years of PHP expertise with intuitive APIs and comprehensive documentation
Learn more
Ready to build bulletproof authorization? See the documentation for:
- Getting started — Build your first authorization system in 10 minutes
- Authorization models — Define permission rules with intuitive DSL
- Queries — Check permissions and list accessible resources
- Authentication — Secure your production setup
Installation
composer require evansims/openfga-php
See the documentation for configuration and setup.
Contributing
Contributions are welcome — have a look at our contributing guidelines.