evansims/openfga-php


README

OpenFGA PHP SDK

codecov Psalm Type Coverage

Stop writing authorization logic. Start asking questions.
Read the documentation to get started.


Why OpenFGA?

Every app needs permissions. Most developers end up with authorization logic scattered across controllers, middleware, and business logic. Changes break things. New features require touching dozens of files.

OpenFGA solves this. Define your authorization rules once, query them anywhere. This SDK provides a modern PHP interface to OpenFGA and Auth0 FGA.

Quick start

composer require evansims/openfga-php
use OpenFGA\Client;
use function OpenFGA\{allowed, tuple};

$client = new Client(url: 'http://localhost:8080');

// Instead of scattered if statements in your controllers:
if ($user->isAdmin() || $user->owns($document) || $user->team->canEdit($document)) {
    // ...
}

// Ask OpenFGA:
$canEdit = allowed(
    client: $client,
    store: 'my-store',
    model: 'my-model',
    tuple: tuple('user:alice', 'editor', 'document:readme')
);

// Zero business logic coupling. Pure authorization.

Highlights

  • Zero business logic coupling — Authorization stays separate from your domain code
  • Scalable architecture — Battle-tested relationship-based access control patterns inspired by Google Zanzibar
  • Type-safe by design — Complete type hints, strict typing, and full IDE support
  • Human-readable DSL — Define authorization models with intuitive syntax
  • Production ready — OpenTelemetry observability, retry logic, and circuit breakers included
  • Developer experience first — Stewarded by 30+ years of PHP expertise with intuitive APIs and comprehensive documentation

Learn more

Ready to build bulletproof authorization? See the documentation for:

Installation

composer require evansims/openfga-php

See the documentation for configuration and setup.

Contributing

Contributions are welcome — have a look at our contributing guidelines.